ishangsf/rspec
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

RULEAPI-653: Add a new language identifier for secrets detection rules (#154)

Browse Source
This commit is contained in:
Pierre-Loup 2021-07-01 14:26:02 +02:00 committed by GitHub
parent 582f2720ad
commit 49aa2dcd4f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
115 changed files with 89 additions and 308 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
frontend/src/RulePage.tsx
View File

@ -66,6 +66,7 @@ const languageToJiraProject = new Map(Object.entries({
"KOTLIN": "SONARKT", "KOTLIN": "SONARKT",
"SCALA": "SONARSLANG", "SCALA": "SONARSLANG",
"GO": "SONARSLANG", "GO": "SONARSLANG",
"SECRETS": "SECRETS",
"SWIFT": "SONARSWIFT", "SWIFT": "SONARSWIFT",
"TSQL": "SONARTSQL", "TSQL": "SONARTSQL",
"VB6": "SONARVBSIX", "VB6": "SONARVBSIX",
@ -102,6 +103,7 @@ const languageToGithubProject = new Map(Object.entries({
"XML": "sonar-xml", "XML": "sonar-xml",
"CLOUDFORMATION": "sonar-iac", "CLOUDFORMATION": "sonar-iac",
"TERRAFORM": "sonar-iac", "TERRAFORM": "sonar-iac",
"SECRETS": "sonar-secrets",
})); }));
function ticketsAndImplementationPRsLinks(ruleNumber: string, title: string, language?: string) { function ticketsAndImplementationPRsLinks(ruleNumber: string, title: string, language?: string) {

1
frontend/src/utils/useRuleCoverage.ts
View File

@ -26,6 +26,7 @@ export function useRuleCoverage() {
'plsql': ['PLSQL'], 'plsql': ['PLSQL'],
'python': ['PY'], 'python': ['PY'],
'rpg': ['RPG'], 'rpg': ['RPG'],
'secrets': ['SECRETS'],
'swift': ['SWIFT'], 'swift': ['SWIFT'],
'tsql': ['TSQL'], 'tsql': ['TSQL'],
'vb6': ['VB'], 'vb6': ['VB'],

1
rspec-tools/rspec_tools/utils.py
View File

@ -23,6 +23,7 @@ LANG_TO_LABEL = {'abap': 'abap',
'ruby': 'slang', 'ruby': 'slang',
'rust': 'rust', 'rust': 'rust',
'scala': 'slang', 'scala': 'slang',
'secrets': 'secrets',
'solidity': 'solidity', 'solidity': 'solidity',
'swift': 'swift', 'swift': 'swift',
'tsql': 'tsql', 'tsql': 'tsql',

2
rule_coverage/coverage.py
View File

@ -6,7 +6,7 @@ from git import Repo
from git import Git from git import Git
from pathlib import Path from pathlib import Path
repos=['sonar-abap','sonar-cpp','sonar-cobol','sonar-dotnet','sonar-css','sonar-flex','slang-enterprise','sonar-java','SonarJS','sonar-php','sonar-pli','sonar-plsql','sonar-python','sonar-rpg','sonar-swift','sonar-tsql','sonar-vb','sonar-html','sonar-xml','sonar-kotlin'] repos=['sonar-abap','sonar-cpp','sonar-cobol','sonar-dotnet','sonar-css','sonar-flex','slang-enterprise','sonar-java','SonarJS','sonar-php','sonar-pli','sonar-plsql','sonar-python','sonar-rpg','sonar-swift','sonar-tsql','sonar-vb','sonar-html','sonar-xml','sonar-kotlin', 'sonar-secrets']
#repos=['sonar-php','sonar-pli','sonar-plsql','sonar-python','sonar-rpg','sonar-swift','sonar-tsql','sonar-vb','sonar-html','sonar-xml'] #repos=['sonar-php','sonar-pli','sonar-plsql','sonar-python','sonar-rpg','sonar-swift','sonar-tsql','sonar-vb','sonar-html','sonar-xml']
def load_json(file): def load_json(file):

3
rules/S6290/abap/metadata.json
View File

@ -1,3 +0,0 @@
{
}

1
rules/S6290/abap/rule.adoc
View File

@ -1 +0,0 @@
include::../rule.adoc[]

3
rules/S6290/apex/metadata.json
View File

@ -1,3 +0,0 @@
{
}

1
rules/S6290/apex/rule.adoc
View File

@ -1 +0,0 @@
include::../rule.adoc[]

8
rules/S6290/cfamily/metadata.json
View File

@ -1,8 +0,0 @@
{
"tags": [
"cwe",
"cert",
"sans-top25-porous",
"owasp-a2"
]
}

1
rules/S6290/cfamily/rule.adoc
View File

@ -1 +0,0 @@
include::../rule.adoc[]

3
rules/S6290/cobol/metadata.json
View File

@ -1,3 +0,0 @@
{
}

1
rules/S6290/cobol/rule.adoc
View File

@ -1 +0,0 @@
include::../rule.adoc[]

3
rules/S6290/csharp/metadata.json
View File

@ -1,3 +0,0 @@
{
}

1
rules/S6290/csharp/rule.adoc
View File

@ -1 +0,0 @@
include::../rule.adoc[]

3
rules/S6290/css/metadata.json
View File

@ -1,3 +0,0 @@
{
}

1
rules/S6290/css/rule.adoc
View File

@ -1 +0,0 @@
include::../rule.adoc[]

3
rules/S6290/flex/metadata.json
View File

@ -1,3 +0,0 @@
{
}

1
rules/S6290/flex/rule.adoc
View File

@ -1 +0,0 @@
include::../rule.adoc[]

3
rules/S6290/go/metadata.json
View File

@ -1,3 +0,0 @@
{
}

1
rules/S6290/go/rule.adoc
View File

@ -1 +0,0 @@
include::../rule.adoc[]

3
rules/S6290/html/metadata.json
View File

@ -1,3 +0,0 @@
{
}

1
rules/S6290/html/rule.adoc
View File

@ -1 +0,0 @@
include::../rule.adoc[]

8
rules/S6290/java/metadata.json
View File

@ -1,8 +0,0 @@
{
"tags": [
"cwe",
"cert",
"sans-top25-porous",
"owasp-a2"
]
}

1
rules/S6290/java/rule.adoc
View File

@ -1 +0,0 @@
include::../rule.adoc[]

3
rules/S6290/javascript/metadata.json
View File

@ -1,3 +0,0 @@
{
}

1
rules/S6290/javascript/rule.adoc
View File

@ -1 +0,0 @@
include::../rule.adoc[]

3
rules/S6290/kotlin/metadata.json
View File

@ -1,3 +0,0 @@
{
}

1
rules/S6290/kotlin/rule.adoc
View File

@ -1 +0,0 @@
include::../rule.adoc[]

39
rules/S6290/metadata.json
View File

@ -1,41 +1,2 @@
{ {
"title": "Amazon Web Services credentials should not be disclosed",
"type": "VULNERABILITY",
"status": "ready",
"remediation": {
"func": "Constant\/Issue",
"constantCost": "30min"
},
"tags": [
"cwe",
"sans-top25-porous",
"owasp-a2"
],
"extra": {
"coveredLanguages": [
],
"replacementRules": [
]
},
"defaultSeverity": "Blocker",
"ruleSpecification": "RSPEC-6290",
"sqKey": "S6290",
"scope": "All",
"securityStandards": {
"CWE": [
798,
259
],
"OWASP": [
"A2"
],
"CERT": [
"MSC03-J."
]
},
"defaultQualityProfiles": [
"Sonar way"
]
} }

3
rules/S6290/php/metadata.json
View File

@ -1,3 +0,0 @@
{
}

1
rules/S6290/php/rule.adoc
View File

@ -1 +0,0 @@
include::../rule.adoc[]

3
rules/S6290/pli/metadata.json
View File

@ -1,3 +0,0 @@
{
}

1
rules/S6290/pli/rule.adoc
View File

@ -1 +0,0 @@
include::../rule.adoc[]

3
rules/S6290/plsql/metadata.json
View File

@ -1,3 +0,0 @@
{
}

1
rules/S6290/plsql/rule.adoc
View File

@ -1 +0,0 @@
include::../rule.adoc[]

3
rules/S6290/python/metadata.json
View File

@ -1,3 +0,0 @@
{
}

1
rules/S6290/python/rule.adoc
View File

@ -1 +0,0 @@
include::../rule.adoc[]

3
rules/S6290/rpg/metadata.json
View File

@ -1,3 +0,0 @@
{
}

1
rules/S6290/rpg/rule.adoc
View File

@ -1 +0,0 @@
include::../rule.adoc[]

3
rules/S6290/ruby/metadata.json
View File

@ -1,3 +0,0 @@
{
}

1
rules/S6290/ruby/rule.adoc
View File

@ -1 +0,0 @@
include::../rule.adoc[]

3
rules/S6290/rust/metadata.json
View File

@ -1,3 +0,0 @@
{
}

1
rules/S6290/rust/rule.adoc
View File

@ -1 +0,0 @@
include::../rule.adoc[]

3
rules/S6290/scala/metadata.json
View File

@ -1,3 +0,0 @@
{
}

1
rules/S6290/scala/rule.adoc
View File

@ -1 +0,0 @@
include::../rule.adoc[]

42
rules/S6290/secrets/metadata.json Normal file
View File

@ -0,0 +1,42 @@
{
"title": "Amazon Web Services credentials should not be disclosed",
"type": "VULNERABILITY",
"status": "ready",
"remediation": {
"func": "Constant\/Issue",
"constantCost": "30min"
},
"tags": [
"cwe",
"sans-top25-porous",
"owasp-a2"
],
"extra": {
"coveredLanguages": [
],
"replacementRules": [
]
},
"defaultSeverity": "Blocker",
"ruleSpecification": "RSPEC-6290",
"sqKey": "S6290",
"scope": "All",
"securityStandards": {
"CWE": [
798,
259
],
"OWASP": [
"A2"
],
"CERT": [
"MSC03-J."
]
},
"defaultQualityProfiles": [
"Sonar way"
]
}

0
rules/S6290/rule.adoc → rules/S6290/secrets/rule.adoc
View File

3
rules/S6290/solidity/metadata.json
View File

@ -1,3 +0,0 @@
{
}

1
rules/S6290/solidity/rule.adoc
View File

@ -1 +0,0 @@
include::../rule.adoc[]

3
rules/S6290/swift/metadata.json
View File

@ -1,3 +0,0 @@
{
}

1
rules/S6290/swift/rule.adoc
View File

@ -1 +0,0 @@
include::../rule.adoc[]

3
rules/S6290/tsql/metadata.json
View File

@ -1,3 +0,0 @@
{
}

1
rules/S6290/tsql/rule.adoc
View File

@ -1 +0,0 @@
include::../rule.adoc[]

3
rules/S6290/vb6/metadata.json
View File

@ -1,3 +0,0 @@
{
}

1
rules/S6290/vb6/rule.adoc
View File

@ -1 +0,0 @@
include::../rule.adoc[]

3
rules/S6290/vbnet/metadata.json
View File

@ -1,3 +0,0 @@
{
}

1
rules/S6290/vbnet/rule.adoc
View File

@ -1 +0,0 @@
include::../rule.adoc[]

3
rules/S6290/xml/metadata.json
View File

@ -1,3 +0,0 @@
{
}

1
rules/S6290/xml/rule.adoc
View File

@ -1 +0,0 @@
include::../rule.adoc[]

3
rules/S6292/abap/metadata.json
View File

@ -1,3 +0,0 @@
{
}

1
rules/S6292/abap/rule.adoc
View File

@ -1 +0,0 @@
include::../rule.adoc[]

3
rules/S6292/apex/metadata.json
View File

@ -1,3 +0,0 @@
{
}

1
rules/S6292/apex/rule.adoc
View File

@ -1 +0,0 @@
include::../rule.adoc[]

8
rules/S6292/cfamily/metadata.json
View File

@ -1,8 +0,0 @@
{
"tags": [
"cwe",
"cert",
"sans-top25-porous",
"owasp-a2"
]
}

1
rules/S6292/cfamily/rule.adoc
View File

@ -1 +0,0 @@
include::../rule.adoc[]

3
rules/S6292/cobol/metadata.json
View File

@ -1,3 +0,0 @@
{
}

1
rules/S6292/cobol/rule.adoc
View File

@ -1 +0,0 @@
include::../rule.adoc[]

3
rules/S6292/csharp/metadata.json
View File

@ -1,3 +0,0 @@
{
}

1
rules/S6292/csharp/rule.adoc
View File

@ -1 +0,0 @@
include::../rule.adoc[]

3
rules/S6292/css/metadata.json
View File

@ -1,3 +0,0 @@
{
}

1
rules/S6292/css/rule.adoc
View File

@ -1 +0,0 @@
include::../rule.adoc[]

3
rules/S6292/flex/metadata.json
View File

@ -1,3 +0,0 @@
{
}

1
rules/S6292/flex/rule.adoc
View File

@ -1 +0,0 @@
include::../rule.adoc[]

3
rules/S6292/go/metadata.json
View File

@ -1,3 +0,0 @@
{
}

1
rules/S6292/go/rule.adoc
View File

@ -1 +0,0 @@
include::../rule.adoc[]

3
rules/S6292/html/metadata.json
View File

@ -1,3 +0,0 @@
{
}

1
rules/S6292/html/rule.adoc
View File

@ -1 +0,0 @@
include::../rule.adoc[]

8
rules/S6292/java/metadata.json
View File

@ -1,8 +0,0 @@
{
"tags": [
"cwe",
"cert",
"sans-top25-porous",
"owasp-a2"
]
}

1
rules/S6292/java/rule.adoc
View File

@ -1 +0,0 @@
include::../rule.adoc[]

3
rules/S6292/javascript/metadata.json
View File

@ -1,3 +0,0 @@
{
}

1
rules/S6292/javascript/rule.adoc
View File

@ -1 +0,0 @@
include::../rule.adoc[]

3
rules/S6292/kotlin/metadata.json
View File

@ -1,3 +0,0 @@
{
}

1
rules/S6292/kotlin/rule.adoc
View File

@ -1 +0,0 @@
include::../rule.adoc[]

39
rules/S6292/metadata.json
View File

@ -1,41 +1,2 @@
{ {
"title": "Amazon MWS credentials should not be disclosed",
"type": "VULNERABILITY",
"status": "ready",
"remediation": {
"func": "Constant\/Issue",
"constantCost": "30min"
},
"tags": [
"cwe",
"sans-top25-porous",
"owasp-a2"
],
"extra": {
"coveredLanguages": [
],
"replacementRules": [
]
},
"defaultSeverity": "Blocker",
"ruleSpecification": "RSPEC-6292",
"sqKey": "S6292",
"scope": "All",
"securityStandards": {
"CWE": [
798,
259
],
"OWASP": [
"A2"
],
"CERT": [
"MSC03-J."
]
},
"defaultQualityProfiles": [
"Sonar way"
]
} }

3
rules/S6292/php/metadata.json
View File

@ -1,3 +0,0 @@
{
}

1
rules/S6292/php/rule.adoc
View File

@ -1 +0,0 @@
include::../rule.adoc[]

3
rules/S6292/pli/metadata.json
View File

@ -1,3 +0,0 @@
{
}

1
rules/S6292/pli/rule.adoc
View File

@ -1 +0,0 @@
include::../rule.adoc[]

3
rules/S6292/plsql/metadata.json
View File

@ -1,3 +0,0 @@
{
}

1
rules/S6292/plsql/rule.adoc
View File

@ -1 +0,0 @@
include::../rule.adoc[]

3
rules/S6292/python/metadata.json
View File

@ -1,3 +0,0 @@
{
}

1
rules/S6292/python/rule.adoc
View File

@ -1 +0,0 @@
include::../rule.adoc[]

3
rules/S6292/rpg/metadata.json
View File

@ -1,3 +0,0 @@
{
}

1
rules/S6292/rpg/rule.adoc
View File

@ -1 +0,0 @@
include::../rule.adoc[]

3
rules/S6292/ruby/metadata.json
View File

@ -1,3 +0,0 @@
{
}

1
rules/S6292/ruby/rule.adoc
View File

@ -1 +0,0 @@
include::../rule.adoc[]

3
rules/S6292/rust/metadata.json
View File

@ -1,3 +0,0 @@
{
}

1
rules/S6292/rust/rule.adoc
View File

@ -1 +0,0 @@
include::../rule.adoc[]

3
rules/S6292/scala/metadata.json
View File

@ -1,3 +0,0 @@
{
}

1
rules/S6292/scala/rule.adoc
View File

@ -1 +0,0 @@
include::../rule.adoc[]

Some files were not shown because too many files have changed in this diff Show More