ishangsf/rspec
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
5,185 Commits 329 Branches 2 Tags
Commit Graph

40 Commits

Author SHA1 Message Date
Egon Okerman
d1417e82f8
Modify CWE and OWASP Top 10 links to follow standard link format (APPSEC-1134) (#3529) 
* Fix all CWE references

* Fix all OWASP references

* Fix missing CWE prefixes
 2024-01-15 17:15:56 +01:00
Egon Okerman
0abf66041f
Update rule S5808: update to LaYC format (APPSEC-972) (#2991) 
## Review

A dedicated reviewer checked the rule description successfully for:

- [ ] logical errors and incorrect information
- [ ] information gaps and missing content
- [ ] text style and tone
- [ ] PR summary and labels follow [the
guidelines](https://github.com/SonarSource/rspec/#to-modify-an-existing-rule)
 2023-09-05 15:48:54 +02:00
Antonio Aversa
a02bf814d4
Clean Code Taxonomy: add "code" to all non-obsolete metadata.json (#2793) 2023-08-04 17:19:38 +02:00
Fred Tingaud
9cb6b98e41
Remove unimplemented languages/rules tagged as 'SECURITY_HOTSPOT' or 'VULNERABILITY' 
Languages for which some unique descriptions remain are kept.

This cleaning removes the following rules that were implemented in no
language:
[S1947, S2085, S2086, S2609, S2610, S2614, S2643, S2773, S2776, S3268,
S3272, S3361]
 2023-06-22 19:13:37 +02:00
Fred Tingaud
51369b610e
Make sure that includes are always surrounded by empty lines (#2270) 
When an include is not surrounded by empty lines, its content is inlined
on the same line as the adjacent content. That can lead to broken tags
and other display issues.
This PR fixes all such includes and introduces a validation step that
forbids introducing the same problem again.
 2023-06-22 10:38:01 +02:00
Fred Tingaud
16f6c0aecf
Inline adoc when include has no additional value (#1940) 
Inline adoc files when they are included exactly once.

Also fix language tags because this inlining gives us better information
on what language the code is written in.
 2023-05-25 14:18:12 +02:00
Victor
fe961619f9 migrate rule descriptions to new education format 2023-05-05 16:29:04 +02:00
Jamie Anderson
2d8892defb
Modify rules: Remove "owasp-aX" tag (#1655) 2023-03-16 15:25:13 +01:00
Alexandre Gigleux
01bad1b800
Map rules to OWASP ASVS 4 (#1110) 
https://sonarsource.atlassian.net/browse/MMF-2794
 2022-07-29 13:35:38 +02:00
pedro-oliveira-sonarsource
082b3ef269
Modify: Fix old/broken embedded links (#1100) 2022-07-08 13:58:56 +02:00
pedro-oliveira-sonarsource
b04b29019c
[APPSEC-3] Security rules are mapped to PCI DSS 4.0 (#1007) 2022-05-24 16:19:27 +02:00
pedro-oliveira-sonarsource
4cd575af12
[APPSEC-2] New security standard - PCI DSS 3.2 (#1005) 2022-05-23 09:00:28 +02:00
jtingsanchali
96d9ddb930
RULEAPI-755 Update CWE URLs by removing .html suffix and update with https protocol (#926) 
* Change affects only see.adoc and rule.adoc files, not comments-and-links.adoc files
 2022-04-07 08:53:59 -05:00
Pierre-Loup
1b061d5ff5
Fix typo in OWASP links from the See section (#807) 
* Fix typos in OWASP Top 10 2017 links
* Fixing wrong URI in OWASP Top 10 2021 A4 links
 2022-02-10 09:11:45 +01:00
Fred Tingaud
b4161466e6
RULEAPI-661: Add syntax coloring 2022-02-04 16:28:24 +00:00
quentin-jaquier-sonarsource
f78109d4c6
Modify rule S6328: Add exceptions for methods throwing an exception (#772) 2022-02-02 15:12:41 +01:00
Pierre-Loup
e7ad1012e3
RULEAPI-709: Security rules are mapped to the OWASP Top 10 2021 security-standard (#545) 2021-11-01 15:00:32 +01:00
Arseniy Zaostrovnykh
6a0ec99e78
RULEAPI-706: Add quick fixes metadata 2021-10-07 09:23:15 +00:00
Arseniy Zaostrovnykh
2301f5808e
RULEAPI-695: remove extra/coveredLanguages field 2021-09-28 13:36:45 +02:00
Arseniy Zaostrovnykh
ec55b6ead1
RULEAPI-687: Migrate legacy keys from Jira RSPEC (#392) 2021-09-24 09:08:46 +02:00
Arseniy Zaostrovnykh
f7904cebe7
RULEAPI-666: Migrate the "List of parameters", "Highlighting" and "Message" fields from jira RSPEC (#346) 2021-09-20 13:38:42 +00:00
Arseniy Zaostrovnykh
acadea59e9 move coveredLangauges and replacementRules into extra field 2021-02-16 17:52:17 +01:00
Arseniy Zaostrovnykh
1d713451d6 Undo the abuse of compatibleLanguages metadata field 2021-02-16 15:00:44 +01:00
Arseniy Zaostrovnykh
a09a26d560 fix hading of {{\+}} and sort the compatible languages 2021-02-08 12:42:26 +01:00
Arseniy Zaostrovnykh
b62862646c move typescript rules to javascript directory 2021-02-08 10:49:37 +01:00
sonartech
0ffbfb133d Nightly update 2021-02-06 04:10:49 +00:00
Arseniy Zaostrovnykh
af8cda992b unescape more things 2021-02-05 10:34:25 +01:00
Arseniy Zaostrovnykh
402a7d7be3 sort metadata fields 2021-02-04 12:27:03 +01:00
Arseniy Zaostrovnykh
f6093ee186 Overapproximate compatibleLanguages and tags/standards 2021-02-02 19:11:00 +01:00
Arseniy Zaostrovnykh
716b335a56 Enable forced linebreaks in quotes; escape -- in url 2021-02-02 16:54:43 +01:00
Arseniy Zaostrovnykh
7ca29f686f Force linebreaks 2021-02-02 15:02:10 +01:00
Arseniy Zaostrovnykh
1a22006270 Add coveredLanguages field 2021-01-29 15:53:23 +01:00
Arseniy Zaostrovnykh
d4598ce0f9 make in-line code blocks verbatim 2021-01-27 13:42:22 +01:00
Arseniy Zaostrovnykh
0a8c5eafce add replacementRules metadata field 2021-01-26 16:58:13 +01:00
Arseniy Zaostrovnykh
fb261af631 Quality profiles for customized rules 2021-01-07 12:13:35 +01:00
Arseniy Zaostrovnykh
232269f3ce Add default quality profiles 2021-01-07 11:08:42 +01:00
Arseniy Zaostrovnykh
d96d948333 change the inline-code delimitters 2020-12-23 14:59:06 +01:00
Arseniy Zaostrovnykh
ed53c1610b Add all rules, update all rules fixing the inline code syntax 2020-12-21 15:38:52 +01:00
Alban Auzeill
2c306d110e Fix code block ambiguity with old header style 
Ensure blank line before list and clean the one leading space
 2020-06-30 17:16:12 +02:00
Alban Auzeill
0329b1564c Add rules 5000-5999 2020-06-30 17:16:12 +02:00