kitos 6d3617938e fix(security): resolve Snyk/bandit code analysis findings ...

- config.py: move REPORT_OUTPUT_DIR from /tmp (world-writable) to /app/reports
  to prevent CWE-377 symlink attack vector (B108, only real security issue)
- main.py: log startup seed failures instead of silently swallowing them (B110)
- Add # nosec annotations to intentional try/except patterns that are by design:
  Jira integration errors, email failures, DetachedInstanceError, storage errors,
  and Jira session timeout (all B110/B112 false positives)
- Add # nosec B105 to false positives where bandit misidentifies config key
  names and masking strings as hardcoded passwords
- Add .bandit config to skip B311 in seed_demo.py (random used for fake
  demo data generation, not cryptographic purposes)

2026-06-12 12:59:11 +02:00

..

__init__.py

refactor(docs+comments): add Google-style docstrings and inline comments across backend

2026-06-11 11:06:55 +02:00

admin_config.py

fix(security): resolve Snyk/bandit code analysis findings

2026-06-12 12:59:11 +02:00

advanced_metrics.py

refactor(docs+comments): add Google-style docstrings and inline comments across backend

2026-06-11 11:06:55 +02:00

analytics.py

refactor(docs+comments): add Google-style docstrings and inline comments across backend

2026-06-11 11:06:55 +02:00

api_keys.py

fix(lint): resolve 2132 ruff errors to pass CI lint-and-test job

2026-06-12 10:47:48 +02:00

attack_paths.py

fix(lint): resolve 2132 ruff errors to pass CI lint-and-test job

2026-06-12 10:47:48 +02:00

audit.py

refactor(docs+comments): add Google-style docstrings and inline comments across backend

2026-06-11 11:06:55 +02:00

auth.py

fix(lint): resolve 2132 ruff errors to pass CI lint-and-test job

2026-06-12 10:47:48 +02:00

campaigns.py

fix(lint): resolve 2132 ruff errors to pass CI lint-and-test job

2026-06-12 10:47:48 +02:00

compliance.py

fix(compliance): add missing import_nist_800_53_mappings to router imports

2026-06-11 14:29:52 +02:00

d3fend.py

fix(routers+imports): fix missing DetectionRule import and correct -> list return type annotations that actually return paginated dicts

2026-06-11 13:22:51 +02:00

data_sources.py

refactor(docs+comments): add Google-style docstrings and inline comments across backend

2026-06-11 11:06:55 +02:00

detection_lifecycle.py

fix(detection-lifecycle): fix timezone naive/aware mismatch and duplicate technique mapping

2026-05-19 16:29:04 +02:00

detection_rules.py

fix(routers+imports): fix missing DetectionRule import and correct -> list return type annotations that actually return paginated dicts

2026-06-11 13:22:51 +02:00

evidence.py

fix(lint): resolve 2132 ruff errors to pass CI lint-and-test job

2026-06-12 10:47:48 +02:00

executive_dashboard.py

fix(lint): resolve 2132 ruff errors to pass CI lint-and-test job

2026-06-12 10:47:48 +02:00

heatmap.py

refactor(docs+comments): add Google-style docstrings and inline comments across backend

2026-06-11 11:06:55 +02:00

intel.py

feat(intel): major intel scan improvements + Review Queue integration

2026-05-29 16:04:30 +02:00

jira.py

feat(refactor): PEP8, type annotations, docstrings and PyJWT security fix

2026-06-11 11:09:41 +02:00

knowledge.py

fix(lint): resolve 2132 ruff errors to pass CI lint-and-test job

2026-06-12 10:47:48 +02:00

metrics.py

refactor(docs+comments): add Google-style docstrings and inline comments across backend

2026-06-11 11:06:55 +02:00

notifications.py

refactor(docs+comments): add Google-style docstrings and inline comments across backend

2026-06-11 11:06:55 +02:00

operational_alerts.py

security: fix 6 vulnerabilities identified in SDLC audit

2026-05-22 09:46:29 +02:00

operational_metrics.py

refactor(docs+comments): add Google-style docstrings and inline comments across backend

2026-06-11 11:06:55 +02:00

osint.py

fix(routers+imports): fix missing DetectionRule import and correct -> list return type annotations that actually return paginated dicts

2026-06-11 13:22:51 +02:00

ownership.py

fix(lint): resolve 2132 ruff errors to pass CI lint-and-test job

2026-06-12 10:47:48 +02:00

professional_reports.py

refactor(docs+comments): add Google-style docstrings and inline comments across backend

2026-06-11 11:06:55 +02:00

reports.py

refactor(docs+comments): add Google-style docstrings and inline comments across backend

2026-06-11 11:06:55 +02:00

risk_intelligence.py

fix(lint): resolve 2132 ruff errors to pass CI lint-and-test job

2026-06-12 10:47:48 +02:00

scores.py

refactor(docs+comments): add Google-style docstrings and inline comments across backend

2026-06-11 11:06:55 +02:00

snapshots.py

fix(routers+imports): fix missing DetectionRule import and correct -> list return type annotations that actually return paginated dicts

2026-06-11 13:22:51 +02:00

sso.py

fix(lint): resolve 2132 ruff errors to pass CI lint-and-test job

2026-06-12 10:47:48 +02:00

system.py

fix(security): resolve Snyk/bandit code analysis findings

2026-06-12 12:59:11 +02:00

techniques.py

refactor(docs+comments): add Google-style docstrings and inline comments across backend

2026-06-11 11:06:55 +02:00

test_templates.py

feat(refactor): PEP8, type annotations, docstrings and PyJWT security fix

2026-06-11 11:09:41 +02:00

tests.py

fix(security): resolve Snyk/bandit code analysis findings

2026-06-12 12:59:11 +02:00

threat_actors.py

fix(routers+imports): fix missing DetectionRule import and correct -> list return type annotations that actually return paginated dicts

2026-06-11 13:22:51 +02:00

users.py

feat(refactor): PEP8, type annotations, docstrings and PyJWT security fix

2026-06-11 11:09:41 +02:00

webhooks.py

fix(security): resolve Snyk/bandit code analysis findings

2026-06-12 12:59:11 +02:00

worklogs.py

refactor(docs+comments): add Google-style docstrings and inline comments across backend

2026-06-11 11:06:55 +02:00