ishangsf/rspec
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
4,974 Commits 329 Branches 2 Tags
Commit Graph

125 Commits

Author SHA1 Message Date
Mary Georgiou
402a45849d
NET-578 Update coverage.py script in RSpec repo to point to the new enterprise repository (#4520) 2024-11-20 16:41:32 +01:00
erwan.serandour
47956ba750 allow INFO and BLOCKER for CCT rule quality severity to support Multi-Quality Rule mode 2024-11-05 16:33:31 +01:00
Marco Borgeaud
33780b6d3a
Detect title as subsections (#4407) 2024-10-14 14:48:37 +00:00
Dorian Burihabwa
dcf8ddd32f [NO-JIRA] Fix rule coverage for Apex, Go, Ruby and Scala 
Replaced the old reference to slang-enterprise with references to split
repos and JIRA projects for each of the former SLang languages (Apex, Go, Ruby and Scala).
 2024-10-07 15:07:25 +02:00
GabinL21
686c4056dc
Modify S2260: add Ansible (#4360) 2024-10-02 11:22:27 +02:00
leonardo-pilastri-sonarsource
570e581908
Include "sonar-architecture" in the list of repos for updating rules coverage script (#4337) 2024-10-01 12:24:49 +02:00
Hendrik Buchwald
f481234ef0
Add a new language identifier for Ansible (#4332) 2024-09-30 08:27:51 +00:00
Marharyta
8ae6c27693
Include "sonar-dart" in the list of repos for updating rules coverage script (#4317) 2024-09-25 11:42:14 +02:00
Marco Borgeaud
63be5d2666 Do not validate drupal.org links 2024-08-22 09:59:26 +02:00
Marco Borgeaud
3afafafcb9 Do not validate CERT links 2024-08-22 09:59:26 +02:00
Marco Borgeaud
00eee176da Improve probing frequency to reduce time spent on CI 
Checks links every two to three days instead of every 24h to 25h40.
This improve the distribution of checks on CI runs.
 2024-08-22 09:59:26 +02:00
Marco Borgeaud
71fa9cb6d3 Print statistics about cache hit/miss 2024-08-22 09:59:26 +02:00
Jamie Anderson
d255072981
Modify rules: Rename STIG version in metadata (#4098) 
The Security Technical Implementation Guide security standard is being
renamed from its release date (`2023-06-08`) to its official version and
revision number (`V5R3`). This helps to align with the version number
being used internally for reporting purposes.
 2024-07-30 16:10:03 +02:00
Mate Molnar
c0a5024363 BUILD-4175: use secrets from Vault 
* Fix SQ issue Unexpected string concatenation
* Allow testing of the coverage update workflow by checking out all
  branches and referencing the SHA of the triggering event
* Fix repository url for coverage update
* Add a manual trigger for coverage update
 2024-07-17 10:38:43 +02:00
Mate Molnar
62870a2202 Revert "BUILD-4733: update clone command to use a github access-token" 
This reverts commit 8a20fdca5e8a16320f7864c2fbe2052dc932a917.
 2024-07-17 10:38:43 +02:00
Mate Molnar
cf35ea3595 Revert "BUILD-4733: Use the correct url format for cloning with an access token" 
This reverts commit 72febdb50709c0edba5ead3d6b139812cb557f8c.
 2024-07-17 10:38:43 +02:00
Mate Molnar
7d64c96a75 Revert "BUILD-4733: Use COVERAGE_GITHUB_TOKEN from the vault instead of the default GITHUB_TOKEN" 
This reverts commit 9a14e956754adfffdfb53bd22d4a230cb97acaae.
 2024-07-17 10:38:43 +02:00
Fred Tingaud
0fd7e2c4b0
Fix language in rule creation script 2024-07-09 17:07:27 +02:00
Marharyta
782cae5eca
RULEAPI-809 Add a new language identifier for Dart (#4020) 2024-07-09 16:43:50 +02:00
Tom
9a14e95675 BUILD-4733: Use COVERAGE_GITHUB_TOKEN from the vault instead of the default GITHUB_TOKEN 2024-07-05 17:01:17 +02:00
tomverin
72febdb507
BUILD-4733: Use the correct url format for cloning with an access token 2024-07-04 16:05:28 +02:00
tomverin
8a20fdca5e
BUILD-4733: update clone command to use a github access-token 2024-07-04 15:48:47 +02:00
Jamie Anderson
bed74da521
Create specialized single-language rules (#3996) 2024-06-26 09:52:29 +01:00
Johann Beleites
e2c4c4b8fe
RULEAPI-770 Fix bug due to multiple sonarpedia.json files (#3983) 
When there are multiple sonarpedia.json files for the same language, the rules
picked up for the next sonarpedia.json file will override the ones picked up
previously. With this fix, the rules are not overwritten but all are collected,
so one repository can have multiple sonarpedia.json files for the same language.
 2024-06-11 12:15:51 +02:00
Fred Tingaud
50b4d12a75
Forbid adding direct links to rules.sonarsource.com 2024-05-15 15:10:41 +02:00
Jamie Anderson
9ee16daa47
Modify rules: Add STIG AS&D 2023-06-08 mappings (#3914) 
* Update JSON schema to include STIG ASD 2023-06-08 mapping

* Update rules to add STIG metadata mappings

---------

Co-authored-by: Loris Sierra <loris.sierra@sonarsource.com>
 2024-05-06 08:56:31 +02:00
Rudy Regazzoni
718931dce3
Add language JCL as a supported language (#3604) 2024-02-07 10:10:43 +01:00
leonardo-pilastri-sonarsource
90dd1316f0
Add dbd to plugin list to compute rules coverage (#3602) 2024-02-05 12:03:14 +01:00
Fred Tingaud
1ebb437042
Allow free titles in 'How to fix it' 2024-02-02 16:57:26 +00:00
Pierre-Loup
770348d041
Avoid OWASP Top 10 security-standard mismatch between metadata and description links (RULEAPI-798) (#3537) 
* Add check for security standard mismatch

* Fix security standard mismatches

* Fix Resources/Standards links for secrets rules

* Fix check

* Fix links and update security standard mapping

* Fix maintanability issue

* Apply review suggestions

* Apply suggestions from code review

Co-authored-by: Egon Okerman <egon.okerman@sonarsource.com>

* Fix typo

Co-authored-by: Egon Okerman <egon.okerman@sonarsource.com>

---------

Co-authored-by: Egon Okerman <egon.okerman@sonarsource.com>
 2024-01-17 17:20:28 +01:00
Fred Tingaud
1012001409
RULEAPI-800 Detect usages of C++ instead of {cpp} in asciidoc 2023-12-22 13:58:58 +01:00
Fred Tingaud
d3cfe19d7e
Fix broken or dangerous backquotes 
Co-authored-by: Marco Borgeaud <89914223+marco-antognini-sonarsource@users.noreply.github.com>
 2023-10-30 10:33:56 +01:00
Fred Tingaud
e261bd4b21
Fix Sonar warnings 
Fix a bunch of Sonar warnings that somehow appear as "New warnings"
although they are a few years old.
 2023-09-22 14:41:56 +00:00
Jonas Wielage
b4fa02a24c
Added secrets language to LANG_TO_SOURCE dict (#2820) 2023-08-08 09:44:10 +02:00
Michael Jabbour
32232051fd
Add clean code taxonomy properties to metadata schema (#2792) 2023-08-04 16:55:03 +02:00
Amélie Renard
b724d1f7c4
RULEAPI-791 LaYC: add "External coding guidelines" subtitle in the "Resources" section (#2454) 2023-07-13 18:18:01 +02:00
Fred Tingaud
35036fffff
Add check that each section is used only once 
There was already a check for section duplication, but only in "How to
fix it". This changes the test to cover all sections.
And fixing the rules that this new validation fails on.

Also making test_modify_rule.py run on Windows.

---------

Co-authored-by: Christophe Zürn <36889251+christophe-zurn-sonarsource@users.noreply.github.com>
 2023-06-13 18:03:28 +02:00
hendrik-buchwald-sonarsource
a315e5de4c
Add review checklist 
This PR adds a small checklist for new PRs that will make it more
visible what parts of the RSPEC were reviewed.
 2023-06-06 17:04:39 +02:00
Christophe Zürn
fb4ba0d61d
Update README and validation to reflect new guidelines (#1951) 
Co-authored-by: Elena Vilchik <elena.vilchik@sonarsource.com>
 2023-05-30 11:00:48 +02:00
Rudy Regazzoni
2f521d1490
Modify LANG_TO_SOURCE map to have azureresourcemanager to bicep (#1838) 2023-05-08 10:53:52 +02:00
Victor
fe961619f9 migrate rule descriptions to new education format 2023-05-05 16:29:04 +02:00
Christophe Zurn
62f01f07fe Update documentation, disallow standard rule format, add allowed sections in 'Why is it an issue?' 2023-05-05 16:29:04 +02:00
Christophe Zurn
daea3fea27 RULEAPI-785 RSPEC: education format "How to fix it" section should be optional 2023-05-05 16:29:04 +02:00
Rudy Regazzoni
d6a6439e46
Add bicep and json for language support in code example (#1830) 2023-05-05 11:12:16 +02:00
Rudy Regazzoni
31f3a23b45
Add language AzureResourceManager as a supported language (#1827) 2023-05-04 11:55:34 +02:00
Costin Zaharia
5352da5b03
Add Benchmarks as a supported section on Resources (#1812) 2023-04-27 10:07:31 +02:00
Ilia Kebets
c80d7f3b4c
Add checks for education format (#1607) 2023-03-07 17:16:47 +01:00
Christophe Zürn
47ba59f3b5 RULEAPI-766 Add documentation and integrity checks for new education rule descriptions format (#1098) 2023-03-02 18:07:54 +01:00
Roberto Orlandi
dc83422098 SONARSEC-3040 Update checks and documentation to fit new rule format (#1004) 2023-03-02 18:07:54 +01:00
Nils Werner
8059dc77b1
Modify rule S2260: Add Docker as new language (RULEAPI-773) (#1391) 2022-11-14 17:33:51 +01:00