ishangsf/rspec
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
5,324 Commits 329 Branches 2 Tags
Commit Graph

18 Commits

Author SHA1 Message Date
Hendrik Buchwald
7f4817c401
Modify rule S6377: Clarify C# compliant code sample (APPSEC-1731) (#4451) 2024-10-30 14:42:45 +01:00
Jamie Anderson
d255072981
Modify rules: Rename STIG version in metadata (#4098) 
The Security Technical Implementation Guide security standard is being
renamed from its release date (`2023-06-08`) to its official version and
revision number (`V5R3`). This helps to align with the version number
being used internally for reporting purposes.
 2024-07-30 16:10:03 +02:00
Jamie Anderson
9ee16daa47
Modify rules: Add STIG AS&D 2023-06-08 mappings (#3914) 
* Update JSON schema to include STIG ASD 2023-06-08 mapping

* Update rules to add STIG metadata mappings

---------

Co-authored-by: Loris Sierra <loris.sierra@sonarsource.com>
 2024-05-06 08:56:31 +02:00
github-actions[bot]
ec43c826fa
Create rule S6377: XML signatures should be validated securely (APPSEC-1649) (#3814) 2024-04-02 09:40:01 +02:00
github-actions[bot]
576a6152e0
Create rule S6377: XML signature should be verified securely (Python) (APPSEC-1588) (#3763) 2024-03-18 17:11:22 +01:00
Egon Okerman
d1417e82f8
Modify CWE and OWASP Top 10 links to follow standard link format (APPSEC-1134) (#3529) 
* Fix all CWE references

* Fix all OWASP references

* Fix missing CWE prefixes
 2024-01-15 17:15:56 +01:00
Sebastien Andrivet
6a11e47682
Modify rule S6377: Change text to education framework format (APPSEC-1110) (#3164) 
## Review

A dedicated reviewer checked the rule description successfully for:

- [ ] logical errors and incorrect information
- [ ] information gaps and missing content
- [ ] text style and tone
- [ ] PR summary and labels follow [the
guidelines](https://github.com/SonarSource/rspec/#to-modify-an-existing-rule)
 2023-09-29 15:47:49 +02:00
Antonio Aversa
a02bf814d4
Clean Code Taxonomy: add "code" to all non-obsolete metadata.json (#2793) 2023-08-04 17:19:38 +02:00
Fred Tingaud
16f6c0aecf
Inline adoc when include has no additional value (#1940) 
Inline adoc files when they are included exactly once.

Also fix language tags because this inlining gives us better information
on what language the code is written in.
 2023-05-25 14:18:12 +02:00
Victor
fe961619f9 migrate rule descriptions to new education format 2023-05-05 16:29:04 +02:00
leonardo-pilastri-sonarsource
8e459cca14
Modify SE engine rules to add "symbolic-execution" tag (#1832) 2023-05-05 14:46:46 +02:00
Alexandre Gigleux
d5d54202d0
Modify rule S6377: Enhance the Noncompliant / Compliant examples (#946) 2022-04-12 21:57:26 +02:00
jtingsanchali
96d9ddb930
RULEAPI-755 Update CWE URLs by removing .html suffix and update with https protocol (#926) 
* Change affects only see.adoc and rule.adoc files, not comments-and-links.adoc files
 2022-04-07 08:53:59 -05:00
Alexandre Gigleux
e91aae3190
Modify rule S6377: better description (#929) 2022-04-06 12:39:18 +00:00
Fred Tingaud
b4161466e6
RULEAPI-661: Add syntax coloring 2022-02-04 16:28:24 +00:00
eric-therond-sonarsource
1ca56eaf42
Remove XML code sample in Java rules targeting XML (#748) 2022-01-26 10:06:59 +01:00
quentin-jaquier-sonarsource
b852464436
Document quick fixes for S2755, S6373, S6374, S6376 and S6377 (#745) 2022-01-25 13:38:33 +01:00
github-actions[bot]
1ec3d570a4
Rule S6377[Java]: XML signatures must be validated securely (#567) 2022-01-25 10:52:20 +01:00