dependabot[bot]
b17cbdd8d3
[dependabot] Bump aiohttp from 3.8.4 to 3.8.5 in /rspec-tools ( #2593 )
...
Bumps [aiohttp](https://github.com/aio-libs/aiohttp ) from 3.8.4 to
3.8.5.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/aio-libs/aiohttp/releases ">aiohttp's
releases</a>.</em></p>
<blockquote>
<h2>3.8.5</h2>
<h2>Security bugfixes</h2>
<ul>
<li>
<p>Upgraded the vendored copy of llhttp_ to v8.1.1 -- by
:user:<code>webknjaz</code>
and :user:<code>Dreamsorcerer</code>.</p>
<p>Thanks to :user:<code>sethmlarson</code> for reporting this and
providing us with
comprehensive reproducer, workarounds and fixing details! For more
information, see
<a
href="https://github.com/aio-libs/aiohttp/security/advisories/GHSA-45c4-8wx5-qw6w ">https://github.com/aio-libs/aiohttp/security/advisories/GHSA-45c4-8wx5-qw6w </a>.</p>
<p>.. _llhttp: <a href="https://llhttp.org ">https://llhttp.org </a></p>
<p>(<a
href="https://redirect.github.com/aio-libs/aiohttp/issues/7346 ">#7346</a>)</p>
</li>
</ul>
<h2>Features</h2>
<ul>
<li>
<p>Added information to C parser exceptions to show which character
caused the error. -- by :user:<code>Dreamsorcerer</code></p>
<p>(<a
href="https://redirect.github.com/aio-libs/aiohttp/issues/7366 ">#7366</a>)</p>
</li>
</ul>
<h2>Bugfixes</h2>
<ul>
<li>
<p>Fixed a transport is :data:<code>None</code> error -- by
:user:<code>Dreamsorcerer</code>.</p>
<p>(<a
href="https://redirect.github.com/aio-libs/aiohttp/issues/3355 ">#3355</a>)</p>
</li>
</ul>
<hr />
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/aio-libs/aiohttp/blob/v3.8.5/CHANGES.rst ">aiohttp's
changelog</a>.</em></p>
<blockquote>
<h1>3.8.5 (2023-07-19)</h1>
<h2>Security bugfixes</h2>
<ul>
<li>
<p>Upgraded the vendored copy of llhttp_ to v8.1.1 -- by
:user:<code>webknjaz</code>
and :user:<code>Dreamsorcerer</code>.</p>
<p>Thanks to :user:<code>sethmlarson</code> for reporting this and
providing us with
comprehensive reproducer, workarounds and fixing details! For more
information, see
<a
href="https://github.com/aio-libs/aiohttp/security/advisories/GHSA-45c4-8wx5-qw6w ">https://github.com/aio-libs/aiohttp/security/advisories/GHSA-45c4-8wx5-qw6w </a>.</p>
<p>.. _llhttp: <a href="https://llhttp.org ">https://llhttp.org </a></p>
<p><code>[#7346 ](https://github.com/aio-libs/aiohttp/issues/7346 )
<https://github.com/aio-libs/aiohttp/issues/7346> ;</code>_</p>
</li>
</ul>
<h2>Features</h2>
<ul>
<li>
<p>Added information to C parser exceptions to show which character
caused the error. -- by :user:<code>Dreamsorcerer</code></p>
<p><code>[#7366 ](https://github.com/aio-libs/aiohttp/issues/7366 )
<https://github.com/aio-libs/aiohttp/issues/7366> ;</code>_</p>
</li>
</ul>
<h2>Bugfixes</h2>
<ul>
<li>
<p>Fixed a transport is :data:<code>None</code> error -- by
:user:<code>Dreamsorcerer</code>.</p>
<p><code>[#3355 ](https://github.com/aio-libs/aiohttp/issues/3355 )
<https://github.com/aio-libs/aiohttp/issues/3355> ;</code>_</p>
</li>
</ul>
<hr />
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="9c13a52c217c02129567135a45e9d6https://redirect.github.com/aio-libs/aiohttp/issues/7366 ">#7366</a>)
(<a
href="https://redirect.github.com/aio-libs/aiohttp/issues/7380 ">#7380</a>)</li>
<li><a
href="9337fb3f2ahttps://redirect.github.com/aio-libs/aiohttp/issues/7367 ">#7367</a>)
(<a
href="https://redirect.github.com/aio-libs/aiohttp/issues/7377 ">#7377</a>)</li>
<li><a
href="f07e9b44b5https://redirect.github.com/aio-libs/aiohttp/issues/7373 ">#7373</a>/66e261a5
backport][3.8] Drop azure mention (<a
href="https://redirect.github.com/aio-libs/aiohttp/issues/7374 ">#7374</a>)</li>
<li><a
href="01d9b70e54https://redirect.github.com/aio-libs/aiohttp/issues/7370 ">#7370</a>/22c264ce
backport][3.8] fix: Spelling error fixed (<a
href="https://redirect.github.com/aio-libs/aiohttp/issues/7371 ">#7371</a>)</li>
<li><a
href="3577b1e371https://redirect.github.com/aio-libs/aiohttp/issues/7359 ">#7359</a>/7911f1e9
backport][3.8] Set up secretless publishing to PyPI (<a
href="https://redirect.github.com/aio-libs/aiohttp/issues/7360 ">#7360</a>)</li>
<li><a
href="8d45f9c995https://redirect.github.com/aio-libs/aiohttp/issues/7333 ">#7333</a>/3a54d378
backport][3.8] Fix TLS transport is <code>None</code> error (<a
href="https://redirect.github.com/aio-libs/aiohttp/issues/7357 ">#7357</a>)</li>
<li><a
href="dd8e24e773https://redirect.github.com/aio-libs/aiohttp/issues/7343 ">#7343</a>/18057581
backport][3.8] Mention encoding in <code>yarl.URL</code> (<a
href="https://redirect.github.com/aio-libs/aiohttp/issues/7355 ">#7355</a>)</li>
<li><a
href="40874103ebhttps://redirect.github.com/aio-libs/aiohttp/issues/7346 ">#7346</a>/346fd202
backport][3.8] Bump vendored llhttp to v8.1.1 (<a
href="https://redirect.github.com/aio-libs/aiohttp/issues/7352 ">#7352</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/aio-libs/aiohttp/compare/v3.8.4...v3.8.5 ">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/SonarSource/rspec/network/alerts ).
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-08-21 09:49:51 +02:00
dependabot[bot]
28eb6865eb
Bump word-wrap from 1.2.3 to 1.2.4 in /frontend ( #2541 )
...
Bumps [word-wrap](https://github.com/jonschlinkert/word-wrap ) from 1.2.3
to 1.2.4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/jonschlinkert/word-wrap/releases ">word-wrap's
releases</a>.</em></p>
<blockquote>
<h2>1.2.4</h2>
<h2>What's Changed</h2>
<ul>
<li>Remove default indent by <a
href="https://github.com/mohd-akram "><code>@mohd-akram</code></a> in <a
href="https://redirect.github.com/jonschlinkert/word-wrap/pull/24 ">jonschlinkert/word-wrap#24</a></li>
<li>🔒 fix: CVE 2023 26115 (2) by <a
href="https://github.com/OlafConijn "><code>@OlafConijn</code></a> in <a
href="https://redirect.github.com/jonschlinkert/word-wrap/pull/41 ">jonschlinkert/word-wrap#41</a></li>
<li>🔒 fix: CVE-2023-26115 by <a
href="https://github.com/aashutoshrathi "><code>@aashutoshrathi</code></a>
in <a
href="https://redirect.github.com/jonschlinkert/word-wrap/pull/33 ">jonschlinkert/word-wrap#33</a></li>
<li>chore: publish workflow by <a
href="https://github.com/OlafConijn "><code>@OlafConijn</code></a> in <a
href="https://redirect.github.com/jonschlinkert/word-wrap/pull/42 ">jonschlinkert/word-wrap#42</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/mohd-akram "><code>@mohd-akram</code></a> made
their first contribution in <a
href="https://redirect.github.com/jonschlinkert/word-wrap/pull/24 ">jonschlinkert/word-wrap#24</a></li>
<li><a
href="https://github.com/OlafConijn "><code>@OlafConijn</code></a> made
their first contribution in <a
href="https://redirect.github.com/jonschlinkert/word-wrap/pull/41 ">jonschlinkert/word-wrap#41</a></li>
<li><a
href="https://github.com/aashutoshrathi "><code>@aashutoshrathi</code></a>
made their first contribution in <a
href="https://redirect.github.com/jonschlinkert/word-wrap/pull/33 ">jonschlinkert/word-wrap#33</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/jonschlinkert/word-wrap/compare/1.2.3...1.2.4 ">https://github.com/jonschlinkert/word-wrap/compare/1.2.3...1.2.4 </a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="f64b188c7203ea08256bhttps://redirect.github.com/jonschlinkert/word-wrap/issues/42 ">#42</a>
from jonschlinkert/chore/publish-workflow</li>
<li><a
href="420dce9a24https://redirect.github.com/jonschlinkert/word-wrap/issues/41 ">#41</a>
from jonschlinkert/fix/CVE-2023-26115-2</li>
<li><a
href="bfa694edf5ace0b3c78f6fd727594630d6daf60f655929cabe49e08bbc329f626935f3https://github.com/jonschlinkert/word-wrap/compare/1.2.3...1.2.4 ">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/SonarSource/rspec/network/alerts ).
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-08-21 09:49:30 +02:00
Arseniy Zaostrovnykh
55720d6cda
Fix rule coverage on a rule page: include all rule keys to metadata
...
For some rules, rule-specific metadata.json overridden the `sqKey` for
all languages, so when the predeployment script collected all keys, it
did not list the actual, most canonical key "S****".
This leads to the incorrect display of coverage information on a rule
page that relies on the `allKeys` precomputed property to retrieve the
version of the analyzer that implements the rule.
The fix includes the generic rule metadata.json file into the aggregator
that computes `allKeys`, thus propagating it to every language-specific
metadata.
2023-08-21 07:45:14 +00:00
SonarTech
db2433195f
update coverage information
2023-08-21 00:32:40 +00:00
SonarTech
c60968571e
update coverage information
2023-08-19 00:33:14 +00:00
cynthiabethea
33d408cbfd
cyn/modify-S2696-layc-ltypo ( #2910 )
...
## Review
A dedicated reviewer checked the rule description successfully for:
- [ ] logical errors and incorrect information
- [ ] information gaps and missing content
- [ ] text style and tone
- [ ] PR summary and labels follow [the
guidelines](https://github.com/SonarSource/rspec/#to-modify-an-existing-rule )
2023-08-18 16:52:42 +01:00
Marco Kaufmann
52a0ee1b41
Modify rule S106: reworked rule description for LaYC format, SONARJAVA-4570 ( #2907 )
2023-08-18 16:39:19 +02:00
Alban Auzeill
f57852ffb7
Modify rule S2189: Fix diff-id ( #2908 )
2023-08-18 16:01:09 +02:00
github-actions[bot]
de5d7d9043
Create rule S6485: Hash-based collections should be initlizialized with the related static method for better performance ( #1441 )
2023-08-18 16:00:26 +02:00
Alban Auzeill
a25eaee927
Modify rule S4838: Fix typos ( #2906 )
2023-08-18 13:55:15 +00:00
leonardo-pilastri-sonarsource
2808713f12
Modify rule S3020: better rule title ( #2852 )
2023-08-18 15:12:42 +02:00
Marco Kaufmann
92b3f17c07
Modify rule S5413: reworked rule description for LaYC format ( #2905 )
2023-08-18 14:16:29 +02:00
Yassin Kammoun
289a124d78
Modify rule S107: Do not count TypeScript parameter properties ( #2898 )
...
## Review
A dedicated reviewer checked the rule description successfully for:
- [ ] logical errors and incorrect information
- [ ] information gaps and missing content
- [ ] text style and tone
- [ ] PR summary and labels follow [the
guidelines](https://github.com/SonarSource/rspec/#to-modify-an-existing-rule )
2023-08-18 14:01:14 +02:00
Dorian Burihabwa
9ce1a8de8e
Modify rule S2589: Fix typo and formatting in code examples [SONARJAVA-4463] ( #2902 )
2023-08-18 12:09:07 +02:00
github-actions[bot]
64f9977e49
Create rule S6399(C#): XML operations should not be vulnerable to injection attacks ( #2860 )
...
You can preview this rule
[here](https://sonarsource.github.io/rspec/#/rspec/S6399/csharp )
(updated a few minutes after each push).
## Review
A dedicated reviewer checked the rule description successfully for:
- [ ] logical errors and incorrect information
- [ ] information gaps and missing content
- [ ] text style and tone
- [ ] PR summary and labels follow [the
guidelines](https://github.com/SonarSource/rspec/#to-modify-an-existing-rule )
---------
Co-authored-by: daniel-teuchert-sonarsource <daniel-teuchert-sonarsource@users.noreply.github.com>
Co-authored-by: Daniel Teuchert <daniel.teuchert@sonarsource.com>
Co-authored-by: daniel-teuchert-sonarsource <141642369+daniel-teuchert-sonarsource@users.noreply.github.com>
Co-authored-by: Loris S. <91723853+loris-s-sonarsource@users.noreply.github.com>
2023-08-18 11:31:42 +02:00
Loris S
a0abb99f76
Modify S2596(javascript): Convert to LayC ( #2901 )
...
This PR also removes the java folder because it is not implemented and
has no implementation plan. This PR was made spontaneously during
Daniel's onboarding.
---------
Co-authored-by: daniel-teuchert-sonarsource <141642369+daniel-teuchert-sonarsource@users.noreply.github.com>
2023-08-18 09:31:06 +00:00
SonarTech
0d571ab062
update coverage information
2023-08-18 00:34:02 +00:00
Irina Batinic
61b3938fc0
Modify rule S6073: reworked rule description for LaYC format ( #2892 )
2023-08-17 16:53:46 +02:00
Marco Kaufmann
7e57722182
Modify rule S127: reworked rule description for LaYC format ( #2894 )
2023-08-17 16:30:56 +02:00
erwan-serandour-sonarsource
ad0f7fd6dc
SONARJAVA-4463 add significant example to rule S2589 ( #2900 )
2023-08-17 15:53:33 +02:00
Irina Batinic
cb9bb3162a
Modify rule S1264: Update rule description according to the LaYC ( #2891 )
2023-08-17 15:25:56 +02:00
Marco Kaufmann
a8a91b23f7
Modify rule S1994: reworked rule description for LaYC format ( #2889 )
2023-08-17 14:54:01 +02:00
Marco Kaufmann
7e11ea7299
Modify rule S2251: reworked rule description for LaYC format ( #2886 )
2023-08-17 14:53:18 +02:00
github-actions[bot]
ae93071324
Create rule S2245: Add "Using pseudorandom number generators (PRNGs) is security-sensitive" to Go ( #2824 )
...
You can preview this rule
[here](https://sonarsource.github.io/rspec/#/rspec/S2245/go ) (updated a
few minutes after each push).
## Review
A dedicated reviewer checked the rule description successfully for:
- [ ] logical errors and incorrect information
- [ ] information gaps and missing content
- [ ] text style and tone
- [ ] PR summary and labels follow [the
guidelines](https://github.com/SonarSource/rspec/#to-modify-an-existing-rule )
---------
Co-authored-by: sebastien-andrivet-sonarsource <sebastien-andrivet-sonarsource@users.noreply.github.com>
Co-authored-by: sebastien-andrivet-sonarsource <sebastien.andrivet@sonarsource.com>
2023-08-17 14:25:58 +02:00
github-actions[bot]
b5aa16faa3
Create rule S4507: Add "Delivering code in production with debug features activated is security-sensitive" to Go ( #2858 )
...
You can preview this rule
[here](https://sonarsource.github.io/rspec/#/rspec/S4507/go ) (updated a
few minutes after each push).
## Review
A dedicated reviewer checked the rule description successfully for:
- [ ] logical errors and incorrect information
- [ ] information gaps and missing content
- [ ] text style and tone
- [ ] PR summary and labels follow [the
guidelines](https://github.com/SonarSource/rspec/#to-modify-an-existing-rule )
---------
Co-authored-by: sebastien-andrivet-sonarsource <sebastien.andrivet@sonarsource.com>
Co-authored-by: sebastien-andrivet-sonarsource <138577785+sebastien-andrivet-sonarsource@users.noreply.github.com>
Co-authored-by: Jamie Anderson <127742609+jamie-anderson-sonarsource@users.noreply.github.com>
2023-08-17 14:25:28 +02:00
erwan-serandour-sonarsource
ef25af53bc
SONARJAVA-4563 S1258 update documentation to support new annotation ( #2899 )
2023-08-17 14:18:19 +02:00
github-actions[bot]
a15c1733db
Create rule S6547(C#): Environment variables should not be defined from untrusted input ( #2875 )
...
You can preview this rule
[here](https://sonarsource.github.io/rspec/#/rspec/S6547/csharp )
(updated a few minutes after each push).
## Review
A dedicated reviewer checked the rule description successfully for:
- [ ] logical errors and incorrect information
- [ ] information gaps and missing content
- [ ] text style and tone
- [ ] PR summary and labels follow [the
guidelines](https://github.com/SonarSource/rspec/#to-modify-an-existing-rule )
---------
Co-authored-by: daniel-teuchert-sonarsource <daniel-teuchert-sonarsource@users.noreply.github.com>
Co-authored-by: Daniel Teuchert <daniel.teuchert@sonarsource.com>
Co-authored-by: daniel-teuchert-sonarsource <141642369+daniel-teuchert-sonarsource@users.noreply.github.com>
Co-authored-by: Loris S. <91723853+loris-s-sonarsource@users.noreply.github.com>
2023-08-17 12:58:46 +02:00
Anton Haubner
52b830187d
Modify rule S935: Fix ruleSpecification value in metadata ( #2895 )
2023-08-17 10:55:56 +02:00
Irina Batinic
5829684329
Modify rule S135: Update rule description according to the LaYC ( #2888 )
2023-08-16 15:21:28 +02:00
github-actions[bot]
10cb45778a
Create rule S4423: add Go (APPSEC-905) ( #2830 )
...
Research ticket:
[APPSEC-905](https://sonarsource.atlassian.net/browse/APPSEC-905 )
You can preview this rule
[here](https://sonarsource.github.io/rspec/#/rspec/S4423/go ) (updated a
few minutes after each push).
## Review
A dedicated reviewer checked the rule description successfully for:
- [ ] logical errors and incorrect information
- [ ] information gaps and missing content
- [ ] text style and tone
- [ ] PR summary and labels follow [the
guidelines](https://github.com/SonarSource/rspec/#to-modify-an-existing-rule )
[APPSEC-905]:
https://sonarsource.atlassian.net/browse/APPSEC-905?atlOrigin=eyJpIjoiNWRkNTljNzYxNjVmNDY3MDlhMDU5Y2ZhYzA5YTRkZjUiLCJwIjoiZ2l0aHViLWNvbS1KU1cifQ
---------
Co-authored-by: egon-okerman-sonarsource <egon-okerman-sonarsource@users.noreply.github.com>
Co-authored-by: Egon Okerman <egon.okerman@sonarsource.com>
2023-08-16 13:53:27 +02:00
chrislain-razafimahefa-sonarsource
d6296c69f4
Modify rule S6466: Fix typos ( #2890 )
2023-08-16 13:35:16 +02:00
github-actions[bot]
adac450cab
Create rule S2612: add Go (APPSEC-908) ( #2869 )
...
You can preview this rule
[here](https://sonarsource.github.io/rspec/#/rspec/S2612/go ) (updated a
few minutes after each push).
## Review
A dedicated reviewer checked the rule description successfully for:
- [ ] logical errors and incorrect information
- [ ] information gaps and missing content
- [ ] text style and tone
- [ ] PR summary and labels follow [the
guidelines](https://github.com/SonarSource/rspec/#to-modify-an-existing-rule )
---------
Co-authored-by: egon-okerman-sonarsource <egon-okerman-sonarsource@users.noreply.github.com>
Co-authored-by: Egon Okerman <egon.okerman@sonarsource.com>
2023-08-16 11:42:20 +02:00
Antonio Aversa
1288ef29bf
Modify rules S1186, S2589, S2953: Fix incorrect use of diff blocks ( #2884 )
...
Related to
https://discuss.sonarsource.com/t/layc-diff-view-validation/15392
Fixes remaining issues for C#, VB.NET and VB6.
## Review
A dedicated reviewer checked the rule description successfully for:
- [x] logical errors and incorrect information
- [x] information gaps and missing content
- [x] text style and tone
- [x] PR summary and labels follow [the
guidelines](https://github.com/SonarSource/rspec/#to-modify-an-existing-rule )
2023-08-16 10:45:12 +02:00
Marco Kaufmann
d27acc7bf1
Modify rule S4838: reworked rule description for LayC format [SONARJAVA-4578] ( #2885 )
2023-08-16 10:26:18 +02:00
Leonardo Pilastri
898f00a110
Diff blocks: fix incorrect use for kotlin
2023-08-16 10:09:30 +02:00
SonarTech
702f3eb797
update coverage information
2023-08-16 00:33:49 +00:00
github-actions[bot]
4532785786
Create rule S5332: Using clear-text protocols is security-sensitive (Go support) ( #2874 )
...
You can preview this rule
[here](https://sonarsource.github.io/rspec/#/rspec/S5332/go ) (updated a
few minutes after each push).
Related tickets:
* Research ticket:
[APPSEC-898](https://sonarsource.atlassian.net/browse/APPSEC-898 )
* Implementation ticket (HTTP):
[SONARSLANG-605](https://sonarsource.atlassian.net/browse/SONARSLANG-605 )
* Implementation ticket (FTP):
[SONARSLANG-604](https://sonarsource.atlassian.net/browse/SONARSLANG-604 )
* Implementation ticket (SMTP):
[SONARSLANG-603](https://sonarsource.atlassian.net/browse/SONARSLANG-603 )
## Review
A dedicated reviewer checked the rule description successfully for:
- [x] logical errors and incorrect information
- [x] information gaps and missing content
- [x] text style and tone
- [x] PR summary and labels follow [the
guidelines](https://github.com/SonarSource/rspec/#to-modify-an-existing-rule )
2023-08-15 17:11:21 +01:00
Irina Batinic
e2dec3882d
Modify rule S1751: Update rule description according to the LaYC ( #2881 )
...
Co-authored-by: Marco Kaufmann <83189575+kaufco@users.noreply.github.com>
2023-08-15 17:28:14 +02:00
Marco Kaufmann
ff2b22601a
Modify rule S2272: reworked rule description for LaYC format ( #2872 )
2023-08-15 15:20:53 +00:00
Marco Kaufmann
74437e0a15
Modify rule S4348: reworked rule description for LaYC format ( #2873 )
2023-08-15 17:18:52 +02:00
Irina Batinic
76c34b093a
Modify rule S2189: Update rule description according to the LaYC ( #2880 )
2023-08-15 16:49:04 +02:00
Marco Borgeaud
1c405e4c3a
Diff blocks: fix incorrect use for vbnet ( #2807 )
2023-08-15 14:22:05 +02:00
Marco Borgeaud
57c303541e
Diff blocks: fix some incorrect use for csharp ( #2799 )
2023-08-15 14:19:27 +02:00
Marco Borgeaud
ffde1ebd9a
Diff blocks: fix some incorrect use for kotlin ( #2803 )
...
Improvement identified in #2790 .
Add a prefix to the diff-id when it is used multiple times in different
"how to fix it in XYZ" sections to avoid ambiguity and pedantically
follow the spec:
> A single and unique diff-id should be used only once for each type of
code example as shown in the description of a rule.
Obvious typos around `diff-id` were fixed.
2023-08-15 13:34:10 +02:00
Marco Borgeaud
dde2f675f7
Diff blocks: fix incorrect use for CFamily
...
Fix the remaining issues in the CFamily.
2023-08-15 12:07:06 +02:00
Marco Borgeaud
4aee7ce2d6
Diff blocks: fix incorrect use for swift ( #2805 )
...
Improvement identified in #2790 .
Add a prefix to the diff-id when it is used multiple times in different
"how to fix it in XYZ" sections to avoid ambiguity and pedantically
follow the spec:
> A single and unique diff-id should be used only once for each type of
code example as shown in the description of a rule.
2023-08-15 11:52:10 +02:00
github-actions[bot]
00bca507ba
Create rule S6466: Accessing array element should not trigger an ArrayIndexOutOfBoundException ( #2409 )
2023-08-15 11:01:26 +02:00
Marco Borgeaud
210246f5d8
Diff blocks: fix incorrect use for CFamily
...
Improvement identified in #2790 .
Add a prefix to the diff-id when it is used multiple times in different
"how to fix it in XYZ" sections to avoid ambiguity and pedantically
follow the spec:
> A single and unique diff-id should be used only once for each type of
code example as shown in the description of a rule.
Obvious typos around `diff-type` were fixed.
2023-08-15 10:14:59 +02:00
Marco Kaufmann
ebbaeba526
Modify rule S6632: fixed tags ( #2879 )
2023-08-15 10:12:10 +02:00
Marco Kaufmann
ee26f0b837
Modify rule S6629: fixed tags ( #2878 )
2023-08-15 10:11:41 +02:00
