ishangsf/rspec
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
4,646 Commits 329 Branches 2 Tags
Commit Graph

3758 Commits

Author SHA1 Message Date
Loris S.
2783df88dd
Modify S6865(K8s): Rework Rule for realistic detection (#4212) 
* Modify S6865(K8s): Rule rework for realistic detection

* fix diffé
 2024-09-02 11:38:42 +02:00
github-actions[bot]
2427e0e717
Create rule S7053: Relative lib imports should not be used (avoid_relative_lib_imports) (#4206) 
Co-authored-by: antonioaversa <antonioaversa@users.noreply.github.com>
 2024-08-30 17:55:23 +02:00
Antonio Aversa
a50335221d
Modify rule S7047: Fix formatting of inline code and grammar (#4211) 2024-08-30 15:46:39 +02:00
github-actions[bot]
1cdcbab02e
Create rule S7054: "is!" should be used instead of "!is" 
Co-authored-by: Marharyta Nedzelska <margarita.nedzelska@sonarsource.com>
 2024-08-30 15:45:28 +02:00
Fred Tingaud
1f0f2b7a8e
Modify rule S6024: Remove useless paretheses 2024-08-30 14:19:28 +02:00
Loris S.
979c6d4b4a
[S4502|S5131] Add resources and fix resources style (#4203) 2024-08-30 12:01:23 +02:00
Antonio Aversa
fc207d97df
Modify rule S7046: Add a link to "camel case" in the rule description (#4210) 2024-08-29 16:49:45 +00:00
Antonio Aversa
c375649262
Modify rule S7045: fix underscore escaping in rule description (#4209) 2024-08-29 16:43:58 +00:00
github-actions[bot]
ebf22e3023
Create rule S7052: Uninitialized variables and fields should be explicitly typed (prefer_typing_uninitialized_variables) (#4205) 2024-08-29 18:41:51 +02:00
Johann Beleites
d4d145e532
Modify rules S2259;S2583;S2589;S3518;S3655;S3959 Remove replacement rules and update description for deprecated SE rules (#4207) 2024-08-29 17:27:25 +02:00
Johann Beleites
4e782555ed
Modify rule S6376: Fix broken link (#4208) 2024-08-29 16:59:57 +02:00
github-actions[bot]
db883d16c1
Create rule S7051: Types should not be used as parameter names (avoid_types_as_parameter_names) (#4204) 
Co-authored-by: antonioaversa <antonioaversa@users.noreply.github.com>
 2024-08-29 15:20:34 +02:00
Johann Beleites
952c1cab7b
SONARJAVA-5102 Deprecate Java SE rules implemented by DBD (#4177) 2024-08-29 12:03:11 +02:00
github-actions[bot]
9d1862194c
Create rule S7050: Void functions should not return null (avoid_returning_null_for_void) 
Co-authored-by: antonioaversa <antonioaversa@users.noreply.github.com>
 2024-08-28 22:26:35 +02:00
github-actions[bot]
689d02641d
Create rule S7049: Getters should not be recursive (recursive_getters) 
Co-authored-by: antonioaversa <antonioaversa@users.noreply.github.com>
 2024-08-28 22:22:43 +02:00
github-actions[bot]
78c452a5b4
Create rule S7048: Function declarations should be preferred over variables (prefer_function_declarations_over_variables) 
Co-authored-by: antonioaversa <antonioaversa@users.noreply.github.com>
 2024-08-28 22:18:39 +02:00
github-actions[bot]
6eda7ba687
Create rule S7047: Nullable type parameter values should not be null checked with ! (null_check_on_nullable_type_parameter) 
Co-authored-by: antonioaversa <antonioaversa@users.noreply.github.com>
 2024-08-28 10:24:01 +02:00
Antonio Aversa
26637d3f66
Modify rule S7045: fix list formatting in Why section (#4202) 2024-08-28 06:20:30 +00:00
github-actions[bot]
70a41c4e0c
Create rule S7046: Extension identifiers should comply with a naming convention (camel_case_extensions) 2024-08-27 21:11:28 +02:00
github-actions[bot]
31b4765a6d
Create rule S7045: Local identifiers should not start with underscore (no_leading_underscores_for_local_identifiers) 2024-08-27 21:04:10 +02:00
Hendrik Buchwald
491c17525b
Modify rule S5131: Add fix for Blazor (APPSEC-1898) (#4116) 
* Add fix for Blazor

* Update rules/S5131/csharp/how-to-fix-it/blazor.adoc
 2024-08-27 09:37:06 +02:00
Antonio Aversa
9e83cd8308
Modify rule S5416: add spaces to the why section (#4195) 2024-08-26 15:46:27 +00:00
Antonio Aversa
c3dcea77c5
Modify rule S2175: add spaces to the why section (#4194) 2024-08-26 15:43:23 +00:00
Gyula Sallai
101cfde7a8
Modify rule S6651: fix erroneous inclusion in SonarWay (#4192) 2024-08-26 17:05:28 +02:00
chrislain-razafimahefa-sonarsource
5eebca6f88
Modify rules S6886, S2589, S5633, S6417: Fix examples (#4191) 2024-08-26 16:00:15 +02:00
Gyula Sallai
772f64b083
Modify rules S6320;S6416;S6555;S6707;S6976 Update examples (#4190) 2024-08-26 12:54:45 +02:00
github-actions[bot]
a3eacd6c35
Create rule S6418 (#4164) 2024-08-23 17:19:16 +00:00
Evgeny Mandrikov
7e7ce1af88
Modify Rule S107: Add Dart language (#4143) 2024-08-23 17:09:43 +02:00
Marharyta
1ec24bcaa5
Modify Rule S2358: Update Dart description (#4186) 2024-08-23 16:57:17 +02:00
github-actions[bot]
f47c7dfd34
Create rule S7044: Server-side requests should not be vulnerable to traversing attacks (#4162) 2024-08-23 12:38:37 +00:00
Antonio Aversa
2338e5e5f1
Modify rule S2432: Fix resources and add rspecator (#4189) 2024-08-23 14:26:17 +02:00
github-actions[bot]
54c37571c0
Create rule S7039: Content Security Policies should be restrictive (NET-24) (#4188) 2024-08-23 14:19:27 +02:00
Marharyta
b2b19cb731
Modify Rule S3689: Update Dart description 2024-08-23 14:19:10 +02:00
github-actions[bot]
504835d1bf
Create rule S5147(C#): NoSQL operations should not be vulnerable to injection attacks APPSEC-2024 (#4165) 
* Add csharp to rule S5147

* Add the text

* Fixed filename

* Apply suggestions from code review

Co-authored-by: Hendrik Buchwald <64110887+hendrik-buchwald-sonarsource@users.noreply.github.com>

* Apply suggestions from code review

* Update rules/S5147/csharp/how-to-fix-it/mongodb-csharp-driver.adoc

* Update rules/S5147/common/fix/builder-pattern.adoc

Co-authored-by: Hendrik Buchwald <64110887+hendrik-buchwald-sonarsource@users.noreply.github.com>

---------

Co-authored-by: loris-s-sonarsource <loris-s-sonarsource@users.noreply.github.com>
Co-authored-by: Loris Sierra <loris.sierra@sonarsource.com>
Co-authored-by: Loris S. <91723853+loris-s-sonarsource@users.noreply.github.com>
Co-authored-by: Hendrik Buchwald <64110887+hendrik-buchwald-sonarsource@users.noreply.github.com>
 2024-08-23 12:10:19 +00:00
github-actions[bot]
dc516927c6
Create rule S7044(JS): Server-side requests should not be vulnerable to traversing attacks APPSEC-2042 (#4175) 
* Add javascript to rule S7044

* Added contents

* Apply suggestions from code review

* Update rules/S7044/javascript/how-to-fix-it/node.adoc

* Update rules/S7044/javascript/how-to-fix-it/node.adoc

Co-authored-by: daniel-teuchert-sonarsource <141642369+daniel-teuchert-sonarsource@users.noreply.github.com>

* Update rules/S7044/javascript/how-to-fix-it/node.adoc

* Update rules/S7044/javascript/how-to-fix-it/node.adoc

* Apply suggestions from code review

---------

Co-authored-by: loris-s-sonarsource <loris-s-sonarsource@users.noreply.github.com>
Co-authored-by: Loris Sierra <loris.sierra@sonarsource.com>
Co-authored-by: Loris S. <91723853+loris-s-sonarsource@users.noreply.github.com>
Co-authored-by: daniel-teuchert-sonarsource <141642369+daniel-teuchert-sonarsource@users.noreply.github.com>
 2024-08-23 11:15:35 +02:00
Antonio Aversa
2ffd6bfed6
Modify rule S1065: Fix resources (#4187) 2024-08-23 09:03:25 +00:00
Antonio Aversa
4e4811e5fe
Modify rule S3562: improve resources and add rspecator (#4178) 2024-08-23 08:44:21 +00:00
Marharyta
84c3e221a8
Modify Rule S5856: Update Dart description 2024-08-23 10:33:36 +02:00
Antonio Aversa
7ded42f122
Modify rule S5416: improve resources and add rspecator 2024-08-23 09:53:44 +02:00
Antonio Aversa
5a76b11ae3
Modify rule S2175: improve resources and add rspecator 2024-08-23 09:45:29 +02:00
Antonio Aversa
f97718f4dd
Modify rule S2471 Variables should not be initialized with "null" (avoid_init_to_null) 2024-08-23 09:41:07 +02:00
Antonio Aversa
87b52abefd
Modify rule S3512: Update Dart examples and resources 2024-08-23 09:35:03 +02:00
Marharyta
8ca326e547
Modify Rule S4647: Update Dart description 2024-08-22 18:40:38 +02:00
Marharyta
266eb76601
Modify Rule S2963: Update Dart description 2024-08-22 18:30:25 +02:00
Ghislain Piot
8552b794e1
Modify rule S2068: Update documentation to not recommend the customization (#4163) 2024-08-22 14:45:53 +02:00
github-actions[bot]
dfbe4baa5a
Create rule S7044: Server-side requests should not be vulnerable to traversing attacks (#4166) 2024-08-22 09:49:35 +00:00
github-actions[bot]
1c2ab2361a
Create rule S6776: Stack-traces should not be disclosed (#4133) 
* Add csharp to rule S6776

* Add blazor content

* Add Blazor

* Add how to fix it in ASP.NET section

* Update rules/S6776/csharp/how-to-fix-it/blazor.adoc

Co-authored-by: Loris S. <91723853+loris-s-sonarsource@users.noreply.github.com>

* Update rules/S6776/csharp/how-to-fix-it/blazor.adoc

Co-authored-by: Loris S. <91723853+loris-s-sonarsource@users.noreply.github.com>

* Remove dash

---------

Co-authored-by: hendrik-buchwald-sonarsource <hendrik-buchwald-sonarsource@users.noreply.github.com>
Co-authored-by: Hendrik Buchwald <hendrik.buchwald@sonarsource.com>
Co-authored-by: Daniel Teuchert <daniel.teuchert@sonarsource.com>
Co-authored-by: daniel-teuchert-sonarsource <141642369+daniel-teuchert-sonarsource@users.noreply.github.com>
Co-authored-by: Loris S. <91723853+loris-s-sonarsource@users.noreply.github.com>
 2024-08-22 11:17:16 +02:00
Marharyta
e738a460ae
Modify Rule S3962: Update Dart description 2024-08-22 11:05:32 +02:00
Marco Borgeaud
4e0e265d9e Update links to securecoding.cert.org 
They redirect to https://wiki.sei.cmu.edu.
Fix broken links for open rules.
Remove broken links from closed rules.
Remove links in Java rules for CERT C rules with no obvious replacement.
Expand broken tinyurl to CERT.
 2024-08-22 09:59:26 +02:00
Fred Tingaud
62a8196ac9
Modify rule S6004: CPP-5608 don't raise for for-range 2024-08-21 19:17:55 +02:00