Education text Fix (#1338)

2022-10-18 16:03:10 +02:00 · 2022-10-18 16:03:10 +02:00 · e52b9671b2
commit e52b9671b2
parent c3d1c0251d
48 changed files with 67 additions and 71 deletions
--- a/rules/S2076/csharp/how-to-fix-it/dotnet.adoc
+++ b/rules/S2076/csharp/how-to-fix-it/dotnet.adoc
@ -2,7 +2,7 @@
 include::../../common/fix/code-rationale.adoc[]
-==== Non-compliant code example
+==== Noncompliant code example
 [source,csharp,diff-id=1,diff-type=noncompliant]
 ----
--- a/rules/S2076/java/how-to-fix-it/apache-commons.adoc
+++ b/rules/S2076/java/how-to-fix-it/apache-commons.adoc
@ -2,7 +2,7 @@
 include::../../common/fix/code-rationale.adoc[]
-==== Non-compliant code example
+==== Noncompliant code example
 [source,java,diff-id=1,diff-type=noncompliant]
 ----
--- a/rules/S2076/java/how-to-fix-it/java-se.adoc
+++ b/rules/S2076/java/how-to-fix-it/java-se.adoc
@ -2,7 +2,7 @@
 include::../../common/fix/code-rationale.adoc[]
-==== Non-compliant code example
+==== Noncompliant code example
 [source,java,diff-id=1,diff-type=noncompliant]
 ----
--- a/rules/S2078/csharp/how-to-fix-it/dotnet.adoc
+++ b/rules/S2078/csharp/how-to-fix-it/dotnet.adoc
@ -1,9 +1,9 @@
 === How to fix it in .NET
-The following non-compliant code is vulnerable to LDAP injections because untrusted data is
+The following noncompliant code is vulnerable to LDAP injections because untrusted data is
 concatenated in an LDAP query without prior validation.
-==== Non-compliant code example
+==== Noncompliant code example
 [source,csharp,diff-id=1,diff-type=noncompliant]
 ----
--- a/rules/S2078/java/how-to-fix-it/java-se.adoc
+++ b/rules/S2078/java/how-to-fix-it/java-se.adoc
@ -1,9 +1,9 @@
 === How to fix it in Java SE
-The following non-compliant code is vulnerable to LDAP injections because untrusted data is
+The following noncompliant code is vulnerable to LDAP injections because untrusted data is
 concatenated to an LDAP query without prior sanitization or validation.
-==== Non-compliant code example
+==== Noncompliant code example
 [source,java,diff-id=1,diff-type=noncompliant]
 ----
--- a/rules/S2083/csharp/how-to-fix-it/dotnet.adoc
+++ b/rules/S2083/csharp/how-to-fix-it/dotnet.adoc
@ -3,13 +3,13 @@
 :canonicalization_function: System.IO.Path.GetFullPath
 include::../../common/fix/code-rationale.adoc[]
-==== Non-compliant code example
+==== Noncompliant code example
 [source,csharp,diff-id=1,diff-type=noncompliant]
 ----
 public class ExampleController : Controller
 {
-    private static string TargetDirectory;
+    private static string TargetDirectory = "/path/to/target/directory/";
    public void Example(string filename)
    {
--- a/rules/S2083/java/how-to-fix-it/java-se.adoc
+++ b/rules/S2083/java/how-to-fix-it/java-se.adoc
@ -3,7 +3,7 @@
 :canonicalization_function: java.io.File.getCanonicalPath
 include::../../common/fix/code-rationale.adoc[]
-==== Non-compliant code example
+==== Noncompliant code example
 [source,java,diff-id=1,diff-type=noncompliant]
 ----
--- a/rules/S2091/csharp/how-to-fix-it/dotnet.adoc
+++ b/rules/S2091/csharp/how-to-fix-it/dotnet.adoc
@ -2,7 +2,7 @@
 The following code is vulnerable to XPath injections because untrusted data is
 concatenated in an XPath query without prior validation.
-==== Non-compliant code example
+==== Noncompliant code example
 [source,csharp,diff-id=1,diff-type=noncompliant]
 ----
@ -17,7 +17,6 @@ public class ExampleController : Controller
        return Json(doc.SelectSingleNode(expression) != null);
    }
 }
 ----
--- a/rules/S2091/java/how-to-fix-it/java-se.adoc
+++ b/rules/S2091/java/how-to-fix-it/java-se.adoc
@ -1,9 +1,9 @@
 === How to fix it in Java SE
-The following non-compliant code is vulnerable to XPath injections because untrusted data is
+The following noncompliant code is vulnerable to XPath injections because untrusted data is
 concatenated to an XPath query without prior validation.
-==== Non-compliant code example
+==== Noncompliant code example
 [source,java,diff-id=1,diff-type=noncompliant]
 ----
--- a/rules/S2631/csharp/how-to-fix-it/dotnet.adoc
+++ b/rules/S2631/csharp/how-to-fix-it/dotnet.adoc
@ -1,10 +1,10 @@
 === How to fix it in .NET
-The following non-compliant code is vulnerable to Regex Denial of Service
+The following noncompliant code is vulnerable to Regex Denial of Service
 because untrusted data is used as a regex to scan a string without prior
 sanitization or validation.
-==== Non-compliant code example
+==== Noncompliant code example
 [source,csharp,diff-id=1,diff-type=noncompliant]
 ----
--- a/rules/S2631/java/how-to-fix-it/java-se.adoc
+++ b/rules/S2631/java/how-to-fix-it/java-se.adoc
@ -1,10 +1,10 @@
 === How to fix it in Java SE
-The following non-compliant code is vulnerable to Regex Denial of Service
+The following noncompliant code is vulnerable to Regex Denial of Service
 because untrusted data is used as a regex to scan a string without prior
 sanitization or validation.
-==== Non-compliant code example
+==== Noncompliant code example
 [source,java,diff-id=1,diff-type=noncompliant]
 ----
--- a/rules/S3649/csharp/how-to-fix-it/dapper.adoc
+++ b/rules/S3649/csharp/how-to-fix-it/dapper.adoc
@ -2,7 +2,7 @@
 include::../../common/fix/code-rationale.adoc[]
-==== Non-compliant code example
+==== Noncompliant code example
 [source,csharp,diff-id=1,diff-type=noncompliant]
 ----
--- a/rules/S3649/csharp/how-to-fix-it/entity-framework.adoc
+++ b/rules/S3649/csharp/how-to-fix-it/entity-framework.adoc
@ -2,7 +2,7 @@
 include::../../common/fix/code-rationale.adoc[]
-==== Non-compliant code example
+==== Noncompliant code example
 [source,csharp,diff-id=1,diff-type=noncompliant]
 ----
--- a/rules/S3649/java/how-to-fix-it/hibernate.adoc
+++ b/rules/S3649/java/how-to-fix-it/hibernate.adoc
@ -2,7 +2,7 @@
 include::../../common/fix/code-rationale.adoc[]
-==== Non-compliant code example
+==== Noncompliant code example
 [source,java,diff-id=1,diff-type=noncompliant]
 ----
--- a/rules/S3649/java/how-to-fix-it/java-se.adoc
+++ b/rules/S3649/java/how-to-fix-it/java-se.adoc
@ -2,7 +2,7 @@
 include::../../common/fix/code-rationale.adoc[]
-==== Non-compliant code example
+==== Noncompliant code example
 [source,java,diff-id=1,diff-type=noncompliant]
 ----
--- a/rules/S3649/java/how-to-fix-it/spring-jdbc.adoc
+++ b/rules/S3649/java/how-to-fix-it/spring-jdbc.adoc
@ -2,7 +2,7 @@
 include::../../common/fix/code-rationale.adoc[]
-==== Non-compliant code example
+==== Noncompliant code example
 [source,java,diff-id=1,diff-type=noncompliant]
 ----
--- a/rules/S5131/csharp/how-to-fix-it/asp.net.adoc
+++ b/rules/S5131/csharp/how-to-fix-it/asp.net.adoc
@ -1,6 +1,6 @@
 === How to fix it in ASP.NET
-==== Non-compliant code example
+==== Noncompliant code example
 [source,csharp,diff-id=1,diff-type=noncompliant]
 ----
@ -29,7 +29,6 @@ public class HelloController : Controller
 {
    [HttpGet]
    public void Hello(string name, HttpResponse response)
    {
        string html = "<h1>Hello"+ HttpUtility.HtmlEncode(name) +"</h1>"
        response.Write(html);
--- a/rules/S5131/csharp/how-to-fix-it/razor.adoc
+++ b/rules/S5131/csharp/how-to-fix-it/razor.adoc
@ -3,7 +3,7 @@
 The following code is vulnerable to cross-site scripting because auto-escaping of special HTML characters has been disabled.
 The recommended way to fix this code is to move the HTML content to the template and to only inject the dynamic value. Therefore, it is not necessary to disable auto-escaping.
-==== Non-compliant code example
+==== Noncompliant code example
 [source,csharp,diff-id=1,diff-type=noncompliant]
 ----
--- a/rules/S5131/java/how-to-fix-it/jsp.adoc
+++ b/rules/S5131/java/how-to-fix-it/jsp.adoc
@ -4,7 +4,7 @@ The following code is vulnerable to cross-site scripting because JSP does not au
 User input embedded in HTML code should be HTML-encoded to prevent the injection of additional code. This can be done with the https://owasp.org/www-project-java-encoder/[OWASP Java Encoder] or similar libraries.
-==== Non-compliant code example
+==== Noncompliant code example
 [source,html,diff-id=1,diff-type=noncompliant]
 ----
--- a/rules/S5131/java/how-to-fix-it/servlet.adoc
+++ b/rules/S5131/java/how-to-fix-it/servlet.adoc
@ -5,7 +5,7 @@ The following code is vulnerable to cross-site scripting because it returns an H
 Third-party data, such as user input, is not to be trusted.
 If embedded in HTML code, it should be HTML-encoded to prevent the injection of additional code. This can be done with the https://owasp.org/www-project-java-encoder/[OWASP Java Encoder] or similar libraries.
-==== Non-compliant code example
+==== Noncompliant code example
 [source,java,diff-id=1,diff-type=noncompliant]
 ----
@ -37,7 +37,7 @@ If you do not intend to send HTML code to clients, the vulnerability can be fixe
 For example, setting the content-type to `text/plain` with the `setContentType` function allows to safely reflect user input because browsers will not try to parse and execute the response.
-==== Non-compliant code example
+==== Noncompliant code example
 [source,java,diff-id=2,diff-type=noncompliant]
 ----
--- a/rules/S5131/java/how-to-fix-it/spring.adoc
+++ b/rules/S5131/java/how-to-fix-it/spring.adoc
@ -5,7 +5,7 @@ The following code is vulnerable to cross-site scripting because it returns an H
 If you do not intend to send HTML code to clients, the vulnerability can be fixed by specifying the type of data returned in the response.
 For example, you can use the `produces` property of the `GetMapping` annotation.
-==== Non-compliant code example
+==== Noncompliant code example
 [source,java,diff-id=1,diff-type=noncompliant]
 ----
--- a/rules/S5131/java/how-to-fix-it/thymeleaf.adoc
+++ b/rules/S5131/java/how-to-fix-it/thymeleaf.adoc
@ -4,7 +4,7 @@ The following code is vulnerable to cross-site scripting.
 User input embedded in HTML code should be HTML-encoded to prevent the injection of additional code.
-==== Non-compliant code example
+==== Noncompliant code example
 [source,html,diff-id=1,diff-type=noncompliant]
 ----
--- a/rules/S5131/javascript/how-to-fix-it/expressjs.adoc
+++ b/rules/S5131/javascript/how-to-fix-it/expressjs.adoc
@ -5,7 +5,7 @@ The following code is vulnerable to cross-site scripting because it returns an H
 If you do not intend to send HTML code to clients, the vulnerability can be fixed by specifying the type of data returned in the response.
 For example, you can use the `JsonResponse` class to safely return JSON messages.
-==== Non-compliant code example
+==== Noncompliant code example
 [source,javascript,diff-id=1,diff-type=noncompliant]
 ----
@ -26,7 +26,7 @@ function (req, res) {
 It is also possible to set the content-type header manually using the `content_type` parameter when creating an `HttpResponse` object.
-==== Non-compliant code example
+==== Noncompliant code example
 [source,javascript,diff-id=2,diff-type=noncompliant]
 ----
--- a/rules/S5131/php/how-to-fix-it/core.adoc
+++ b/rules/S5131/php/how-to-fix-it/core.adoc
@ -5,7 +5,7 @@ The following code is vulnerable to cross-site scripting because it returns an H
 User input embedded in HTML code should be HTML-encoded to prevent the injection of additional code.
 PHP provides the built-in function `htmlspecialchars` to do this.
-==== Non-compliant code example
+==== Noncompliant code example
 [source,php,diff-id=1,diff-type=noncompliant]
 ----
@ -23,7 +23,7 @@ If you do not intend to send HTML code to clients, the vulnerability can be fixe
 For example, setting the content-type to `text/plain` using the built-in `header` function allows to safely reflect user input since browsers will not try to parse and execute the response.
-==== Non-compliant code example
+==== Noncompliant code example
 [source,php,diff-id=2,diff-type=noncompliant]
 ----
@ -52,7 +52,7 @@ By default, `htmlspecialchars` does not encode single quotes, so if `++$input++`
 Make sure to set the option `ENT_QUOTES` to encode single quotes.
-===== Non-compliant code example
+===== Noncompliant code example
 [source,php,diff-id=3,diff-type=noncompliant]
 ----
@ -72,7 +72,7 @@ If the HTTP body is sent before `header` is called, no headers will be sent to t
 To fix this issue, send the headers before any output.
-===== Non-compliant code example
+===== Noncompliant code example
 [source,php,diff-id=4,diff-type=noncompliant]
 ----
--- a/rules/S5131/php/how-to-fix-it/laravel.adoc
+++ b/rules/S5131/php/how-to-fix-it/laravel.adoc
@ -5,7 +5,7 @@ The following code is vulnerable to cross-site scripting because it returns an H
 If you do not intend to send HTML code to clients, the vulnerability can be fixed by specifying the type of data returned in the response.
 For example, you can use the `json` method of the `Response` class to safely return JSON messages.
-==== Non-compliant code example
+==== Noncompliant code example
 [source,php,diff-id=1,diff-type=noncompliant]
 ----
@ -21,7 +21,7 @@ $response = response()->json(['data' => $input]);
 It is also possible to set the content-type header manually using the `header` method of the `Response` class.
-==== Non-compliant code example
+==== Noncompliant code example
 [source,php,diff-id=2,diff-type=noncompliant]
 ----
--- a/rules/S5131/php/how-to-fix-it/symfony.adoc
+++ b/rules/S5131/php/how-to-fix-it/symfony.adoc
@ -5,7 +5,7 @@ The following code is vulnerable to cross-site scripting because it returns an H
 If you do not intend to send HTML code to clients, the vulnerability can be fixed by specifying the type of data returned in the response.
 For example, you can use the class `JsonResponse` to return JSON messages safely.
-==== Non-compliant code example
+==== Noncompliant code example
 [source,php,diff-id=1,diff-type=noncompliant]
 ----
@ -26,7 +26,7 @@ $response = new JsonResponse(['data' => $input]);
 It is also possible to set the content-type manually using the `headers` attribute.
-==== Non-compliant code example
+==== Noncompliant code example
 [source,php,diff-id=2,diff-type=noncompliant]
 ----
--- a/rules/S5131/python/how-to-fix-it/django.adoc
+++ b/rules/S5131/python/how-to-fix-it/django.adoc
@ -5,7 +5,7 @@ The following code is vulnerable to cross-site scripting because it returns an H
 If you do not intend to send HTML code to clients, the vulnerability can be fixed by specifying the type of data returned in the response.
 For example, you can use the `JsonResponse` class to return JSON messages securely.
-==== Non-compliant code example
+==== Noncompliant code example
 [source,python,diff-id=1,diff-type=noncompliant]
 ----
@ -30,7 +30,7 @@ def index(request):
 It is also possible to set the content-type manually with the `content_type` parameter when creating an `HttpResponse` object.
-==== Non-compliant code example
+==== Noncompliant code example
 [source,python,diff-id=2,diff-type=noncompliant]
 ----
--- a/rules/S5131/python/how-to-fix-it/dtl.adoc
+++ b/rules/S5131/python/how-to-fix-it/dtl.adoc
@ -2,7 +2,7 @@
 The following code is vulnerable to cross-site scripting because auto-escaping of special HTML characters has been disabled. The recommended way to fix this code is to move the HTML content to the template and to only inject the dynamic value. Therefore, it is not necessary to disable auto-escaping.
-==== Non-compliant code example
+==== Noncompliant code example
 [source,python,diff-id=1,diff-type=noncompliant]
 ----
@ -51,7 +51,7 @@ Django template auto-escaping only takes care of HTML entity encoding. It does n
 Auto-escaping can also be disabled at the application level and introduce XSS vulnerabilities even if `++{% autoescape false %}++` or `++|safe++` are not used.
-==== Non-compliant code example
+==== Noncompliant code example
 [source,python,diff-id=3,diff-type=noncompliant]
 ----
@ -92,7 +92,7 @@ In such a case it is better to add the value to an attribute.
 Another option is to use the `++json_script++` filter to insert a data structure that can then be accessed through the JavaScript code.
-===== Non-compliant code example
+===== Noncompliant code example
 [source,html,diff-id=4,diff-type=noncompliant]
 ----
--- a/rules/S5131/python/how-to-fix-it/flask.adoc
+++ b/rules/S5131/python/how-to-fix-it/flask.adoc
@ -5,7 +5,7 @@ The following code is vulnerable to cross-site scripting because it returns an H
 If you do not intend to send HTML code to clients, the vulnerability can be fixed by specifying the type of data returned in the response.
 For example, you can use the `jsonify` class to return JSON messages safely.
-==== Non-compliant code example
+==== Noncompliant code example
 [source,python,diff-id=1,diff-type=noncompliant]
 ----
@ -31,7 +31,7 @@ def index():
 It is also possible to set the content-type manually with the `mimetype` parameter when calling the `make_response` function.
-==== Non-compliant code example
+==== Noncompliant code example
 [source,python,diff-id=2,diff-type=noncompliant]
 ----
--- a/rules/S5131/python/how-to-fix-it/jinja.adoc
+++ b/rules/S5131/python/how-to-fix-it/jinja.adoc
@ -3,7 +3,7 @@
 The following code is vulnerable to cross-site scripting because auto-escaping of special HTML characters has been disabled.
 The recommended way to fix this code is to move the HTML content to the template and to only inject the dynamic value. Therefore, it is not necessary to disable auto-escaping.
-==== Non-compliant code example
+==== Noncompliant code example
 [source,python,diff-id=1,diff-type=noncompliant]
 ----
@ -56,7 +56,7 @@ Although auto-escaping drastically decreases the chance of introducing cross-sit
 Injecting user-controlled values inside a ``++script++`` is dangerous. In such a case, the best practice is to add the value to an attribute.
 Another option is to use the ``++tojson++`` filter to insert a data structure in the JavaScript code at render time.
-===== Non-compliant code example
+===== Noncompliant code example
 [source,html,diff-id=3,diff-type=noncompliant]
 ----
--- a/rules/S5135/csharp/how-to-fix-it/dotnet.adoc
+++ b/rules/S5135/csharp/how-to-fix-it/dotnet.adoc
@ -3,7 +3,7 @@
 The following code is vulnerable to deserialization attacks because it
 deserializes HTTP data without validating it first.
-==== Non-compliant code example
+==== Noncompliant code example
 [source,csharp,diff-id=1,diff-type=noncompliant]
 ----
--- a/rules/S5135/java/how-to-fix-it/java-se.adoc
+++ b/rules/S5135/java/how-to-fix-it/java-se.adoc
@ -3,7 +3,7 @@
 The following code is vulnerable to deserialization attacks because it
 deserializes HTTP data without validating it first.
-==== Non-compliant code example
+==== Noncompliant code example
 [source,java,diff-id=1,diff-type=noncompliant]
 ----
--- a/rules/S5144/csharp/how-to-fix-it/dotnet.adoc
+++ b/rules/S5144/csharp/how-to-fix-it/dotnet.adoc
@ -2,7 +2,7 @@
 include::../../common/fix/code-rationale.adoc[]
-==== Non-compliant code example
+==== Noncompliant code example
 [source,csharp,diff-id=1,diff-type=noncompliant]
 ----
@ -34,7 +34,6 @@ public class ExampleController : Controller
    [HttpGet]
    public IActionResult ImageFetch(string location)
    {
        Uri uri = new Uri(location);
--- a/rules/S5144/java/how-to-fix-it/java-se.adoc
+++ b/rules/S5144/java/how-to-fix-it/java-se.adoc
@ -2,7 +2,7 @@
 include::../../common/fix/code-rationale.adoc[]
-==== Non-compliant code example
+==== Noncompliant code example
 [source,java,diff-id=1,diff-type=noncompliant]
 ----
--- a/rules/S5145/csharp/how-to-fix-it/dotnet.adoc
+++ b/rules/S5145/csharp/how-to-fix-it/dotnet.adoc
@ -2,7 +2,7 @@
 include::../../common/fix/code-rationale.adoc[]
-==== Non-compliant code example
+==== Noncompliant code example
 [source,csharp,diff-id=1,diff-type=noncompliant]
 ----
--- a/rules/S5145/java/how-to-fix-it/java-se.adoc
+++ b/rules/S5145/java/how-to-fix-it/java-se.adoc
@ -2,7 +2,7 @@
 include::../../common/fix/code-rationale.adoc[]
-==== Non-compliant code example
+==== Noncompliant code example
 [source,java,diff-id=1,diff-type=noncompliant]
 ----
--- a/rules/S5146/csharp/how-to-fix-it/dotnet.adoc
+++ b/rules/S5146/csharp/how-to-fix-it/dotnet.adoc
@ -2,7 +2,7 @@
 include::../../common/fix/code-rationale.adoc[]
-==== Non-compliant code example
+==== Noncompliant code example
 [source,csharp,diff-id=1,diff-type=noncompliant]
 ----
@ -32,7 +32,6 @@ public class ExampleController : Controller
    [HttpGet]
    public void Redirect(string url)
    {
        if (allowedUrls.Contains(url))
        {
--- a/rules/S5146/java/how-to-fix-it/java-se.adoc
+++ b/rules/S5146/java/how-to-fix-it/java-se.adoc
@ -2,7 +2,7 @@
 include::../../common/fix/code-rationale.adoc[]
-==== Non-compliant code example
+==== Noncompliant code example
 [source,java,diff-id=1,diff-type=noncompliant]
 ----
--- a/rules/S5147/java/how-to-fix-it/mongo-java-driver.adoc
+++ b/rules/S5147/java/how-to-fix-it/mongo-java-driver.adoc
@ -4,7 +4,7 @@ The following code is vulnerable to NoSQL injections because untrusted data is
 concatenated to the `$where` operator. This operator indicates to the backend
 that the expression needs to be interpreted, resulting in code injection.
-==== Non-compliant code example
+==== Noncompliant code example
 [source,java,diff-id=1,diff-type=noncompliant]
 ----
@ -18,7 +18,7 @@ protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws Un
    String input = req.getParameter("input");
    MongoClient mongoClient = new MongoClient();
-    DB database             = mongoClient.getDB("exampleDatabase");
+    DB database             = mongoClient.getDB("ExampleDatabase");
    DBCollection collection = database.getCollection("exampleCollection");
    BasicDBObject query     = new BasicDBObject();
--- a/rules/S5334/csharp/how-to-fix-it/dotnet.adoc
+++ b/rules/S5334/csharp/how-to-fix-it/dotnet.adoc
@ -3,7 +3,7 @@
 The following code is vulnerable to arbitrary code execution because it compiles
 and runs HTTP data.
-==== Non-compliant code example
+==== Noncompliant code example
 [source,csharp,diff-id=1,diff-type=noncompliant]
 ----
--- a/rules/S5334/java/how-to-fix-it/commons-compiler.adoc
+++ b/rules/S5334/java/how-to-fix-it/commons-compiler.adoc
@ -3,7 +3,7 @@
 The following code is vulnerable to arbitrary code execution because it compiles
 and runs HTTP data.
-==== Non-compliant code example
+==== Noncompliant code example
 [source,java,diff-id=1,diff-type=noncompliant]
 ----
--- a/rules/S5883/csharp/how-to-fix-it/dotnet.adoc
+++ b/rules/S5883/csharp/how-to-fix-it/dotnet.adoc
@ -15,7 +15,7 @@ In this particular case, an attacker may remove files in `/some/folder` with the
 '*' -exec rm -rf {} \; 
 ----
-==== Non-compliant code example
+==== Noncompliant code example
 [source,csharp,diff-id=1,diff-type=noncompliant]
 ----
--- a/rules/S5883/java/how-to-fix-it/apache-commons.adoc
+++ b/rules/S5883/java/how-to-fix-it/apache-commons.adoc
@ -2,7 +2,7 @@
 include::../../common/fix/code-rationale.adoc[]
-==== Non-compliant code example
+==== Noncompliant code example
 [source,java,diff-id=1,diff-type=noncompliant]
 ----
--- a/rules/S5883/java/how-to-fix-it/java-se.adoc
+++ b/rules/S5883/java/how-to-fix-it/java-se.adoc
@ -2,7 +2,7 @@
 include::../../common/fix/code-rationale.adoc[]
-==== Non-compliant code example
+==== Noncompliant code example
 [source,java,diff-id=1,diff-type=noncompliant]
 ----
--- a/rules/S6096/csharp/how-to-fix-it/dotnet.adoc
+++ b/rules/S6096/csharp/how-to-fix-it/dotnet.adoc
@ -5,7 +5,7 @@
 include::../../common/fix/code-rationale.adoc[]
-==== Non-compliant code example
+==== Noncompliant code example
 [source,csharp,diff-id=1,diff-type=noncompliant]
 ----
--- a/rules/S6096/java/how-to-fix-it/java-se.adoc
+++ b/rules/S6096/java/how-to-fix-it/java-se.adoc
@ -5,7 +5,7 @@
 include::../../common/fix/code-rationale.adoc[]
-==== Non-compliant code example
+==== Noncompliant code example
 [source,java,diff-id=1,diff-type=noncompliant]
 ----
--- a/rules/S6287/csharp/how-to-fix-it/dotnet.adoc
+++ b/rules/S6287/csharp/how-to-fix-it/dotnet.adoc
@ -2,7 +2,7 @@
 include::../../common/fix/code-rationale.adoc[]
-==== Non-compliant code example
+==== Noncompliant code example
 [source,csharp,diff-id=1,diff-type=noncompliant]
 ----
--- a/rules/S6287/java/how-to-fix-it/java-se.adoc
+++ b/rules/S6287/java/how-to-fix-it/java-se.adoc
@ -2,7 +2,7 @@
 include::../../common/fix/code-rationale.adoc[]
-==== Non-compliant code example
+==== Noncompliant code example
 [source,java,diff-id=1,diff-type=noncompliant]
 ----