Ruff: Add and fix TCH

[kiblik]

Add and fix https://docs.astral.sh/ruff/rules/#flake8-type-checking-tch
Specially: https://docs.astral.sh/ruff/rules/typing-only-standard-library-import/

[dryrunsecurity]

DryRun Security Summary

The pull request updates the Ruff linter configuration and modifies a data model class for Sysdig data, which can be useful for security analysis and risk management, without directly introducing any security-related concerns.

Expand for full summary

Summary:

The changes in this pull request primarily focus on updating the configuration for the Ruff linter and modifying a data model class for Sysdig data. From an application security perspective, these changes do not directly introduce any security-related concerns.

The update to the ruff.toml configuration file enables the TCH rule, which is likely related to type annotations and code style. While the configuration of a linter can indirectly impact application security, these changes are generally considered routine updates to the project's linting setup.

The changes to the dojo/tools/sysdig_reports/sysdig_data.py file introduce a conditional import of the datetime module and leave the SysdigData class unchanged. The SysdigData class appears to be a well-designed data model for representing Sysdig data, which includes important information related to vulnerabilities, packages, containers, and cloud infrastructure. This data can be valuable for security analysis and risk management purposes.

Files Changed:

1. ruff.toml: The changes in this file enable the TCH rule, which is likely related to type annotations and code style. This update does not directly introduce any security-related concerns, but it's important to consider the overall linter configuration and ensure that it aligns with the project's security requirements.

2. dojo/tools/sysdig_reports/sysdig_data.py: The changes in this file introduce a conditional import of the datetime module and leave the SysdigData class unchanged. The SysdigData class contains fields related to vulnerabilities, packages, containers, and cloud infrastructure, which can be valuable for security analysis and risk management purposes.

Code Analysis

We ran 9 analyzers against 2 files and 0 analyzers had findings. 9 analyzers had no findings.

Riskiness

🟢 Risk threshold not exceeded.

View PR in the DryRun Dashboard.

[mtesauro]

Approved

[github-actions]

This pull request has conflicts, please resolve those before we can evaluate the pull request.

[github-actions]

Conflicts have been resolved. A maintainer will review the pull request shortly.

[github-actions]

This pull request has conflicts, please resolve those before we can evaluate the pull request.

[github-actions]

Conflicts have been resolved. A maintainer will review the pull request shortly.