rspec/rspec-tools/rspec_tools/validation/rule-metadata-schema.json

{
  "id": "http://www.sonarsource.org/rule-schema-v1.1",
  "title": "Rule Implementation",
  "type": "object",
  "description": "we must have one of these files for each implemented rule",
  "additionalProperties": false,
  "properties": {
    "title": {
      "type": "string"
    },
    "type": {
      "type": "string",
      "enum": ["CODE_SMELL","BUG","VULNERABILITY","SECURITY_HOTSPOT"]
    },
    "status": {
      "type": "string",
      "enum": ["beta","ready","deprecated","superseded", "closed"]
    },
    "extra": {
      "type": "object",
      "properties": {
        "additionalProperties": false,
        "coveredLanguages": {
          "type": "array",
          "items": {
            "type": "string",
            "uniqueItems": true
          },
          "description": "The languages that already implement this rule"
        },
        "replacementRules": {
          "type": "array",
          "items": {
            "type": "string",
            "uniqueItems": true
          },
          "description": "The rule ids that replace this rule"
        }
      }
    },
    "remediation": {
      "type": "object",
      "oneOf": [
        {
          "additionalProperties": false,
          "properties": {
            "func": {
              "const": "Constant/Issue"
            },
            "constantCost": {
              "$ref": "#/definitions/time"
            }
          }
        }, {
          "additionalProperties": false,
          "properties": {
            "func": {
              "const": "Linear"
            },
            "linearDesc": {
              "type": "string"
            },
            "linearFactor": {
              "$ref": "#/definitions/time"
            }
          }
        }, {
          "additionalProperties": false,
          "properties": {
            "func": {
              "const": "Linear with offset"
            },
            "linearDesc": {
              "type": "string"
            },
            "linearOffset": {
              "$ref": "#/definitions/time"
            },
            "linearFactor": {
              "$ref": "#/definitions/time"
            }
          }
        }
      ]
    },
    "tags": {
      "type": "array",
      "minItems": 0,
      "items": { "type": "string" },
      "uniqueItems": true
    },
    "standards": {
      "type": "array",
      "minItems": 0,
      "items": { "type": "string" },
      "uniqueItems": true
    },
    "defaultSeverity": {
      "type": "string",
      "enum": ["Info","Minor","Major","Critical","Blocker"]
    },

    "ruleSpecification": {
      "type": "string",
      "description": "id of the RSPEC, in the form 'RSPEC-XXXX'"
    },
    "sqKey": {
      "type": "string",
      "description": "the key used to save issues on SQ. Often a legacy key"
    },
    "compatibleLanguages": {
      "type": "array",
      "minItems": 1,
      "items": { "type": "string" },
      "uniqueItems": true
    },
    "scope": {
      "type": "string",
      "enum": ["Main","Tests","All"],
      "description": "scope the rule applies to"
    },
    "template": {
      "type": "boolean"
    },
    "securityStandards": {
      "type": "object",
      "additionalProperties": false,
      "properties": {
        "CWE": {
          "type": "array",
          "minItems": 0,
          "items": { "type": "integer" },
          "uniqueItems": true
        },
        "OWASP": {
          "type": "array",
          "minItems": 0,
          "items": { "type": "string" },
          "uniqueItems": true,
          "pattern": "A([0-9]|10)"
        },
        "OWASP Mobile": {
          "type": "array",
          "minItems": 0,
          "items": { "type": "string" },
          "uniqueItems": true,
          "pattern": "M([0-9]|10)"
        },
        "PCI DSS": {
          "type": "array",
          "minItems": 0,
          "items": { "type": "string" },
          "uniqueItems": true,
          "pattern": "([0-9]{1,3}\\.?){1,3}"
        },
        "CIS": {
          "type": "array",
          "minItems": 0,
          "items": { "type": "string" },
          "uniqueItems": true,
          "pattern": "([0-9]{1,3}\\.?){1,3}"
        },
        "HIPAA": {
          "type": "array",
          "minItems": 0,
          "items": { "type": "string" },
          "uniqueItems": true,
          "pattern": "([0-9]{1,3}\\.?){2}"
        },
        "CERT": {
          "type": "array",
          "minItems": 0,
          "items": { "type": "string" },
          "uniqueItems": true,
          "pattern": "[A-Z0-9]+-[A-Z]+\\."
        },
        "MASVS": {
          "type": "array",
          "minItems": 0,
          "items": { "type": "string" },
          "uniqueItems": true,
          "pattern": "MSTG-[A-Z]+-[0-9]+"
        }
      }
    },
    "defaultQualityProfiles": {
      "type": "array",
      "items": { "type": "string"},
      "uniqueItems": true
    }
  },
  "if": {
    "properties": {"status": {"const": "closed"}}
  },
  "then": {
    "required": []
  },
  "else": {
    "if": {
      "properties": {"type": {"const": "SECURITY_HOTSPOT"}}
    },
    "then": {
      "required": ["title","type","status","tags","defaultSeverity","ruleSpecification","sqKey","scope"]
    },
    "else": {
      "required": ["title","type","status","remediation","tags","defaultSeverity","ruleSpecification","sqKey","scope"]
    }
  },
  "definitions": {
    "time": {
      "type": "string",
      "pattern": "^[ ]*[0-9]+[ ]*(mn|min|h|d)$"
    }
  }
}
Improve rules' metadata.json validation 2021-02-23 20:41:11 +01:00			`{`
			`"id": "http://www.sonarsource.org/rule-schema-v1.1",`
			`"title": "Rule Implementation",`
			`"type": "object",`
			`"description": "we must have one of these files for each implemented rule",`
RULEAPI-654: Clarify the rule creation process (#115) 2021-06-11 07:58:58 +02:00			`"additionalProperties": false,`
Improve rules' metadata.json validation 2021-02-23 20:41:11 +01:00			`"properties": {`
			`"title": {`
			`"type": "string"`
			`},`
			`"type": {`
			`"type": "string",`
			`"enum": ["CODE_SMELL","BUG","VULNERABILITY","SECURITY_HOTSPOT"]`
			`},`
			`"status": {`
			`"type": "string",`
RUELAPI-615 Ignore closed RSPEC in "validate_asciidoc" check 2021-05-25 11:00:40 +02:00			`"enum": ["beta","ready","deprecated","superseded", "closed"]`
Improve rules' metadata.json validation 2021-02-23 20:41:11 +01:00			`},`
RULEAPI-654: Clarify the rule creation process (#115) 2021-06-11 07:58:58 +02:00			`"extra": {`
			`"type": "object",`
			`"properties": {`
			`"additionalProperties": false,`
			`"coveredLanguages": {`
			`"type": "array",`
			`"items": {`
			`"type": "string",`
			`"uniqueItems": true`
			`},`
			`"description": "The languages that already implement this rule"`
			`},`
			`"replacementRules": {`
			`"type": "array",`
			`"items": {`
			`"type": "string",`
			`"uniqueItems": true`
			`},`
			`"description": "The rule ids that replace this rule"`
			`}`
			`}`
			`},`
Improve rules' metadata.json validation 2021-02-23 20:41:11 +01:00			`"remediation": {`
			`"type": "object",`
			`"oneOf": [`
			`{`
			`"additionalProperties": false,`
			`"properties": {`
			`"func": {`
			`"const": "Constant/Issue"`
			`},`
			`"constantCost": {`
			`"$ref": "#/definitions/time"`
			`}`
			`}`
			`}, {`
			`"additionalProperties": false,`
			`"properties": {`
			`"func": {`
			`"const": "Linear"`
			`},`
			`"linearDesc": {`
			`"type": "string"`
			`},`
			`"linearFactor": {`
			`"$ref": "#/definitions/time"`
			`}`
			`}`
			`}, {`
			`"additionalProperties": false,`
			`"properties": {`
			`"func": {`
			`"const": "Linear with offset"`
			`},`
			`"linearDesc": {`
			`"type": "string"`
			`},`
			`"linearOffset": {`
			`"$ref": "#/definitions/time"`
			`},`
			`"linearFactor": {`
			`"$ref": "#/definitions/time"`
			`}`
			`}`
			`}`
			`]`
			`},`
			`"tags": {`
			`"type": "array",`
			`"minItems": 0,`
			`"items": { "type": "string" },`
			`"uniqueItems": true`
			`},`
			`"standards": {`
			`"type": "array",`
			`"minItems": 0,`
			`"items": { "type": "string" },`
			`"uniqueItems": true`
			`},`
			`"defaultSeverity": {`
			`"type": "string",`
			`"enum": ["Info","Minor","Major","Critical","Blocker"]`
			`},`

			`"ruleSpecification": {`
			`"type": "string",`
			`"description": "id of the RSPEC, in the form 'RSPEC-XXXX'"`
			`},`
			`"sqKey": {`
			`"type": "string",`
			`"description": "the key used to save issues on SQ. Often a legacy key"`
			`},`
			`"compatibleLanguages": {`
			`"type": "array",`
			`"minItems": 1,`
			`"items": { "type": "string" },`
			`"uniqueItems": true`
			`},`
			`"scope": {`
			`"type": "string",`
			`"enum": ["Main","Tests","All"],`
			`"description": "scope the rule applies to"`
			`},`
			`"template": {`
			`"type": "boolean"`
			`},`
			`"securityStandards": {`
			`"type": "object",`
			`"additionalProperties": false,`
			`"properties": {`
			`"CWE": {`
			`"type": "array",`
			`"minItems": 0,`
			`"items": { "type": "integer" },`
			`"uniqueItems": true`
			`},`
			`"OWASP": {`
			`"type": "array",`
			`"minItems": 0,`
			`"items": { "type": "string" },`
			`"uniqueItems": true,`
			`"pattern": "A([0-9]\|10)"`
add owasp mobile security standard to schema validation (#94) 2021-06-07 11:20:46 +02:00			`},`
			`"OWASP Mobile": {`
			`"type": "array",`
			`"minItems": 0,`
			`"items": { "type": "string" },`
			`"uniqueItems": true,`
			`"pattern": "M([0-9]\|10)"`
add missing and future security standards (#103) 2021-06-07 19:13:19 +02:00			`},`
			`"PCI DSS": {`
			`"type": "array",`
			`"minItems": 0,`
			`"items": { "type": "string" },`
			`"uniqueItems": true,`
			`"pattern": "([0-9]{1,3}\\.?){1,3}"`
			`},`
			`"CIS": {`
			`"type": "array",`
			`"minItems": 0,`
			`"items": { "type": "string" },`
			`"uniqueItems": true,`
			`"pattern": "([0-9]{1,3}\\.?){1,3}"`
			`},`
			`"HIPAA": {`
			`"type": "array",`
			`"minItems": 0,`
			`"items": { "type": "string" },`
			`"uniqueItems": true,`
			`"pattern": "([0-9]{1,3}\\.?){2}"`
			`},`
			`"CERT": {`
			`"type": "array",`
			`"minItems": 0,`
			`"items": { "type": "string" },`
			`"uniqueItems": true,`
			`"pattern": "[A-Z0-9]+-[A-Z]+\\."`
			`},`
			`"MASVS": {`
			`"type": "array",`
			`"minItems": 0,`
			`"items": { "type": "string" },`
			`"uniqueItems": true,`
			`"pattern": "MSTG-[A-Z]+-[0-9]+"`
Improve rules' metadata.json validation 2021-02-23 20:41:11 +01:00			`}`
			`}`
RULEAPI-654: Clarify the rule creation process (#115) 2021-06-11 07:58:58 +02:00			`},`
			`"defaultQualityProfiles": {`
			`"type": "array",`
			`"items": { "type": "string"},`
			`"uniqueItems": true`
Improve rules' metadata.json validation 2021-02-23 20:41:11 +01:00			`}`
			`},`
RULEAPI-604 Make an exception for Security Hotspots in the validation schema for "remediation cost" field 2021-04-30 14:11:09 +02:00			`"if": {`
RUELAPI-615 Ignore closed RSPEC in "validate_asciidoc" check 2021-05-25 11:00:40 +02:00			`"properties": {"status": {"const": "closed"}}`
RULEAPI-604 Make an exception for Security Hotspots in the validation schema for "remediation cost" field 2021-04-30 14:11:09 +02:00			`},`
			`"then": {`
RUELAPI-615 Ignore closed RSPEC in "validate_asciidoc" check 2021-05-25 11:00:40 +02:00			`"required": []`
RULEAPI-604 Make an exception for Security Hotspots in the validation schema for "remediation cost" field 2021-04-30 14:11:09 +02:00			`},`
			`"else": {`
RUELAPI-615 Ignore closed RSPEC in "validate_asciidoc" check 2021-05-25 11:00:40 +02:00			`"if": {`
			`"properties": {"type": {"const": "SECURITY_HOTSPOT"}}`
			`},`
			`"then": {`
			`"required": ["title","type","status","tags","defaultSeverity","ruleSpecification","sqKey","scope"]`
			`},`
			`"else": {`
			`"required": ["title","type","status","remediation","tags","defaultSeverity","ruleSpecification","sqKey","scope"]`
			`}`
RULEAPI-604 Make an exception for Security Hotspots in the validation schema for "remediation cost" field 2021-04-30 14:11:09 +02:00			`},`
Improve rules' metadata.json validation 2021-02-23 20:41:11 +01:00			`"definitions": {`
			`"time": {`
			`"type": "string",`
			`"pattern": "^[ ][0-9]+[ ](mn\|min\|h\|d)$"`
			`}`
			`}`
RULEAPI-604 Make an exception for Security Hotspots in the validation schema for "remediation cost" field 2021-04-30 14:11:09 +02:00			`}`