refactor: revert ruff formatting changes, keep only unsaved_tags logic

The previous commit mixed substantive changes (tags= → unsaved_tags)
with ruff auto-formatting. This restores the original code style while
preserving the performance fix.

Author: valentijnscholten

dojo/tools/anchore_grype/parser.py

@@ -76,8 +76,7 @@ def get_findings(self, file, test):
                 rel_epss = related_vulnerability.get("epss")
                 rel_vuln_id = related_vulnerability.get("id")
             vulnerability_ids = self.get_vulnerability_ids(
-                vuln_id,
-                related_vulnerabilities,
+                vuln_id, related_vulnerabilities,
             )
 
             matches = item["matchDetails"]
@@ -88,25 +87,37 @@ def get_findings(self, file, test):
             artifact_purl = artifact.get("purl")
             artifact_location = artifact.get("locations")
             file_path = None
-            if artifact_location and len(artifact_location) > 0 and artifact_location[0].get("path"):
+            if (
+                artifact_location
+                and len(artifact_location) > 0
+                and artifact_location[0].get("path")
+            ):
                 file_path = artifact_location[0].get("path")
 
             finding_title = f"{vuln_id} in {artifact_name}:{artifact_version}"
 
             finding_tags = None
             finding_description = ""
             if vuln_namespace:
-                finding_description += f"**Vulnerability Namespace:** {vuln_namespace}"
+                finding_description += (
+                    f"**Vulnerability Namespace:** {vuln_namespace}"
+                )
             if vuln_description:
-                finding_description += f"\n**Vulnerability Description:** {vuln_description}"
+                finding_description += (
+                    f"\n**Vulnerability Description:** {vuln_description}"
+                )
             if rel_description and rel_description != vuln_description:
                 finding_description += f"\n**Related Vulnerability Description:** {rel_description}"
             if matches:
                 if isinstance(item["matchDetails"], dict):
-                    finding_description += f"\n**Matcher:** {matches['matcher']}"
+                    finding_description += (
+                        f"\n**Matcher:** {matches['matcher']}"
+                    )
                     finding_tags = [matches["matcher"].replace("-matcher", "")]
                 elif len(matches) == 1:
-                    finding_description += f"\n**Matcher:** {matches[0]['matcher']}"
+                    finding_description += (
+                        f"\n**Matcher:** {matches[0]['matcher']}"
+                    )
                     finding_tags = [
                         matches[0]["matcher"].replace("-matcher", ""),
                     ]
@@ -137,22 +148,30 @@ def get_findings(self, file, test):
 
             finding_references = ""
             if vuln_datasource:
-                finding_references += f"**Vulnerability Datasource:** {vuln_datasource}\n"
+                finding_references += (
+                    f"**Vulnerability Datasource:** {vuln_datasource}\n"
+                )
             if vuln_urls:
                 if len(vuln_urls) == 1:
                     if vuln_urls[0] != vuln_datasource:
-                        finding_references += f"**Vulnerability URL:** {vuln_urls[0]}\n"
+                        finding_references += (
+                            f"**Vulnerability URL:** {vuln_urls[0]}\n"
+                        )
                 else:
                     finding_references += "**Vulnerability URLs:**\n"
                     for url in vuln_urls:
                         if url != vuln_datasource:
                             finding_references += f"- {url}\n"
             if rel_datasource:
-                finding_references += f"**Related Vulnerability Datasource:** {rel_datasource}\n"
+                finding_references += (
+                    f"**Related Vulnerability Datasource:** {rel_datasource}\n"
+                )
             if rel_urls:
                 if len(rel_urls) == 1:
                     if rel_urls[0] != vuln_datasource:
-                        finding_references += f"**Related Vulnerability URL:** {rel_urls[0]}\n"
+                        finding_references += (
+                            f"**Related Vulnerability URL:** {rel_urls[0]}\n"
+                        )
                 else:
                     finding_references += "**Related Vulnerability URLs:**\n"
                     for url in rel_urls:
@@ -209,7 +228,6 @@ def get_findings(self, file, test):
 
                 dupes[dupe_key].unsaved_tags = finding_tags
                 dupes[dupe_key].unsaved_vulnerability_ids = vulnerability_ids
-
                 if settings.V3_FEATURE_LOCATIONS and artifact_purl:
                     dupes[dupe_key].unsaved_locations.append(
                         LocationData.dependency(purl=artifact_purl, file_path=file_path),
@@ -228,8 +246,7 @@ def get_cvss(self, cvss):
                 vector = cvss_item["vector"]
                 cvss_objects = cvss_parser.parse_cvss_from_text(vector)
                 if len(cvss_objects) > 0 and isinstance(
-                    cvss_objects[0],
-                    CVSS3,
+                    cvss_objects[0], CVSS3,
                 ):
                     return vector
         return None
@@ -259,11 +276,8 @@ def get_vulnerability_ids(self, vuln_id, related_vulnerabilities):
         if vuln_id:
             vulnerability_ids.append(vuln_id)
         if related_vulnerabilities:
-            vulnerability_ids.extend(
-                related_vulnerability_id
-                for related_vulnerability in related_vulnerabilities
-                if (related_vulnerability_id := related_vulnerability.get("id"))
-            )
+            vulnerability_ids.extend(related_vulnerability_id for related_vulnerability in related_vulnerabilities
+                if (related_vulnerability_id := related_vulnerability.get("id")))
         if vulnerability_ids:
             return vulnerability_ids
         return None

dojo/tools/cargo_audit/parser.py

@@ -80,13 +80,24 @@ def get_findings(self, filename, test):
                 vuln_id = advisory.get("id")
                 vulnerability_ids = [advisory.get("id")]
                 categories = f"**Categories:** {', '.join(advisory['categories'])}" if "categories" in advisory else ""
-                description = categories + f"\n**Description:** `{advisory.get('description')}`"
+                description = (
+                    categories
+                    + f"\n**Description:** `{advisory.get('description')}`"
+                )
 
-                if item["affected"] is not None and "functions" in item["affected"]:
+                if (
+                    item["affected"] is not None
+                    and "functions" in item["affected"]
+                ):
                     affected_func = [
-                        f"{func}: {', '.join(versions)}" for func, versions in item["affected"]["functions"].items()
+                        f'{func}: {", ".join(versions)}'
+                        for func, versions in item["affected"][
+                            "functions"
+                        ].items()
                     ]
-                    description += f"\n**Affected functions**: {', '.join(affected_func)}"
+                    description += (
+                        f"\n**Affected functions**: {', '.join(affected_func)}"
+                    )
 
                 references = f"{advisory.get('url')}\n" + "\n".join(
                     advisory["references"],

dojo/tools/dependency_check/parser.py

@@ -87,10 +87,7 @@ def add_finding(self, finding, dupes):
             dupes[key] = finding
 
     def get_filename_and_path_from_dependency(
-        self,
-        dependency,
-        related_dependency,
-        namespace,
+        self, dependency, related_dependency, namespace,
     ):
         if related_dependency is None:
             return dependency.findtext(
@@ -107,10 +104,7 @@ def get_filename_and_path_from_dependency(
         return None, None
 
     def get_component_name_and_version_from_dependency(
-        self,
-        dependency,
-        related_dependency,
-        namespace,
+        self, dependency, related_dependency, namespace,
     ):
         identifiers_node = dependency.find(namespace + "identifiers")
         if identifiers_node is not None:
@@ -122,13 +116,20 @@ def get_component_name_and_version_from_dependency(
                 purl_parts = purl.to_dict()
                 component_name = (
                     purl_parts["namespace"] + ":"
-                    if purl_parts["namespace"] and len(purl_parts["namespace"]) > 0
+                    if purl_parts["namespace"]
+                    and len(purl_parts["namespace"]) > 0
+                    else ""
+                )
+                component_name += (
+                    purl_parts["name"]
+                    if purl_parts["name"] and len(purl_parts["name"]) > 0
                     else ""
                 )
-                component_name += purl_parts["name"] if purl_parts["name"] and len(purl_parts["name"]) > 0 else ""
                 component_name = component_name or None
                 component_version = (
-                    purl_parts["version"] if purl_parts["version"] and len(purl_parts["version"]) > 0 else ""
+                    purl_parts["version"]
+                    if purl_parts["version"] and len(purl_parts["version"]) > 0
+                    else ""
                 )
                 return component_name, component_version, pck_id
 
@@ -148,10 +149,20 @@ def get_component_name_and_version_from_dependency(
             if cpe_node:
                 cpe_id = cpe_node.findtext(f"{namespace}name")
                 cpe = CPE(cpe_id)
-                component_name = cpe.get_vendor()[0] + ":" if len(cpe.get_vendor()) > 0 else ""
-                component_name += cpe.get_product()[0] if len(cpe.get_product()) > 0 else ""
+                component_name = (
+                    cpe.get_vendor()[0] + ":"
+                    if len(cpe.get_vendor()) > 0
+                    else ""
+                )
+                component_name += (
+                    cpe.get_product()[0] if len(cpe.get_product()) > 0 else ""
+                )
                 component_name = component_name or None
-                component_version = cpe.get_version()[0] if len(cpe.get_version()) > 0 else None
+                component_version = (
+                    cpe.get_version()[0]
+                    if len(cpe.get_version()) > 0
+                    else None
+                )
                 return component_name, component_version, None
 
             maven_node = identifiers_node.find(
@@ -240,8 +251,7 @@ def get_severity_and_cvss_meta(self, vulnerability, namespace) -> dict:
         if severity:
             if severity.strip().lower() not in self.SEVERITY_MAPPING:
                 logger.warning(
-                    "Warning: Unknow severity value detected '%s'. Bypass to 'Medium' value",
-                    severity,
+                    "Warning: Unknow severity value detected '%s'. Bypass to 'Medium' value", severity,
                 )
                 severity = "Medium"
             else:
@@ -256,20 +266,13 @@ def get_severity_and_cvss_meta(self, vulnerability, namespace) -> dict:
         }
 
     def get_finding_from_vulnerability(
-        self,
-        dependency,
-        related_dependency,
-        vulnerability,
-        test,
-        namespace,
+        self, dependency, related_dependency, vulnerability, test, namespace,
     ):
         (
             dependency_filename,
             dependency_filepath,
         ) = self.get_filename_and_path_from_dependency(
-            dependency,
-            related_dependency,
-            namespace,
+            dependency, related_dependency, namespace,
         )
         # logger.debug('dependency_filename: %s', dependency_filename)
 
@@ -315,17 +318,13 @@ def get_finding_from_vulnerability(
             component_version,
             component_purl,
         ) = self.get_component_name_and_version_from_dependency(
-            dependency,
-            related_dependency,
-            namespace,
+            dependency, related_dependency, namespace,
         )
 
         stripped_name = name
         # startswith CVE-XXX-YYY
         stripped_name = re.sub(
-            r"^CVE-\d{4}-\d{4,7}",
-            "",
-            stripped_name,
+            r"^CVE-\d{4}-\d{4,7}", "", stripped_name,
         ).strip()
         # startswith CWE-XXX:
         stripped_name = re.sub(r"^CWE-\d+\:", "", stripped_name).strip()
@@ -334,8 +333,7 @@ def get_finding_from_vulnerability(
 
         if component_name is None:
             logger.warning(
-                "component_name was None for File: %s, using dependency file name instead.",
-                dependency_filename,
+                "component_name was None for File: %s, using dependency file name instead.", dependency_filename,
             )
             component_name = dependency_filename
 
@@ -354,9 +352,15 @@ def get_finding_from_vulnerability(
                 ref_url = reference_node.findtext(f"{namespace}url")
                 ref_name = reference_node.findtext(f"{namespace}name")
                 if ref_url == ref_name:
-                    reference_detail += f"**Source:** {ref_source}\n**URL:** {ref_url}\n\n"
+                    reference_detail += (
+                        f"**Source:** {ref_source}\n**URL:** {ref_url}\n\n"
+                    )
                 else:
-                    reference_detail += f"**Source:** {ref_source}\n**URL:** {ref_url}\n**Name:** {ref_name}\n\n"
+                    reference_detail += (
+                        f"**Source:** {ref_source}\n"
+                        f"**URL:** {ref_url}\n"
+                        f"**Name:** {ref_name}\n\n"
+                    )
 
         if related_dependency is not None:
             tags.append("related")
@@ -366,18 +370,14 @@ def get_finding_from_vulnerability(
                 notes = "Document on why we are suppressing this vulnerability is missing!"
                 tags.append("no_suppression_document")
             mitigation = f"**This vulnerability is mitigated and/or suppressed:** {notes}\n"
-            mitigation += (
-                f"Update {component_name}:{component_version} to at least the version recommended in the description"
-            )
+            mitigation += f"Update {component_name}:{component_version} to at least the version recommended in the description"
             mitigated = datetime.datetime.now(datetime.UTC)
             is_Mitigated = True
             active = False
             tags.append("suppressed")
 
         else:
-            mitigation = (
-                f"Update {component_name}:{component_version} to at least the version recommended in the description"
-            )
+            mitigation = f"Update {component_name}:{component_version} to at least the version recommended in the description"
             description += "\n**Filepath:** " + str(dependency_filepath)
             active = True
 
@@ -467,15 +467,19 @@ def get_findings(self, filename, test):
                                 namespace + "relatedDependencies",
                             )
                             if relatedDependencies is not None:
-                                for relatedDependency in relatedDependencies.findall(
+                                for (
+                                    relatedDependency
+                                ) in relatedDependencies.findall(
                                     namespace + "relatedDependency",
                                 ):
-                                    finding = self.get_finding_from_vulnerability(
-                                        dependency,
-                                        relatedDependency,
-                                        vulnerability,
-                                        test,
-                                        namespace,
+                                    finding = (
+                                        self.get_finding_from_vulnerability(
+                                            dependency,
+                                            relatedDependency,
+                                            vulnerability,
+                                            test,
+                                            namespace,
+                                        )
                                     )
                                     if finding:  # could be None
                                         if scan_date:
@@ -499,9 +503,7 @@ def get_findings(self, filename, test):
                 elif settings.V3_FEATURE_LOCATIONS:
                     # Collect product-level dependency locations
                     _, _, component_purl = self.get_component_name_and_version_from_dependency(
-                        dependency,
-                        None,
-                        namespace,
+                        dependency, None, namespace,
                     )
                     if component_purl:
                         test.unsaved_metadata.append(