Sign upLogin

secureCodeBox/secureCodeBox

View on GitHub
Star

Showing 515 of 515 total issues

Identical blocks of code found in 3 locations. Consider refactoring.
Open

  sslyzeCascadingRules[0].spec.scanSpec.volumeMounts = [
    {
      mountPath: "/etc/ssl/certs/ca-cert-sslyze.cer",
      name: "ca-certificate-sslyze",
      readOnly: true,
Severity: Minor
Found in hooks/cascading-scans/hook/hook.test.js and 2 other locations - About 35 mins to fix
hooks/cascading-scans/hook/hook.test.js on lines 921..928
hooks/cascading-scans/hook/hook.test.js on lines 2493..2500

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 46.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Identical blocks of code found in 3 locations. Consider refactoring.
Open

  sslyzeCascadingRules[0].spec.scanSpec.volumeMounts = [
    {
      mountPath: "/etc/ssl/certs/ca-cert-sslyze.cer",
      name: "ca-certificate-sslyze",
      readOnly: true,
Severity: Minor
Found in hooks/cascading-scans/hook/hook.test.js and 2 other locations - About 35 mins to fix
hooks/cascading-scans/hook/hook.test.js on lines 921..928
hooks/cascading-scans/hook/hook.test.js on lines 2302..2309

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 46.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Similar blocks of code found in 2 locations. Consider refactoring.
Open

  public V1ScanSpecCascades putMatchLabelsItem(String key, String matchLabelsItem) {
    if (this.matchLabels == null) {
      this.matchLabels = new HashMap<>();
    }
    this.matchLabels.put(key, matchLabelsItem);
Severity: Minor
Found in hooks/persistence-defectdojo/hook/src/main/java/io/securecodebox/models/V1ScanSpecCascades.java and 1 other location - About 35 mins to fix
hooks/persistence-defectdojo/hook/src/main/java/io/securecodebox/models/V1ScanStatusFindings.java on lines 62..68

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 43.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Similar blocks of code found in 2 locations. Consider refactoring.
Open

  public V1ScanStatusFindings putCategoriesItem(String key, Long categoriesItem) {
    if (this.categories == null) {
      this.categories = new HashMap<>();
    }
    this.categories.put(key, categoriesItem);
Severity: Minor
Found in hooks/persistence-defectdojo/hook/src/main/java/io/securecodebox/models/V1ScanStatusFindings.java and 1 other location - About 35 mins to fix
hooks/persistence-defectdojo/hook/src/main/java/io/securecodebox/models/V1ScanSpecCascades.java on lines 259..265

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 43.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Identical blocks of code found in 2 locations. Consider refactoring.
Open

  sslyzeCascadingRules[0].spec.scanSpec.tolerations = [
    {
      key: "key2",
      operator: "Equal",
      value: "test-2",
Severity: Minor
Found in hooks/cascading-scans/hook/hook.test.js and 1 other location - About 35 mins to fix
hooks/cascading-scans/hook/hook.test.js on lines 1998..2005

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 46.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Identical blocks of code found in 2 locations. Consider refactoring.
Open

function severityCount(findings, severity) {
  return findings.filter(
    ({ severity: findingSeverity }) =>
      findingSeverity.toUpperCase() === severity
  ).length;
Severity: Minor
Found in hook-sdk/nodejs/hook-wrapper.js and 1 other location - About 35 mins to fix
parser-sdk/nodejs/parser-wrapper.js on lines 16..21

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 46.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Identical blocks of code found in 2 locations. Consider refactoring.
Open

function severityCount(findings, severity) {
  return findings.filter(
    ({ severity: findingSeverity }) =>
      findingSeverity.toUpperCase() === severity
  ).length;
Severity: Minor
Found in parser-sdk/nodejs/parser-wrapper.js and 1 other location - About 35 mins to fix
hook-sdk/nodejs/hook-wrapper.js on lines 78..83

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 46.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Identical blocks of code found in 2 locations. Consider refactoring.
Open

  sslyzeCascadingRules[0].spec.scanSpec.tolerations = [
    {
      key: "key2",
      operator: "Equal",
      value: "test-2",
Severity: Minor
Found in hooks/cascading-scans/hook/hook.test.js and 1 other location - About 35 mins to fix
hooks/cascading-scans/hook/hook.test.js on lines 2187..2194

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 46.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Similar blocks of code found in 2 locations. Consider refactoring.
Open

  public Optional<List<String>> getEngagementTags() {
    return this.getKey(SecureCodeBoxScanAnnotations.ENGAGEMENT_TAGS).map(
      tags -> new LinkedList<>(Arrays.asList(tags.split(",")))
        .stream()
        .map(String::trim)
Severity: Minor
Found in hooks/persistence-defectdojo/hook/src/main/java/io/securecodebox/persistence/models/Scan.java and 1 other location - About 30 mins to fix
hooks/persistence-defectdojo/hook/src/main/java/io/securecodebox/persistence/models/Scan.java on lines 72..79

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 41.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Similar blocks of code found in 2 locations. Consider refactoring.
Open

  public Optional<List<String>> getProductTags() {
    return this.getKey(SecureCodeBoxScanAnnotations.PRODUCT_TAGS).map(
      tags -> new LinkedList<>(Arrays.asList(tags.split(",")))
        .stream()
        .map(String::trim)
Severity: Minor
Found in hooks/persistence-defectdojo/hook/src/main/java/io/securecodebox/persistence/models/Scan.java and 1 other location - About 30 mins to fix
hooks/persistence-defectdojo/hook/src/main/java/io/securecodebox/persistence/models/Scan.java on lines 63..70

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 41.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Avoid too many return statements within this function.
Open

    return ["Outdated Software", MEDIUM];
Severity: Major
Found in scanners/nikto/parser/parser.js - About 30 mins to fix

    Avoid too many return statements within this function.
    Open

          return null;
    Severity: Major
    Found in scanners/kubeaudit/parser/parser.js - About 30 mins to fix

      Avoid too many return statements within this function.
      Open

              return createAutomountedServiceAccountTokenFinding(finding);
      Severity: Major
      Found in scanners/kubeaudit/parser/parser.js - About 30 mins to fix

        Avoid too many return statements within this function.
        Open

            return ["Identified Software", INFORMATIONAL];
        Severity: Major
        Found in scanners/nikto/parser/parser.js - About 30 mins to fix

          Avoid too many return statements within this function.
          Open

              return ["X-Content-Type-Options Header", INFORMATIONAL];
          Severity: Major
          Found in scanners/nikto/parser/parser.js - About 30 mins to fix

            Avoid too many return statements within this function.
            Open

                return ["Potential Vulnerability", HIGH];
            Severity: Major
            Found in scanners/nikto/parser/parser.js - About 30 mins to fix

              Avoid too many return statements within this function.
              Open

                  return ["Potential Backup File", INFORMATIONAL];
              Severity: Major
              Found in scanners/nikto/parser/parser.js - About 30 mins to fix

                Avoid too many return statements within this function.
                Open

                    return ["Identified Software", INFORMATIONAL];
                Severity: Major
                Found in scanners/nikto/parser/parser.js - About 30 mins to fix

                  Avoid too many return statements within this function.
                  Open

                      return ["Embedded Device", INFORMATIONAL];
                  Severity: Major
                  Found in scanners/nikto/parser/parser.js - About 30 mins to fix

                    Avoid too many return statements within this function.
                    Open

                        return ["Path Traversal", HIGH];
                    Severity: Major
                    Found in scanners/nikto/parser/parser.js - About 30 mins to fix
                      Severity
                      Category
                      Status
                      Source
                      Language