Remove outdated scan result files

2025-07-03 13:53:28 -04:00 · 2025-07-03 13:53:28 -04:00 · ae66bf0193
parent 5d87d8e9f3
commit ae66bf0193
2 changed files with 0 additions and 159 deletions
--- a/scan-results-updated.md
+++ b/scan-results-updated.md
@ -1,73 +0,0 @@
 # Ploughshares Security and Code Quality Scan Results (Updated)
 ## Deployment Status
 ✅ **Application successfully deployed**
 - Web application running at http://localhost:5001
 - API documentation available at http://localhost:5001/api-docs
 ## Test Results
 ### Functionality Tests
 ✅ **All tests passed**
 - Core imports verified
 - API routes verified
 ### Code Quality Tests
 ✅ **All tests passed**
 - Python syntax valid
 - No inappropriate print statements
 ### Dependency Tests
 ✅ **All tests passed**
 - requirements.txt exists
 - No known vulnerable package versions
 ## Security Scan Results
 ### Dependency Vulnerabilities (Safety)
 ✅ **No vulnerabilities detected in dependencies**
 All dependencies have been updated to secure versions:
 - Flask: 2.2.2 → 3.1.1
 - psycopg2-binary: 2.9.3 → 2.9.9
 - requests: 2.28.1 → 2.32.2
 - gunicorn: 20.1.0 → 23.0.0
 - Werkzeug: 2.3.7 → 3.0.6
 - Jinja2: 3.1.2 → 3.1.6
 ### Code Security Issues (Bandit)
 ⚠️ **3 potential security issues remain to be addressed**
 1. **Hardcoded Password String** (Severity: Low, Confidence: Medium)
   - Location: app.py:20
   - Issue: `app.secret_key = 'supersecretkey'`
   - CWE-259: Use of Hard-coded Password
 2. **Binding to All Interfaces** (Severity: Medium, Confidence: Medium)
   - Location: app.py:220
   - Issue: `app.run(host='0.0.0.0', port=port)`
   - CWE-605: Multiple Binds to the Same Port
 3. **Hardcoded Password in Function Argument** (Severity: Low, Confidence: Medium)
   - Location: init_db.py:6-11
   - Issue: `password="testpass"` in database connection
   - CWE-259: Use of Hard-coded Password
 ## Recommendations
 ### Immediate Actions
 1. ✅ **Update vulnerable dependencies** - COMPLETED
 2. **Replace hardcoded secrets** with environment variables
 3. **Restrict network binding** in development environments
 ### Long-term Improvements
 1. Implement **secret management** solution
 2. Add **continuous security scanning** in CI/CD pipeline
 3. Establish **dependency update policy**
 ## Next Steps
 1. Run `./install-codechecks.sh` to install all required code quality tools
 2. Address remaining security findings 
--- a/scan-results.md
+++ b/scan-results.md
@ -1,86 +0,0 @@
 # Ploughshares Security and Code Quality Scan Results
 ## Deployment Status
 ✅ **Application successfully deployed**
 - Web application running at http://localhost:5001
 - API documentation available at http://localhost:5001/api-docs
 ## Test Results
 ### Functionality Tests
 ✅ **All tests passed**
 - Core imports verified
 - API routes verified
 ### Code Quality Tests
 ✅ **All tests passed**
 - Python syntax valid
 - No inappropriate print statements
 ### Dependency Tests
 ✅ **Basic tests passed**
 - requirements.txt exists
 - No known vulnerable package versions in hardcoded list
 ## Security Scan Results
 ### Dependency Vulnerabilities (Safety)
 ⚠️ **Multiple vulnerabilities detected in dependencies**
 | Package    | Installed | Affected                | Issue ID |
 |------------|-----------|-------------------------|----------|
 | flask      | 2.2.2     | <2.2.5                  | 55261    |
 | flask      | 2.2.2     | <3.1.1                  | 77323    |
 | requests   | 2.28.1    | <2.32.2                 | 71064    |
 | requests   | 2.28.1    | >=2.3.0,<2.31.0         | 58755    |
 | gunicorn   | 20.1.0    | <21.2.0                 | 72780    |
 | gunicorn   | 20.1.0    | <22.0.0                 | 71600    |
 | gunicorn   | 20.1.0    | <23.0.0                 | 76244    |
 | werkzeug   | 2.3.7     | <2.3.8                  | 62019    |
 | werkzeug   | 2.3.7     | <3.0.3                  | 71594    |
 | werkzeug   | 2.3.7     | <3.0.6                  | 73969    |
 | werkzeug   | 2.3.7     | <3.0.6                  | 73889    |
 | werkzeug   | 2.3.7     | <=2.3.7                 | 71595    |
 | jinja2     | 3.1.2     | <3.1.3                  | 64227    |
 | jinja2     | 3.1.2     | <3.1.4                  | 71591    |
 | jinja2     | 3.1.2     | <3.1.5                  | 76378    |
 | jinja2     | 3.1.2     | <3.1.5                  | 74735    |
 | jinja2     | 3.1.2     | <3.1.6                  | 75976    |
 ### Code Security Issues (Bandit)
 ⚠️ **3 potential security issues detected**
 1. **Hardcoded Password String** (Severity: Low, Confidence: Medium)
   - Location: app.py:20
   - Issue: `app.secret_key = 'supersecretkey'`
   - CWE-259: Use of Hard-coded Password
 2. **Binding to All Interfaces** (Severity: Medium, Confidence: Medium)
   - Location: app.py:220
   - Issue: `app.run(host='0.0.0.0', port=port)`
   - CWE-605: Multiple Binds to the Same Port
 3. **Hardcoded Password in Function Argument** (Severity: Low, Confidence: Medium)
   - Location: init_db.py:6-11
   - Issue: `password="testpass"` in database connection
   - CWE-259: Use of Hard-coded Password
 ## Recommendations
 ### Immediate Actions
 1. **Update vulnerable dependencies** to their latest secure versions
 2. **Replace hardcoded secrets** with environment variables
 3. **Restrict network binding** in development environments
 ### Long-term Improvements
 1. Implement **secret management** solution
 2. Add **continuous security scanning** in CI/CD pipeline
 3. Establish **dependency update policy**
 ## Next Steps
 1. Run `./install-codechecks.sh` to install all required code quality tools
 2. Update dependencies to secure versions
 3. Address security findings