sharang/compliance-scanner-agent
1
0
Fork 0
Code Issues 51 Pull Requests 1 Actions Packages Projects Releases 1 Wiki Activity

fix: resolve all clippy warnings with RUSTFLAGS="-D warnings"
All checks were successful
CI / Clippy (push) Successful in 4m15s
Details
CI / Security Audit (push) Has been skipped
Details
CI / Tests (push) Has been skipped
Details
CI / Clippy (pull_request) Successful in 4m16s
Details
CI / Security Audit (pull_request) Has been skipped
Details
CI / Tests (pull_request) Has been skipped
Details
CI / Detect Changes (push) Has been skipped
Details
CI / Detect Changes (pull_request) Has been skipped
Details
CI / Deploy Agent (push) Has been skipped
Details
CI / Deploy Dashboard (push) Has been skipped
Details
CI / Deploy Docs (push) Has been skipped
Details
CI / Deploy MCP (push) Has been skipped
Details
CI / Deploy Agent (pull_request) Has been skipped
Details
CI / Deploy Dashboard (pull_request) Has been skipped
Details
CI / Deploy Docs (pull_request) Has been skipped
Details
CI / Deploy MCP (pull_request) Has been skipped
Details
CI / Format (push) Successful in 27s
Details
CI / Format (pull_request) Successful in 3s
Details

Browse Source 
Fix dead code warnings, redundant clones, boolean simplification,
format-in-format-args, type complexity, and Box::new of Default
across compliance-dast, compliance-agent, and compliance-dashboard.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Sharang Parnerkar
2026-03-13 08:46:21 +01:00
parent 4e95fd7016
commit ab17a7376a
15 changed files with 51 additions and 36 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
compliance-dast/src/tools/api_fuzzer.rs
View File

@@ -9,14 +9,14 @@ use crate::agents::api_fuzzer::ApiFuzzerAgent;
/// PentestTool wrapper around the existing ApiFuzzerAgent.
pub struct ApiFuzzerTool {
http: reqwest::Client,
_http: reqwest::Client,
agent: ApiFuzzerAgent,
}
impl ApiFuzzerTool {
pub fn new(http: reqwest::Client) -> Self {
let agent = ApiFuzzerAgent::new(http.clone());
Self { http, agent }
Self { _http: http, agent }
}
fn parse_endpoints(input: &serde_json::Value) -> Vec<DiscoveredEndpoint> {

4
compliance-dast/src/tools/auth_bypass.rs
View File

@@ -9,14 +9,14 @@ use crate::agents::auth_bypass::AuthBypassAgent;
/// PentestTool wrapper around the existing AuthBypassAgent.
pub struct AuthBypassTool {
http: reqwest::Client,
_http: reqwest::Client,
agent: AuthBypassAgent,
}
impl AuthBypassTool {
pub fn new(http: reqwest::Client) -> Self {
let agent = AuthBypassAgent::new(http.clone());
Self { http, agent }
Self { _http: http, agent }
}
fn parse_endpoints(input: &serde_json::Value) -> Vec<DiscoveredEndpoint> {

4
compliance-dast/src/tools/cookie_analyzer.rs
View File

@@ -14,6 +14,7 @@ pub struct CookieAnalyzerTool {
#[derive(Debug)]
struct ParsedCookie {
name: String,
#[allow(dead_code)]
value: String,
secure: bool,
http_only: bool,
@@ -219,8 +220,7 @@ impl PentestTool for CookieAnalyzerTool {
let mut cookie_data = Vec::new();
// Collect Set-Cookie headers from the main URL and optional login URL
let urls_to_check: Vec<&str> =
std::iter::once(url).chain(login_url).collect();
let urls_to_check: Vec<&str> = std::iter::once(url).chain(login_url).collect();
for check_url in &urls_to_check {
// Use a client that does NOT follow redirects so we catch cookies on redirect responses

8
compliance-dast/src/tools/csp_analyzer.rs
View File

@@ -224,10 +224,10 @@ impl CspAnalyzerTool {
for (dir_name, desc) in &important_directives {
if !directive_names.contains(dir_name)
&& !(has_default_src
&& *dir_name != "frame-ancestors"
&& *dir_name != "base-uri"
&& *dir_name != "form-action")
&& (!has_default_src
|| *dir_name == "frame-ancestors"
|| *dir_name == "base-uri"
|| *dir_name == "form-action")
{
let evidence = make_evidence(format!("CSP missing directive: {dir_name}"));
let mut finding = DastFinding::new(

14
compliance-dast/src/tools/mod.rs
View File

@@ -33,8 +33,15 @@ pub struct ToolRegistry {
tools: HashMap<String, Box<dyn PentestTool>>,
}
impl Default for ToolRegistry {
fn default() -> Self {
Self::new()
}
}
impl ToolRegistry {
/// Create a new registry with all built-in tools pre-registered.
#[allow(clippy::expect_used)]
pub fn new() -> Self {
let http = reqwest::Client::builder()
.danger_accept_invalid_certs(true)
@@ -67,8 +74,11 @@ impl ToolRegistry {
);
// New infrastructure / analysis tools
register(&mut tools, Box::new(dns_checker::DnsCheckerTool::new()));
register(&mut tools, Box::new(dmarc_checker::DmarcCheckerTool::new()));
register(&mut tools, Box::<dns_checker::DnsCheckerTool>::default());
register(
&mut tools,
Box::<dmarc_checker::DmarcCheckerTool>::default(),
);
register(
&mut tools,
Box::new(tls_analyzer::TlsAnalyzerTool::new(http.clone())),

9
compliance-dast/src/tools/recon.rs
View File

@@ -90,10 +90,11 @@ impl PentestTool for ReconTool {
// Look for technology indicators
if (k == "x-powered-by" || k == "server" || k == "x-generator")
&& !result.technologies.contains(&v) && !extra_technologies.contains(&v)
{
extra_technologies.push(v.clone());
}
&& !result.technologies.contains(&v)
&& !extra_technologies.contains(&v)
{
extra_technologies.push(v.clone());
}
extra_headers.insert(format!("{probe_url} -> {k}"), v);
}
}

4
compliance-dast/src/tools/sql_injection.rs
View File

@@ -9,14 +9,14 @@ use crate::agents::injection::SqlInjectionAgent;
/// PentestTool wrapper around the existing SqlInjectionAgent.
pub struct SqlInjectionTool {
http: reqwest::Client,
_http: reqwest::Client,
agent: SqlInjectionAgent,
}
impl SqlInjectionTool {
pub fn new(http: reqwest::Client) -> Self {
let agent = SqlInjectionAgent::new(http.clone());
Self { http, agent }
Self { _http: http, agent }
}
fn parse_endpoints(input: &serde_json::Value) -> Vec<DiscoveredEndpoint> {

4
compliance-dast/src/tools/ssrf.rs
View File

@@ -9,14 +9,14 @@ use crate::agents::ssrf::SsrfAgent;
/// PentestTool wrapper around the existing SsrfAgent.
pub struct SsrfTool {
http: reqwest::Client,
_http: reqwest::Client,
agent: SsrfAgent,
}
impl SsrfTool {
pub fn new(http: reqwest::Client) -> Self {
let agent = SsrfAgent::new(http.clone());
Self { http, agent }
Self { _http: http, agent }
}
fn parse_endpoints(input: &serde_json::Value) -> Vec<DiscoveredEndpoint> {

4
compliance-dast/src/tools/tls_analyzer.rs
View File

@@ -65,7 +65,7 @@ impl TlsAnalyzerTool {
.map_err(|e| CoreError::Dast(format!("Failed to get peer certificate: {e}")))?;
let mut tls_info = TlsInfo {
protocol_version: String::new(),
_protocol_version: String::new(),
cert_subject: String::new(),
cert_issuer: String::new(),
cert_not_before: String::new(),
@@ -104,7 +104,7 @@ impl TlsAnalyzerTool {
}
struct TlsInfo {
protocol_version: String,
_protocol_version: String,
cert_subject: String,
cert_issuer: String,
cert_not_before: String,

4
compliance-dast/src/tools/xss.rs
View File

@@ -9,14 +9,14 @@ use crate::agents::xss::XssAgent;
/// PentestTool wrapper around the existing XssAgent.
pub struct XssTool {
http: reqwest::Client,
_http: reqwest::Client,
agent: XssAgent,
}
impl XssTool {
pub fn new(http: reqwest::Client) -> Self {
let agent = XssAgent::new(http.clone());
Self { http, agent }
Self { _http: http, agent }
}
fn parse_endpoints(input: &serde_json::Value) -> Vec<DiscoveredEndpoint> {