Sign upLogin

secureCodeBox/secureCodeBox

View on GitHub
Star

Showing 195 of 515 total issues

Method MonitorService.Run has a Cognitive Complexity of 43 (exceeds 20 allowed). Consider refactoring.
Open

func (m *MonitorService) Run(ctx context.Context) {
    m.Log.Info("Receiving messages...")
    for {
        select {
        case <-ctx.Done():
Severity: Minor
Found in auto-discovery/cloud-aws/pkg/aws/aws.go - About 4 hrs to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Function parseResultFile has 99 lines of code (exceeds 25 allowed). Consider refactoring.
Open

function parseResultFile(fileContent) {
  return new Promise((resolve, reject) => {
    xml2js.parseString(fileContent, (err, xmlInput) => {
      if (err) {
        reject(new Error('Error converting XML to JSON in xml2js: ' + err));
Severity: Major
Found in scanners/nmap/parser/parser.js - About 3 hrs to fix

    File parser.test.js has 331 lines of code (exceeds 250 allowed). Consider refactoring.
    Open

    // SPDX-FileCopyrightText: the secureCodeBox authors
//
// SPDX-License-Identifier: Apache-2.0

const { readFile } = require("fs/promises");
    Severity: Minor
    Found in scanners/wpscan/parser/parser.test.js - About 3 hrs to fix

      Method ScheduledScanReconciler.Reconcile has a Cognitive Complexity of 41 (exceeds 20 allowed). Consider refactoring.
      Open

      func (r *ScheduledScanReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) {
    log := r.Log.WithValues("scheduledscan", req.NamespacedName)

    // get the ScheduledScan
    var scheduledScan executionv1.ScheduledScan
      Severity: Minor
      Found in operator/controllers/execution/scheduledscan_controller.go - About 3 hrs to fix

      Cognitive Complexity

      Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

      A method's cognitive complexity is based on a few simple rules:

      • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
      • Code is considered more complex for each "break in the linear flow of the code"
      • Code is considered more complex when "flow breaking structures are nested"

      Further reading

      V1ScanSpecCascades has 30 methods (exceeds 20 allowed). Consider refactoring.
      Open

      @ApiModel(description = "CascadeSpec describes how and when cascading scans should be generated.")
@javax.annotation.Generated(value = "org.openapitools.codegen.languages.JavaClientCodegen", date = "2021-11-17T10:13:00.848Z[Etc/UTC]")
public class V1ScanSpecCascades {
  public static final String SERIALIZED_NAME_INHERIT_ANNOTATIONS = "inheritAnnotations";
  @SerializedName(SERIALIZED_NAME_INHERIT_ANNOTATIONS)
      Severity: Minor
      Found in hooks/persistence-defectdojo/hook/src/main/java/io/securecodebox/models/V1ScanSpecCascades.java - About 3 hrs to fix

        Function parse has 84 lines of code (exceeds 25 allowed). Consider refactoring.
        Open

        async function parse(scanResults) {
  if (typeof (scanResults) === "string") // empty file
    return [];

  const wpscanVersion = scanResults.banner.version;
        Severity: Major
        Found in scanners/wpscan/parser/parser.js - About 3 hrs to fix

          Method ScanReconciler.startScan has 108 lines of code (exceeds 50 allowed). Consider refactoring.
          Open

          func (r *ScanReconciler) startScan(scan *executionv1.Scan) error {
    ctx := context.Background()
    namespacedName := fmt.Sprintf("%s/%s", scan.Namespace, scan.Name)
    log := r.Log.WithValues("scan_init", namespacedName)
          Severity: Major
          Found in operator/controllers/execution/scans/scan_reconciler.go - About 3 hrs to fix

            Method ScheduledScanReconciler.Reconcile has 106 lines of code (exceeds 50 allowed). Consider refactoring.
            Open

            func (r *ScheduledScanReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) {
    log := r.Log.WithValues("scheduledscan", req.NamespacedName)

    // get the ScheduledScan
    var scheduledScan executionv1.ScheduledScan
            Severity: Major
            Found in operator/controllers/execution/scheduledscan_controller.go - About 3 hrs to fix

              File parser.js has 300 lines of code (exceeds 250 allowed). Consider refactoring.
              Open

              // SPDX-FileCopyrightText: the secureCodeBox authors
//
// SPDX-License-Identifier: Apache-2.0

const xml2js = require('xml2js');
              Severity: Minor
              Found in scanners/nmap/parser/parser.js - About 3 hrs to fix

                Function configure_spider has a Cognitive Complexity of 22 (exceeds 5 allowed). Consider refactoring.
                Open

                    def configure_spider(self, spider_config: collections.OrderedDict):
        """Configures a ZAP HTTP Spider with the given spider configuration, based on the running ZAP instance.

        Parameters
        ----------
                Severity: Minor
                Found in scanners/zap-advanced/scanner/zapclient/spider/zap_spider_http.py - About 3 hrs to fix

                Cognitive Complexity

                Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                A method's cognitive complexity is based on a few simple rules:

                • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                • Code is considered more complex for each "break in the linear flow of the code"
                • Code is considered more complex when "flow breaking structures are nested"

                Further reading

                File zap_spider_http.py has 294 lines of code (exceeds 250 allowed). Consider refactoring.
                Open

                #!/usr/bin/env python

# SPDX-FileCopyrightText: the secureCodeBox authors
#
# SPDX-License-Identifier: Apache-2.0
                Severity: Minor
                Found in scanners/zap-advanced/scanner/zapclient/spider/zap_spider_http.py - About 3 hrs to fix

                  File scan-helpers.ts has 290 lines of code (exceeds 250 allowed). Consider refactoring.
                  Open

                  // SPDX-FileCopyrightText: the secureCodeBox authors
//
// SPDX-License-Identifier: Apache-2.0

import * as k8s from "@kubernetes/client-node";
                  Severity: Minor
                  Found in hooks/cascading-scans/hook/scan-helpers.ts - About 2 hrs to fix

                    File parser.test.js has 288 lines of code (exceeds 250 allowed). Consider refactoring.
                    Open

                    // SPDX-FileCopyrightText: the secureCodeBox authors
//
// SPDX-License-Identifier: Apache-2.0

const { readFile } = require("fs/promises");
                    Severity: Minor
                    Found in scanners/ssh-scan/parser/parser.test.js - About 2 hrs to fix

                      Method run has 71 lines of code (exceeds 25 allowed). Consider refactoring.
                      Open

                        @Override
  public List<Finding> run(Scan scan, ScanFile scanResultFile) throws DefectDojoPersistenceException {
    log.debug("Getting DefectDojo User Id via user profile API");
    final List<UserProfile> userProfiles;
                      Severity: Major
                      Found in hooks/persistence-defectdojo/hook/src/main/java/io/securecodebox/persistence/strategies/VersionedEngagementsStrategy.java - About 2 hrs to fix

                        Function templateValue has 71 lines of code (exceeds 25 allowed). Consider refactoring.
                        Open

                          function templateValue(value: string): {values: string[]; rendered: boolean} {
    if (value === undefined)
      return {
        values: [],
        rendered: true,
                        Severity: Major
                        Found in hooks/cascading-scans/hook/scope-limiter.ts - About 2 hrs to fix

                          Function parseSmbProtocols has 70 lines of code (exceeds 25 allowed). Consider refactoring.
                          Open

                          function parseSmbProtocols(host, script) {
  // Parse SMB Script Results
  console.log ("Found SMB Script Result: " + script.$.output);
  //console.log (script);
                          Severity: Major
                          Found in scanners/nmap/parser/parser.js - About 2 hrs to fix

                            Function parse has 68 lines of code (exceeds 25 allowed). Consider refactoring.
                            Open

                            async function parse(fileContent) {
  // Only 0 when the target wasn't reachable
  if (fileContent.length === 0) {
    return [];
  }
                            Severity: Major
                            Found in scanners/nuclei/parser/parser.js - About 2 hrs to fix

                              Function parse has 65 lines of code (exceeds 25 allowed). Consider refactoring.
                              Open

                              async function parse(findings) {
  let results = []
  // Making sure the CMS is Joomla
  if (findings.cms_id != "joom") {
    return results
                              Severity: Major
                              Found in scanners/cmseek/parser/parser.js - About 2 hrs to fix

                                Function parseSmbProtocols has a Cognitive Complexity of 19 (exceeds 5 allowed). Consider refactoring.
                                Open

                                function parseSmbProtocols(host, script) {
  // Parse SMB Script Results
  console.log ("Found SMB Script Result: " + script.$.output);
  //console.log (script);
                                Severity: Minor
                                Found in scanners/nmap/parser/parser.js - About 2 hrs to fix

                                Cognitive Complexity

                                Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                                A method's cognitive complexity is based on a few simple rules:

                                • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                                • Code is considered more complex for each "break in the linear flow of the code"
                                • Code is considered more complex when "flow breaking structures are nested"

                                Further reading

                                Function start_spider has a Cognitive Complexity of 19 (exceeds 5 allowed). Consider refactoring.
                                Open

                                    def start_spider(self, url: str, spider_config: collections.OrderedDict):
        """Starts a ZAP Spider with the given spiders configuration, based on the internal referenced ZAP instance.

        Parameters
        ----------
                                Severity: Minor
                                Found in scanners/zap-advanced/scanner/zapclient/spider/zap_spider_http.py - About 2 hrs to fix

                                Cognitive Complexity

                                Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                                A method's cognitive complexity is based on a few simple rules:

                                • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                                • Code is considered more complex for each "break in the linear flow of the code"
                                • Code is considered more complex when "flow breaking structures are nested"

                                Further reading

                                Severity
                                Category
                                Status
                                Source
                                Language