rspec

Author	SHA1	Message	Date
Antonio Aversa	1a1a60f52d	SONARKT-569 Modify rule S4830: add support for WebViews (#4673 ) * SONARKT-569 Modify rule S4830: add support for WebViews * Fix list of allowed frameworks * Add Google Support link * Have non-compliant and compliant code examples next to each other and in diff * Update rules/S4830/kotlin/how-to-fix-it/android-webview.adoc Co-authored-by: Egon Okerman <egon.okerman@sonarsource.com> * Update rules/S4830/kotlin/how-to-fix-it/android-webview.adoc Co-authored-by: Egon Okerman <egon.okerman@sonarsource.com> --------- Co-authored-by: Egon Okerman <egon.okerman@sonarsource.com>	2025-03-19 15:31:02 +00:00
Pierre-Loup	1dc3769b22	Modify rule S3649: Add databases support (APPSEC-1251) (#3381 )	2025-03-18 09:31:43 +00:00
github-actions[bot]	7be11bd842	Modify S3649: add Kotlin (SONARSEC-6147) (#4796 )	2025-03-17 14:50:30 +00:00
github-actions[bot]	697e49fc2c	Create rule S7410: Keyboard cache should be disabled for password inputs (SONARKT-583) (#4724 )	2025-03-17 13:51:06 +00:00
GabinL21	2e155a926e	SONARIAC-1892 Modify rule S6975: Fix how to fix it section split (#4604 )	2025-01-20 11:46:15 +01:00
Hendrik Buchwald	f481234ef0	Add a new language identifier for Ansible (#4332 )	2024-09-30 08:27:51 +00:00
Ghislain Piot	b9b85c7a80	Modify rule S6929: add the PyTorch library (#3984 )	2024-09-27 12:51:21 +02:00
David Kunzmann	b9bf820777	Modify rule S6973: Adding PyTorch optimizers (#3956 )	2024-09-23 16:53:33 +02:00
github-actions[bot]	da17c23d79	Create rule S7076: Custom protocols should be preferred over file:// (#4268 ) * Create rule S7076 * Add rule text * Add Electron as allowed framework name --------- Co-authored-by: egon-okerman-sonarsource <egon-okerman-sonarsource@users.noreply.github.com> Co-authored-by: Egon Okerman <egon.okerman@sonarsource.com>	2024-09-18 14:55:43 +02:00
github-actions[bot]	21bf3f447a	Create rule S1607: Tests should not be skipped without providing a reason (#4218 )	2024-09-04 11:17:09 +02:00
Hendrik Buchwald	e5ae27a560	Modify rule S2755: Simplify how to fix it section (#4215 )	2024-09-03 17:52:33 +02:00
github-actions[bot]	1c2ab2361a	Create rule S6776: Stack-traces should not be disclosed (#4133 ) * Add csharp to rule S6776 * Add blazor content * Add Blazor * Add how to fix it in ASP.NET section * Update rules/S6776/csharp/how-to-fix-it/blazor.adoc Co-authored-by: Loris S. <91723853+loris-s-sonarsource@users.noreply.github.com> * Update rules/S6776/csharp/how-to-fix-it/blazor.adoc Co-authored-by: Loris S. <91723853+loris-s-sonarsource@users.noreply.github.com> * Remove dash --------- Co-authored-by: hendrik-buchwald-sonarsource <hendrik-buchwald-sonarsource@users.noreply.github.com> Co-authored-by: Hendrik Buchwald <hendrik.buchwald@sonarsource.com> Co-authored-by: Daniel Teuchert <daniel.teuchert@sonarsource.com> Co-authored-by: daniel-teuchert-sonarsource <141642369+daniel-teuchert-sonarsource@users.noreply.github.com> Co-authored-by: Loris S. <91723853+loris-s-sonarsource@users.noreply.github.com>	2024-08-22 11:17:16 +02:00
Hendrik Buchwald	e08427bcf6	Modify rule S3649: Add Couchbase example (#3897 )	2024-07-11 11:45:54 +00:00
Pierre-Loup	d8c45777df	Modify S5147: Add context specific code examples for Spring Data MongoDB (#3912 ) Co-authored-by: Thomas Serre <118730793+thomas-serre-sonarsource@users.noreply.github.com>	2024-07-11 11:35:10 +02:00
Hendrik Buchwald	4a50193c56	Modify rule S3649: Add Neo4j example (#3911 ) * Add neo4j * Rename Neo4j to Spring Data Neo4j --------- Co-authored-by: Thomas Serre <118730793+thomas-serre-sonarsource@users.noreply.github.com>	2024-07-11 08:53:54 +02:00
Pierre-Loup	d9da9fbcd4	Modify S3649: Add context specific code examples for Spring Data Cassandra (APPSEC-1566) (#3885 ) Co-authored-by: gaetan-ferry-sonarsource <112399173+gaetan-ferry-sonarsource@users.noreply.github.com>	2024-07-11 08:46:09 +02:00
Egon Okerman	da58171bf4	Modify rule S4423: Add "How to fix" sections for all Azure resources (APPSEC-383) (#2676 ) Co-authored-by: sebastien-andrivet-sonarsource <138577785+sebastien-andrivet-sonarsource@users.noreply.github.com> Co-authored-by: Peter Trifanov <peter.trifanov@sonarsource.com>	2024-05-22 16:35:51 +02:00
David Kunzmann	86d6b7c75b	Modify rule S6709: Add how to fix it for Scikit-learn (#3883 )	2024-05-07 14:21:34 +02:00
gaetan-ferry-sonarsource	ab6bf73b3f	Modify rule S5496: Add an how to fix session for Java and Groovy (APPSEC-1587) (#3900 )	2024-04-23 14:15:29 +02:00
gaetan-ferry-sonarsource	173a43b3dd	Modify rule S5147: Adding a how to fix section for Spring Data Redis (APPSEC-1565) (#3870 )	2024-04-18 14:09:08 +00:00
github-actions[bot]	71960b568a	Create rule S6934: A Route attribute should be added to the controller when a route template is specified at the action level (#3676 )	2024-03-22 16:16:42 +01:00
github-actions[bot]	c5593190ce	Create rule S5344(python): Passwords should not be stored in plain-text or with a fast hashing algorithm (#3715 )	2024-03-18 17:37:51 +01:00
github-actions[bot]	576a6152e0	Create rule S6377: XML signature should be verified securely (Python) (APPSEC-1588) (#3763 )	2024-03-18 17:11:22 +01:00
Egon Okerman	0931f48c1d	Clean up allowed Python framework names (#3708 ) * Clean up Python framework names * Add Request to Javascript frameworks	2024-02-29 12:48:27 +01:00
gaetan-ferry-sonarsource	0006c98874	Modify rule S4426: Add how to fix it for cryptodome and pyOpenSSL and close gap with NIST (#3678 )	2024-02-29 09:55:54 +01:00
github-actions[bot]	e27296f3d1	Create rule S6874: Variable names should comply with a naming convention (#3557 )	2024-01-31 12:48:22 +01:00
Loris S	96811524d7	Modify JVM Crypto rules: Change framework name (#3550 ) * Modify JVM Crypto rules: Change title * changed names * Apply suggestions from code review * fixed includes	2024-01-25 15:18:07 +01:00
Egon Okerman	6fe3e11073	Modify rule S5131: Add FastAPI (APPSEC-1250) (#3412 )	2024-01-04 11:23:05 +01:00
Pierre-Loup	241c6bbf54	Modify rule S6287: Add FastAPI support (APPSEC-1252) (#3390 )	2023-12-18 11:17:43 +01:00
Egon Okerman	a3fd54b8a4	Modify rule S5144: Add HTTPX support (APPSEC-1247) (#3410 ) * Add HTTPX * Enhance compliant code sample * Keep samples consistent * Simplify compliant example somewhat	2023-12-03 12:32:40 +01:00
hendrik-buchwald-sonarsource	146e2fa2ee	Modify rule S5547: Add ssl module (#3113 )	2023-11-13 13:52:29 +01:00
Egon Okerman	6417c38013	Modify rule S2092, S3330, S4830, S5131, S5144: Revert FastAPI changes (#3408 ) The PRs #3365, #3374, #3386, #3391 and #3392 were merged before implementation. This reverts them, to be merged only once implemented. ## Review A dedicated reviewer checked the rule description successfully for: - [ ] logical errors and incorrect information - [ ] information gaps and missing content - [ ] text style and tone - [ ] PR summary and labels follow [the guidelines](https://github.com/SonarSource/rspec/#to-modify-an-existing-rule)	2023-11-06 15:58:47 +00:00
Egon Okerman	67d91725f0	Modify rule S5131: Add FastAPI (APPSEC-1250) (#3386 ) ## Review A dedicated reviewer checked the rule description successfully for: - [ ] logical errors and incorrect information - [ ] information gaps and missing content - [ ] text style and tone - [ ] PR summary and labels follow [the guidelines](https://github.com/SonarSource/rspec/#to-modify-an-existing-rule)	2023-11-06 11:04:22 +01:00
daniel-teuchert-sonarsource	18dd843e83	Modify rule S5659: Add python-jose (APPSEC-1262) (#3399 ) ## Review A dedicated reviewer checked the rule description successfully for: - [ ] logical errors and incorrect information - [ ] information gaps and missing content - [ ] text style and tone - [ ] PR summary and labels follow [the guidelines](https://github.com/SonarSource/rspec/#to-modify-an-existing-rule)	2023-11-03 15:30:06 +01:00
daniel-teuchert-sonarsource	32a9027c5b	Modify rule S5144: Add aiohttp support (APPSEC-1248) (#3373 ) ## Review A dedicated reviewer checked the rule description successfully for: - [ ] logical errors and incorrect information - [ ] information gaps and missing content - [ ] text style and tone - [ ] PR summary and labels follow [the guidelines](https://github.com/SonarSource/rspec/#to-modify-an-existing-rule) --------- Co-authored-by: Egon Okerman <egon.okerman@sonarsource.com>	2023-10-27 16:57:53 +02:00
Egon Okerman	75e4b4815d	Modify rule S5144: Add HTTPX support (APPSEC-1247) (#3365 ) ## Review A dedicated reviewer checked the rule description successfully for: - [ ] logical errors and incorrect information - [ ] information gaps and missing content - [ ] text style and tone - [ ] PR summary and labels follow [the guidelines](https://github.com/SonarSource/rspec/#to-modify-an-existing-rule)	2023-10-27 09:47:43 +02:00
Loris S	936d78a18d	Modify S5547(PL/SQL): Migrate to LayC - code re-creation (#3358 ) ## Review A dedicated reviewer checked the rule description successfully for: - [ ] logical errors and incorrect information - [ ] information gaps and missing content - [ ] text style and tone - [ ] PR summary and labels follow [the guidelines](https://github.com/SonarSource/rspec/#to-modify-an-existing-rule)	2023-10-26 08:35:54 +00:00
github-actions[bot]	5ed9a4f18a	Create rule S6807: DOM elements with ARIA roles should have the required properties (#3224 ) https://github.com/SonarSource/SonarJS/issues/4243	2023-10-11 08:47:14 +02:00
github-actions[bot]	e4e7d4738e	Create rule S6767: Unused React typed props should be removed (#3059 )	2023-09-14 09:39:26 +02:00
github-actions[bot]	a630b5dd26	Create rule S6759: React props should be read-only (#3043 )	2023-09-13 15:58:40 +02:00
Egon Okerman	17040a154f	Modify rule S6656: add language AzureResourceManager (Bicep) (#2356 )	2023-09-13 10:27:13 +02:00
Egon Okerman	0aa80c7af2	Modify rule S2647: Update to LaYC format (APPSEC-970) (#2917 ) ## Review A dedicated reviewer checked the rule description successfully for: - [ ] logical errors and incorrect information - [ ] information gaps and missing content - [ ] text style and tone - [ ] PR summary and labels follow [the guidelines](https://github.com/SonarSource/rspec/#to-modify-an-existing-rule)	2023-09-05 13:46:16 +00:00
Egon Okerman	b0968585b4	Modify rule S6432: update to LaYC format (APPSEC-974) (#2972 ) ## Review A dedicated reviewer checked the rule description successfully for: - [ ] logical errors and incorrect information - [ ] information gaps and missing content - [ ] text style and tone - [ ] PR summary and labels follow [the guidelines](https://github.com/SonarSource/rspec/#to-modify-an-existing-rule)	2023-08-31 15:05:45 +02:00
Egon Okerman	d408fe4dd9	Modify rule S6301: update to LaYC format (APPSEC-973) (#2984 ) ## Review A dedicated reviewer checked the rule description successfully for: - [x] logical errors and incorrect information - [x] information gaps and missing content - [x] text style and tone - [x] PR summary and labels follow [the guidelines](https://github.com/SonarSource/rspec/#to-modify-an-existing-rule)	2023-08-30 13:55:19 +02:00
Egon Okerman	efcf2bdd1a	Modify rule S6317: Update to LayC format (APPSEC-968) (#2949 ) ## Review A dedicated reviewer checked the rule description successfully for: - [ ] logical errors and incorrect information - [ ] information gaps and missing content - [ ] text style and tone - [ ] PR summary and labels follow [the guidelines](https://github.com/SonarSource/rspec/#to-modify-an-existing-rule)	2023-08-30 11:56:31 +02:00
sebastien-andrivet-sonarsource	2d4813b028	Modify rule S5876: Update to LayC format (APPSEC-969) (#2967 ) ## Review A dedicated reviewer checked the rule description successfully for: - [x] logical errors and incorrect information - [x] information gaps and missing content - [x] text style and tone - [x] PR summary and labels follow [the guidelines](https://github.com/SonarSource/rspec/#to-modify-an-existing-rule) --------- Co-authored-by: Egon Okerman <egon.okerman@sonarsource.com>	2023-08-30 09:09:58 +02:00
sebastien-andrivet-sonarsource	89de4d7476	Modify rule S2115: Update to LaYC format (APPSEC-799) (#2927 ) ## Review A dedicated reviewer checked the rule description successfully for: - [x] logical errors and incorrect information - [x] information gaps and missing content - [x] text style and tone - [x] PR summary and labels follow [the guidelines](https://github.com/SonarSource/rspec/#to-modify-an-existing-rule)	2023-08-25 14:34:42 +02:00
Loris S	a0abb99f76	Modify S2596(javascript): Convert to LayC (#2901 ) This PR also removes the java folder because it is not implemented and has no implementation plan. This PR was made spontaneously during Daniel's onboarding. --------- Co-authored-by: daniel-teuchert-sonarsource <141642369+daniel-teuchert-sonarsource@users.noreply.github.com>	2023-08-18 09:31:06 +00:00
github-actions[bot]	10cb45778a	Create rule S4423: add Go (APPSEC-905) (#2830 ) Research ticket: [APPSEC-905](https://sonarsource.atlassian.net/browse/APPSEC-905) You can preview this rule [here](https://sonarsource.github.io/rspec/#/rspec/S4423/go) (updated a few minutes after each push). ## Review A dedicated reviewer checked the rule description successfully for: - [ ] logical errors and incorrect information - [ ] information gaps and missing content - [ ] text style and tone - [ ] PR summary and labels follow [the guidelines](https://github.com/SonarSource/rspec/#to-modify-an-existing-rule) [APPSEC-905]: https://sonarsource.atlassian.net/browse/APPSEC-905?atlOrigin=eyJpIjoiNWRkNTljNzYxNjVmNDY3MDlhMDU5Y2ZhYzA5YTRkZjUiLCJwIjoiZ2l0aHViLWNvbS1KU1cifQ --------- Co-authored-by: egon-okerman-sonarsource <egon-okerman-sonarsource@users.noreply.github.com> Co-authored-by: Egon Okerman <egon.okerman@sonarsource.com>	2023-08-16 13:53:27 +02:00
Pierre-Loup	2336aba6a7	Modify rule S6648: Add language AzureResourceManager (Bicep) (#2277 ) [Specification ticket](https://sonarsource.atlassian.net/browse/APPSEC-803) [Implementation ticket](https://sonarsource.atlassian.net/browse/SONARIAC-896) Main PR for ARM templates: https://github.com/SonarSource/rspec/pull/2250 ## Review A dedicated reviewer checked the rule description successfully for: - [ ] logical errors and incorrect information - [ ] information gaps and missing content - [ ] text style and tone - [ ] PR summary and labels follow [the guidelines](https://github.com/SonarSource/rspec/#to-modify-an-existing-rule) --------- Co-authored-by: pierre-loup-tristant-sonarsource <pierre-loup-tristant-sonarsource@users.noreply.github.com> Co-authored-by: Rudy Regazzoni <110470341+rudy-regazzoni-sonarsource@users.noreply.github.com>	2023-08-02 15:17:24 +02:00

1 2

66 Commits