Sign upLogin

secureCodeBox/secureCodeBox

View on GitHub
Star

Showing 195 of 515 total issues

Function parse has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

function parse(fileContent) {
  // Only 0 when the target wasn't reachable
  if (!fileContent.server_scan_results || fileContent.server_scan_results.length === 0) {
    return [];
  }
Severity: Minor
Found in scanners/sslyze/parser/parser.js - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Function __configure_proxy_settings has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

    def __configure_proxy_settings(self, proxy_config: collections.OrderedDict):
        """Private method to configure all proxy specific setings, based on the configuration settings."""

        if self._is_not_empty_string("address", proxy_config):
            self.check_zap_result(
Severity: Minor
Found in scanners/zap-advanced/scanner/zapclient/settings/zap_settings.py - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Function get_correct_secret has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

def get_correct_secret(domain: str, secrets) -> dict[str, str]:
    """Iterates over given list of secrets to find the secret that matches the URL in the given imageID
    :param domain: The domain of the imageID of which the correct secret needs to be identified
    :param secrets: List of secrets
    :returns: Dict containing the secret matching the given imageID
Severity: Minor
Found in auto-discovery/kubernetes/pull-secret-extractor/secret_extraction.py - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Function getCategory has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

function getCategory(target) {
    let category = "Image Vulnerability";
    if (target.endsWith("package-lock.json") || target == "Node.js") {
      category = "NPM Package Vulnerability";
    } else if (target.endsWith("Gemfile.lock")) {
Severity: Minor
Found in scanners/trivy/parser/parser.js - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Function parse has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

async function parse(fileContent) {
  const { OWASPZAPReport } = await xml2js.parseStringPromise(fileContent);

  const findings = [];
Severity: Minor
Found in scanners/zap/parser/parser.js - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Function configure_context_authentication has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

    def configure_context_authentication(
        self, context: collections.OrderedDict, context_id: int
    ):
        """Protected method to configure the ZAP 'Context / Authentication Settings' based on a given ZAP config.
Severity: Minor
Found in scanners/zap-advanced/scanner/zapclient/context/zap_context_authentication.py - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Function main has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

async function main() {
  console.log("Starting Parser");
  let scan = await extractScan();
  let parseDefinition = await extractParseDefinition(scan);
  const resultFileUrl = process.argv[2];
Severity: Minor
Found in parser-sdk/nodejs/parser-wrapper.js - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Function get_domain_from_docker_image has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

def get_domain_from_docker_image(name: str) -> str:
    """
    Extracts domain and image from a given docker image. Has the same defaulting behavior when it comes to docker.io image as containerd
    Code adapted from https://github.com/containerd/containerd/blob/20de989afcd2fd4edc20e9b85312e49a8bbe152b/reference/docker/normalize.go#L102-L119
    :param name: docker image
Severity: Minor
Found in auto-discovery/kubernetes/pull-secret-extractor/docker_image.py - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Function print_spider_summary has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

    def print_spider_summary(self):
        """Method to print out a summary of the spider results"""

        logging.info("Ajax Spider complete")
Severity: Minor
Found in scanners/zap-advanced/scanner/zapclient/spider/zap_spider_ajax.py - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Function _configure_alert_filters has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

    def _configure_alert_filters(
        self, alert_filters: List[collections.OrderedDict], context_id: int
    ):
        """Protected method to configure the ZAP 'Context / Alert Filters' Settings based on a given ZAP config.
Severity: Minor
Found in scanners/zap-advanced/scanner/zapclient/context/zap_context.py - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Function get_alerts has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

    def get_alerts(self, baseurl, ignore_scan_rules, out_of_scope_dict):
        # Retrieve the alerts using paging in case there are lots of them
        start = 0
        count_per_page = 5000
        alert_dict = {}
Severity: Minor
Found in scanners/zap-advanced/scanner/zapclient/scanner/zap_scanner_active.py - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Function getScansMatchingRule has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

function getScansMatchingRule(
  parentScan: Scan,
  findings: Array<Finding>,
  cascadingRule: CascadingRule,
  parseDefinition: ParseDefinition
Severity: Minor
Found in hooks/cascading-scans/hook/hook.ts - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Function _configure_context_session_management has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

    def _configure_context_session_management(
        self, sessions_config: collections.OrderedDict, context_id: int
    ):
        """Protected method to configure the ZAP 'Context / Session Mannagement' Settings based on a given ZAP config.
Severity: Minor
Found in scanners/zap-advanced/scanner/zapclient/context/zap_context.py - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Function wait_until_spider_finished has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

    def wait_until_spider_finished(self):
        """
        Waits for the ZAP Spider to complete.

        This method also enforces the "maxDuration" limit of the spider, ZAP normally enforces it on its own,
Severity: Minor
Found in scanners/zap-advanced/scanner/zapclient/spider/zap_abstract_spider.py - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Function print_spider_summary has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

    def print_spider_summary(self):
        """Method to print out a summary of the spider results"""
        logging.info("HTTP Spider(%s) completed", str(self.get_spider_id))

        num_urls = len(self.get_zap.core.urls())
Severity: Minor
Found in scanners/zap-advanced/scanner/zapclient/spider/zap_spider_http.py - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Severity
Category
Status
Source
Language