ishangsf/rspec
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
4,565 Commits 329 Branches 2 Tags
Commit Graph

31 Commits

Author SHA1 Message Date
Jamie Anderson
d255072981
Modify rules: Rename STIG version in metadata (#4098) 
The Security Technical Implementation Guide security standard is being
renamed from its release date (`2023-06-08`) to its official version and
revision number (`V5R3`). This helps to align with the version number
being used internally for reporting purposes.
 2024-07-30 16:10:03 +02:00
Jamie Anderson
9ee16daa47
Modify rules: Add STIG AS&D 2023-06-08 mappings (#3914) 
* Update JSON schema to include STIG ASD 2023-06-08 mapping

* Update rules to add STIG metadata mappings

---------

Co-authored-by: Loris Sierra <loris.sierra@sonarsource.com>
 2024-05-06 08:56:31 +02:00
Marco Borgeaud
072e67b8d4
Fix asciidoc w.r.t. C++ (#3519) 
"C++" spelled as-is can result in unexpected rendering, such as

    C++20 was released before C++17

renders as

    C20 was released before C17

Make consistent use of `[source,cpp]`.
 2023-12-21 15:51:41 +01:00
gaetan-ferry-sonarsource
206114f4b4
Modify S5847: Change text to LayC format (APPSEC-1214) (#3316) 2023-10-20 15:39:40 +00:00
Fred Tingaud
51369b610e
Make sure that includes are always surrounded by empty lines (#2270) 
When an include is not surrounded by empty lines, its content is inlined
on the same line as the adjacent content. That can lead to broken tags
and other display issues.
This PR fixes all such includes and introduces a validation step that
forbids introducing the same problem again.
 2023-06-22 10:38:01 +02:00
Victor
fe961619f9 migrate rule descriptions to new education format 2023-05-05 16:29:04 +02:00
Jamie Anderson
2d8892defb
Modify rules: Remove "owasp-aX" tag (#1655) 2023-03-16 15:25:13 +01:00
Alexandre Gigleux
01bad1b800
Map rules to OWASP ASVS 4 (#1110) 
https://sonarsource.atlassian.net/browse/MMF-2794
 2022-07-29 13:35:38 +02:00
pedro-oliveira-sonarsource
082b3ef269
Modify: Fix old/broken embedded links (#1100) 2022-07-08 13:58:56 +02:00
pedro-oliveira-sonarsource
b04b29019c
[APPSEC-3] Security rules are mapped to PCI DSS 4.0 (#1007) 2022-05-24 16:19:27 +02:00
pedro-oliveira-sonarsource
4cd575af12
[APPSEC-2] New security standard - PCI DSS 3.2 (#1005) 2022-05-23 09:00:28 +02:00
jtingsanchali
96d9ddb930
RULEAPI-755 Update CWE URLs by removing .html suffix and update with https protocol (#926) 
* Change affects only see.adoc and rule.adoc files, not comments-and-links.adoc files
 2022-04-07 08:53:59 -05:00
Pierre-Loup
1b061d5ff5
Fix typo in OWASP links from the See section (#807) 
* Fix typos in OWASP Top 10 2017 links
* Fixing wrong URI in OWASP Top 10 2021 A4 links
 2022-02-10 09:11:45 +01:00
Fred Tingaud
b4161466e6
RULEAPI-661: Add syntax coloring 2022-02-04 16:28:24 +00:00
Pierre-Loup
e7ad1012e3
RULEAPI-709: Security rules are mapped to the OWASP Top 10 2021 security-standard (#545) 2021-11-01 15:00:32 +01:00
Pierre-Loup
2eb4c50a9b
RULEAPI-710: Validate that security-standards are not shadowed 2021-10-29 16:55:50 +00:00
Arseniy Zaostrovnykh
5ba82ae371
RULEAPI-665: Remove security standards from the irrelevant language-specific rules (#362) 2021-09-21 15:40:35 +02:00
Arseniy Zaostrovnykh
f7904cebe7
RULEAPI-666: Migrate the "List of parameters", "Highlighting" and "Message" fields from jira RSPEC (#346) 2021-09-20 13:38:42 +00:00
Arseniy Zaostrovnykh
11c08de44a
Revert "RULEAPI-665: Remove security standards from the irrelevant language-specific rules" (#361) 
This reverts commit 892bccde8ffcdf2a6d662d97ec469cd63de87878.
 2021-09-17 13:50:03 +02:00
Arseniy Zaostrovnykh
892bccde8f
RULEAPI-665: Remove security standards from the irrelevant language-specific rules 2021-09-17 13:44:41 +02:00
Arseniy Zaostrovnykh
b76bc57083
RULEAPI-576: add a horizontal rule between rule description and comments 2021-06-08 15:52:13 +02:00
Arseniy Zaostrovnykh
6c1ad2c13c Fix the comment display: rule-id, timestamp, GH visibility, link direction 2021-06-03 09:05:38 +02:00
Arseniy Zaostrovnykh
cdd7690a79 Export comments and rspec-to-rspec links from jira 2021-06-02 20:44:38 +02:00
Arseniy Zaostrovnykh
1d713451d6 Undo the abuse of compatibleLanguages metadata field 2021-02-16 15:00:44 +01:00
Arseniy Zaostrovnykh
716b335a56 Enable forced linebreaks in quotes; escape -- in url 2021-02-02 16:54:43 +01:00
Arseniy Zaostrovnykh
7ca29f686f Force linebreaks 2021-02-02 15:02:10 +01:00
Arseniy Zaostrovnykh
d4598ce0f9 make in-line code blocks verbatim 2021-01-27 13:42:22 +01:00
Arseniy Zaostrovnykh
d96d948333 change the inline-code delimitters 2020-12-23 14:59:06 +01:00
Arseniy Zaostrovnykh
ed53c1610b Add all rules, update all rules fixing the inline code syntax 2020-12-21 15:38:52 +01:00
Alban Auzeill
2c306d110e Fix code block ambiguity with old header style 
Ensure blank line before list and clean the one leading space
 2020-06-30 17:16:12 +02:00
Alban Auzeill
0329b1564c Add rules 5000-5999 2020-06-30 17:16:12 +02:00