Sign upLogin

secureCodeBox/secureCodeBox

View on GitHub
Star

Showing 195 of 515 total issues

Method ServiceScanReconciler.SetupWithManager has 6 return statements (exceeds 4 allowed).
Open

func (r *ServiceScanReconciler) SetupWithManager(mgr ctrl.Manager) error {
    // Check if scan names are unique
    if err := util.CheckUniquenessOfScanNames(r.Config.ContainerAutoDiscoveryConfig.ScanConfigs); err != nil {
        r.Log.Error(err, "Scan names are not unique")
        return err
Severity: Major
Found in auto-discovery/kubernetes/controllers/service_scan_controller.go - About 40 mins to fix

    Function uploadFile has 6 return statements (exceeds 4 allowed).
    Open

    func uploadFile(path, url string) error {
    file, err := os.Open(path)
    if err != nil {
        log.Printf("Failed to open file: %v", err)
        return err
    Severity: Major
    Found in lurker/main.go - About 40 mins to fix

      Method ContainerScanReconciler.createScheduledScanWithImagePullSecrets has 5 arguments (exceeds 4 allowed). Consider refactoring.
      Open

      func (r *ContainerScanReconciler) createScheduledScanWithImagePullSecrets(ctx context.Context, pod corev1.Pod, imageID string, scanConfig configv1.ScanConfig, secrets []corev1.LocalObjectReference) {
      Severity: Minor
      Found in auto-discovery/kubernetes/controllers/container_scan_controller.go - About 35 mins to fix

        Function keepWaitingForMainContainerToExit has 5 arguments (exceeds 4 allowed). Consider refactoring.
        Open

        func keepWaitingForMainContainerToExit(context context.Context, container string, podName string, namespace string, clientset *kubernetes.Clientset) bool {
        Severity: Minor
        Found in lurker/main.go - About 35 mins to fix

          Method ContainerScanReconciler.generateScanWithVolumeMounts has 5 arguments (exceeds 4 allowed). Consider refactoring.
          Open

          func (r *ContainerScanReconciler) generateScanWithVolumeMounts(pod corev1.Pod, imageID string, scanConfig configv1.ScanConfig, namespace corev1.Namespace, secrets []corev1.LocalObjectReference) executionv1.ScheduledScan {
          Severity: Minor
          Found in auto-discovery/kubernetes/controllers/container_scan_controller.go - About 35 mins to fix

            Function getCascadingScans has 5 arguments (exceeds 4 allowed). Consider refactoring.
            Open

              parentScan: Scan,
  findings: Array<Finding>,
  cascadingRules: Array<CascadingRule>,
  cascadedRuleUsedForParentScan: CascadingRule,
  parseDefinition: ParseDefinition
            Severity: Minor
            Found in hooks/cascading-scans/hook/hook.ts - About 35 mins to fix

              Function __configure_proxy_authentication has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
              Open

                  def __configure_proxy_authentication(self, proxy_config: collections.OrderedDict):
        """Private method to configure the proxy authenication, based on the configuration settings."""

        # Configure ZAP outgoing proxy server authentication
        if "authentication" in proxy_config and (
              Severity: Minor
              Found in scanners/zap-advanced/scanner/zapclient/settings/zap_settings.py - About 35 mins to fix

              Cognitive Complexity

              Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

              A method's cognitive complexity is based on a few simple rules:

              • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
              • Code is considered more complex for each "break in the linear flow of the code"
              • Code is considered more complex when "flow breaking structures are nested"

              Further reading

              Function getNextSchedule has 5 return statements (exceeds 4 allowed).
              Open

              func getNextSchedule(r *ScheduledScanReconciler, scheduledScan executionv1.ScheduledScan, now time.Time) (next time.Time, err error) {
    // check if the Cron schedule is set
    if scheduledScan.Spec.Schedule != "" {
        sched, err := cron.ParseStandard(scheduledScan.Spec.Schedule)
        if err != nil {
              Severity: Major
              Found in operator/controllers/execution/scheduledscan_controller.go - About 35 mins to fix

                Method ContainerScanReconciler.Reconcile has 5 return statements (exceeds 4 allowed).
                Open

                func (r *ContainerScanReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) {
    log := r.Log

    log.V(8).Info("Something happened to a pod", "pod", req.Name, "namespace", req.Namespace)
                Severity: Major
                Found in auto-discovery/kubernetes/controllers/container_scan_controller.go - About 35 mins to fix

                  Method ScanReconciler.SetupWithManager has 5 return statements (exceeds 4 allowed).
                  Open

                  func (r *ScanReconciler) SetupWithManager(mgr ctrl.Manager) error {
    r.MinioClient = *r.initS3Connection()

    // Todo: Better config management
                  Severity: Major
                  Found in operator/controllers/execution/scans/scan_controller.go - About 35 mins to fix

                    Method ScanReconciler.setHookStatus has 5 return statements (exceeds 4 allowed).
                    Open

                    func (r *ScanReconciler) setHookStatus(scan *executionv1.Scan) error {
    // Set (pending) Hook status on the scan
    ctx := context.Background()
    labelSelector, err := r.getLabelSelector(scan)
    if err != nil {
                    Severity: Major
                    Found in operator/controllers/execution/scans/hook_reconciler.go - About 35 mins to fix

                      Method equals has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
                      Open

                        @Override
  public boolean equals(Object o) {
    if (this == o) {
      return true;
    }
                      Severity: Minor
                      Found in hooks/persistence-defectdojo/hook/src/main/java/io/securecodebox/models/V1ScanStatusFindings.java - About 35 mins to fix

                      Cognitive Complexity

                      Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                      A method's cognitive complexity is based on a few simple rules:

                      • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                      • Code is considered more complex for each "break in the linear flow of the code"
                      • Code is considered more complex when "flow breaking structures are nested"

                      Further reading

                      Method ScheduledScanReconciler.SetupWithManager has 5 return statements (exceeds 4 allowed).
                      Open

                      func (r *ScheduledScanReconciler) SetupWithManager(mgr ctrl.Manager) error {
    // set up a real clock, since we're not in a test
    ctx := context.Background()
    if err := mgr.GetFieldIndexer().IndexField(ctx, &executionv1.Scan{}, ownerKey, func(rawObj client.Object) []string {
        // grab the job object, extract the owner...
                      Severity: Major
                      Found in operator/controllers/execution/scheduledscan_controller.go - About 35 mins to fix

                        Function parse has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
                        Open

                        async function parse(fileContent) {
  // The first scan always contains the image id a similar format to: "bkimminich/juice-shop:v10.2.0 (alpine 3.11.5)"

  let scanResults = fileContent;
  if (typeof fileContent === "string") {
                        Severity: Minor
                        Found in scanners/trivy/parser/parser.js - About 35 mins to fix

                        Cognitive Complexity

                        Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                        A method's cognitive complexity is based on a few simple rules:

                        • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                        • Code is considered more complex for each "break in the linear flow of the code"
                        • Code is considered more complex when "flow breaking structures are nested"

                        Further reading

                        Method ScanReconciler.Reconcile has 5 return statements (exceeds 4 allowed).
                        Open

                        func (r *ScanReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) {
    log := r.Log.WithValues("scan", req.NamespacedName)

    // get the scan
    var scan executionv1.Scan
                        Severity: Major
                        Found in operator/controllers/execution/scans/scan_controller.go - About 35 mins to fix

                          Method equals has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
                          Open

                            @Override
  public boolean equals(Object o) {
    if (this == o) {
      return true;
    }
                          Severity: Minor
                          Found in hooks/persistence-defectdojo/hook/src/main/java/io/securecodebox/models/V1ScanSpec.java - About 35 mins to fix

                          Cognitive Complexity

                          Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                          A method's cognitive complexity is based on a few simple rules:

                          • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                          • Code is considered more complex for each "break in the linear flow of the code"
                          • Code is considered more complex when "flow breaking structures are nested"

                          Further reading

                          Method equals has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
                          Open

                            @Override
  public boolean equals(Object o) {
    if (this == o) {
      return true;
    }
                          Severity: Minor
                          Found in hooks/persistence-defectdojo/hook/src/main/java/io/securecodebox/models/V1ScanSpecCascadesMatchExpressions.java - About 35 mins to fix

                          Cognitive Complexity

                          Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                          A method's cognitive complexity is based on a few simple rules:

                          • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                          • Code is considered more complex for each "break in the linear flow of the code"
                          • Code is considered more complex when "flow breaking structures are nested"

                          Further reading

                          Avoid too many return statements within this function.
                          Open

                              return ["Outdated Software", MEDIUM];
                          Severity: Major
                          Found in scanners/nikto/parser/parser.js - About 30 mins to fix

                            Avoid too many return statements within this function.
                            Open

                                  return null;
                            Severity: Major
                            Found in scanners/kubeaudit/parser/parser.js - About 30 mins to fix

                              Avoid too many return statements within this function.
                              Open

                                      return createAutomountedServiceAccountTokenFinding(finding);
                              Severity: Major
                              Found in scanners/kubeaudit/parser/parser.js - About 30 mins to fix
                                Severity
                                Category
                                Status
                                Source
                                Language