rspec/rules/S1674/abap/comments-and-links.adoc

=== on 20 Oct 2014, 18:37:01 Ann Campbell wrote:
\[~nicolas.peru] note that this rule that was originally written for ABAP has been extended for Java & an exception added for a comment in the block, making ABAP outdated.

=== on 21 Oct 2014, 15:36:55 Nicolas Peru wrote:
This will be covered by \http://jira.sonarsource.com/browse/RSPEC-108

=== on 27 Feb 2015, 09:57:42 Freddy Mallet wrote:
\[~ann.campbell.2], this spec should be linked to \http://cwe.mitre.org/data/definitions/391.html

=== on 21 Mar 2018, 18:09:23 Alexandre Gigleux wrote:
\[~ann.campbell.2] I don't think this one should be classified as a "Bug Detection". No bug/failure will happen if you keep the code like this.

I think it should be classified as a "Vulnerability Detection". This RSPEC was classified like this in the past (2015) thanks to the tag "security". I don't see any good reason why we changed that. Also, we have an OWASP TOP 10 tag on the RSPEC replacing this one (RSPEC-2486) which is another justification to classify it as a "Vulnerability Detection".


Do you agree? 

=== on 21 Mar 2018, 19:04:23 Ann Campbell wrote:
Fine for me [~alexandre.gigleux]
Fix the comment display: rule-id, timestamp, GH visibility, link direction 2021-06-03 09:05:38 +02:00			`=== on 20 Oct 2014, 18:37:01 Ann Campbell wrote:`
Export comments and rspec-to-rspec links from jira 2021-06-02 20:44:38 +02:00			`\[~nicolas.peru] note that this rule that was originally written for ABAP has been extended for Java & an exception added for a comment in the block, making ABAP outdated.`

Fix the comment display: rule-id, timestamp, GH visibility, link direction 2021-06-03 09:05:38 +02:00			`=== on 21 Oct 2014, 15:36:55 Nicolas Peru wrote:`
Export comments and rspec-to-rspec links from jira 2021-06-02 20:44:38 +02:00			`This will be covered by \http://jira.sonarsource.com/browse/RSPEC-108`

Fix the comment display: rule-id, timestamp, GH visibility, link direction 2021-06-03 09:05:38 +02:00			`=== on 27 Feb 2015, 09:57:42 Freddy Mallet wrote:`
Export comments and rspec-to-rspec links from jira 2021-06-02 20:44:38 +02:00			`\[~ann.campbell.2], this spec should be linked to \http://cwe.mitre.org/data/definitions/391.html`

Fix the comment display: rule-id, timestamp, GH visibility, link direction 2021-06-03 09:05:38 +02:00			`=== on 21 Mar 2018, 18:09:23 Alexandre Gigleux wrote:`
Export comments and rspec-to-rspec links from jira 2021-06-02 20:44:38 +02:00			`\[~ann.campbell.2] I don't think this one should be classified as a "Bug Detection". No bug/failure will happen if you keep the code like this.`

			`I think it should be classified as a "Vulnerability Detection". This RSPEC was classified like this in the past (2015) thanks to the tag "security". I don't see any good reason why we changed that. Also, we have an OWASP TOP 10 tag on the RSPEC replacing this one (RSPEC-2486) which is another justification to classify it as a "Vulnerability Detection".`


			`Do you agree?`

Fix the comment display: rule-id, timestamp, GH visibility, link direction 2021-06-03 09:05:38 +02:00			`=== on 21 Mar 2018, 19:04:23 Ann Campbell wrote:`
Export comments and rspec-to-rspec links from jira 2021-06-02 20:44:38 +02:00			`Fine for me [~alexandre.gigleux]`