Maksim Grebeniuk
e0ab6ac55d
SONARPY-2399 update rules tags ( #4553 )
2024-12-04 14:08:49 +01:00
Jamie Anderson
d255072981
Modify rules: Rename STIG version in metadata ( #4098 )
...
The Security Technical Implementation Guide security standard is being
renamed from its release date (`2023-06-08`) to its official version and
revision number (`V5R3`). This helps to align with the version number
being used internally for reporting purposes.
2024-07-30 16:10:03 +02:00
Jamie Anderson
9ee16daa47
Modify rules: Add STIG AS&D 2023-06-08 mappings ( #3914 )
...
* Update JSON schema to include STIG ASD 2023-06-08 mapping
* Update rules to add STIG metadata mappings
---------
Co-authored-by: Loris Sierra <loris.sierra@sonarsource.com>
2024-05-06 08:56:31 +02:00
Pierre-Loup
770348d041
Avoid OWASP Top 10 security-standard mismatch between metadata and description links (RULEAPI-798) ( #3537 )
...
* Add check for security standard mismatch
* Fix security standard mismatches
* Fix Resources/Standards links for secrets rules
* Fix check
* Fix links and update security standard mapping
* Fix maintanability issue
* Apply review suggestions
* Apply suggestions from code review
Co-authored-by: Egon Okerman <egon.okerman@sonarsource.com>
* Fix typo
Co-authored-by: Egon Okerman <egon.okerman@sonarsource.com>
---------
Co-authored-by: Egon Okerman <egon.okerman@sonarsource.com>
2024-01-17 17:20:28 +01:00
Egon Okerman
d1417e82f8
Modify CWE and OWASP Top 10 links to follow standard link format (APPSEC-1134) ( #3529 )
...
* Fix all CWE references
* Fix all OWASP references
* Fix missing CWE prefixes
2024-01-15 17:15:56 +01:00
Pierre-Loup
bb2fb68e33
Modify S6785: Update the Set limits section ( #3453 )
2023-11-22 16:29:40 +01:00
github-actions[bot]
113572535d
Create rule S6785: GraphQL queries should not be vulnerable to Denial of Service attacks ( #3157 )
2023-11-21 14:52:33 +01:00
