Skip to content

fix(parsers): DeprecationWarning: Testing an element's truth ... #13828

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
rossops merged 1 commit into from
Dec 8, 2025

fix(parsers): DeprecationWarning: Testing an element's truth ...

32e4e0f
Select commit
Loading
Failed to load commit list.
Merged

fix(parsers): DeprecationWarning: Testing an element's truth ... #13828

fix(parsers): DeprecationWarning: Testing an element's truth ...
32e4e0f
Select commit
Loading
Failed to load commit list.
DryRunSecurity / General Security Analyzer succeeded Dec 5, 2025 in 58s

DryRun Security

Details

General Security Analyzer Findings: 1 detected

⚠️ Incomplete Data Processing in Parser dojo/tools/dependency_check/parser.py (click for details)
Type Incomplete Data Processing in Parser
Description The parser for Dependency Check XML reports now includes if node is not None checks to prevent crashes. However, these checks, particularly for critical elements like <dependencies>, lead to silent skipping of entire sections of the report if the corresponding XML elements are missing. There is no logging or error reporting mechanism to alert the user that parts of the report were not processed, resulting in an incomplete and potentially misleading security assessment.
Filename dojo/tools/dependency_check/parser.py
CodeLink

django-DefectDojo/dojo/tools/dependency_check/parser.py

Lines 435 to 438 in 32e4e0f

if dependencies is not None:
for dependency in dependencies.findall(namespace + "dependency"):
vulnerabilities = dependency.find(
namespace + "vulnerabilities",
View more details on DryRunSecurity