ishangsf/rspec
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
4,217 Commits 329 Branches 2 Tags
Commit Graph

13 Commits

Author SHA1 Message Date
Pierre-Loup
770348d041
Avoid OWASP Top 10 security-standard mismatch between metadata and description links (RULEAPI-798) (#3537) 
* Add check for security standard mismatch

* Fix security standard mismatches

* Fix Resources/Standards links for secrets rules

* Fix check

* Fix links and update security standard mapping

* Fix maintanability issue

* Apply review suggestions

* Apply suggestions from code review

Co-authored-by: Egon Okerman <egon.okerman@sonarsource.com>

* Fix typo

Co-authored-by: Egon Okerman <egon.okerman@sonarsource.com>

---------

Co-authored-by: Egon Okerman <egon.okerman@sonarsource.com>
 2024-01-17 17:20:28 +01:00
Egon Okerman
d1417e82f8
Modify CWE and OWASP Top 10 links to follow standard link format (APPSEC-1134) (#3529) 
* Fix all CWE references

* Fix all OWASP references

* Fix missing CWE prefixes
 2024-01-15 17:15:56 +01:00
daniel-teuchert-sonarsource
9f5a87c298
Arm/make examples schema compliant (#3047) 
This PR changes the JSON examples for ARM rules to make sure that the
code samples will be scanned by sonar-iac-plugin.
To ensure this all resources need a name field and the schema URL has to
be an https and not http URL.

## Review

A dedicated reviewer checked the rule description successfully for:

- [ ] logical errors and incorrect information
- [ ] information gaps and missing content
- [ ] text style and tone
- [ ] PR summary and labels follow [the
guidelines](https://github.com/SonarSource/rspec/#to-modify-an-existing-rule)
 2023-09-13 15:48:50 +02:00
Antonio Aversa
a02bf814d4
Clean Code Taxonomy: add "code" to all non-obsolete metadata.json (#2793) 2023-08-04 17:19:38 +02:00
Marcin Stachniuk
4cfc0247d3
SONARIAC-761 Rule S6383 Disable RBAC on AKS ad Bicept (#2745) 
## Review

A dedicated reviewer checked the rule description successfully for:

- [ ] logical errors and incorrect information
- [ ] information gaps and missing content
- [ ] text style and tone
- [ ] PR summary and labels follow [the
guidelines](https://github.com/SonarSource/rspec/#to-modify-an-existing-rule)
 2023-08-04 13:55:06 +02:00
github-actions[bot]
9e91faac04
Create rule S6383 SONARIAC-761 Disable RBAC on AKS (#1852) 2023-05-11 17:03:30 +02:00
Loris S
9d8b209353
Modify Multiple Rules(IAC): Remove Non-IAC-Based Standards in Metadata (APPSEC-5) (#1238) 2022-09-14 10:29:18 +02:00
pedro-oliveira-sonarsource
b04b29019c
[APPSEC-3] Security rules are mapped to PCI DSS 4.0 (#1007) 2022-05-24 16:19:27 +02:00
pedro-oliveira-sonarsource
4cd575af12
[APPSEC-2] New security standard - PCI DSS 3.2 (#1005) 2022-05-23 09:00:28 +02:00
jtingsanchali
96d9ddb930
RULEAPI-755 Update CWE URLs by removing .html suffix and update with https protocol (#926) 
* Change affects only see.adoc and rule.adoc files, not comments-and-links.adoc files
 2022-04-07 08:53:59 -05:00
Pierre-Loup
1b061d5ff5
Fix typo in OWASP links from the See section (#807) 
* Fix typos in OWASP Top 10 2017 links
* Fixing wrong URI in OWASP Top 10 2021 A4 links
 2022-02-10 09:11:45 +01:00
Fred Tingaud
b4161466e6
RULEAPI-661: Add syntax coloring 2022-02-04 16:28:24 +00:00
github-actions[bot]
59fe702d1a
Create rule S6383[terraform]: Disabling Role-Based Access Control on Azure resources is security-sensitive (#595) 
* Create rule S6383

* Add first draft

* Update rules/S6383/terraform/rule.adoc

* rename title

* finished S6383 rule

* Update rules/S6383/terraform/rule.adoc

* Update rules/S6383/terraform/rule.adoc

* Update rules/S6383/terraform/rule.adoc

* Update rules/S6383/terraform/metadata.json

* Update rules/S6383/terraform/metadata.json

* Update rules/S6383/terraform/rule.adoc

Co-authored-by: Pierre-Loup <49131563+pierre-loup-tristant-sonarsource@users.noreply.github.com>

* Update rules/S6383/terraform/rule.adoc

Co-authored-by: Pierre-Loup <49131563+pierre-loup-tristant-sonarsource@users.noreply.github.com>

* Update rules/S6383/terraform/rule.adoc

Co-authored-by: Pierre-Loup <49131563+pierre-loup-tristant-sonarsource@users.noreply.github.com>

* Update rules/S6383/terraform/rule.adoc

Co-authored-by: Pierre-Loup <49131563+pierre-loup-tristant-sonarsource@users.noreply.github.com>

* Update rules/S6383/terraform/rule.adoc

Co-authored-by: Pierre-Loup <49131563+pierre-loup-tristant-sonarsource@users.noreply.github.com>

* c'est mon dernier mot jean pierre

* Update rules/S6383/terraform/rule.adoc

Co-authored-by: Pierre-Loup <49131563+pierre-loup-tristant-sonarsource@users.noreply.github.com>

* Update rules/S6383/terraform/rule.adoc

Co-authored-by: Pierre-Loup <49131563+pierre-loup-tristant-sonarsource@users.noreply.github.com>

Co-authored-by: loris-s-sonarsource <loris-s-sonarsource@users.noreply.github.com>
Co-authored-by: Loris Sierra <loris.sierra@sonarsource.com>
Co-authored-by: Loris S <91723853+loris-s-sonarsource@users.noreply.github.com>
Co-authored-by: Pierre-Loup <49131563+pierre-loup-tristant-sonarsource@users.noreply.github.com>
Co-authored-by: Nils Werner <64034005+nils-werner-sonarsource@users.noreply.github.com>
 2022-01-10 14:01:54 +00:00