ishangsf/rspec
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,778 Commits 329 Branches 2 Tags
Commit Graph

1778 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Pierre-Loup
dbca6ec12c Modify rule S2083[C#]: Educational content (APPSEC-49) (#1121) 2023-03-02 18:07:54 +01:00
Pierre-Loup
9d944403b4 [APPSEC-48] Modify rule S2083[java]: Educational content (#1112) 2023-03-02 18:07:54 +01:00
Christophe Zürn
47ba59f3b5 RULEAPI-766 Add documentation and integrity checks for new education rule descriptions format (#1098) 2023-03-02 18:07:54 +01:00
Christophe Zurn
7c36d2a006 SONARSEC-3113 Update code example layouts of S5131 (XSS) rule description 2023-03-02 18:07:54 +01:00
Christophe Zurn
bb64555a09 SONARSEC-3109 Merge all resources together 2023-03-02 18:07:54 +01:00
Christophe Zurn
e7cf1c030e SONARSEC-3109 S5131 XSS rule should contain context-specific patches 2023-03-02 18:07:54 +01:00
Christophe Zürn
e8563c6351 [Education] Update code example layout of S5131 (XSS) (#1018) 
* Update code examples of data encoding to use more vertical space

* Compliant / Noncompliant code examples are one after the other
 2023-03-02 18:07:54 +01:00
Christophe Zürn
8ee3e9e8c7 Remove headers for empty section (#1017) 2023-03-02 18:07:54 +01:00
Roberto Orlandi
47d95f6802 SONARSEC-3035 Adapt images of educational rule descriptions (#1010) 2023-03-02 18:07:54 +01:00
Roberto Orlandi
dc83422098 SONARSEC-3040 Update checks and documentation to fit new rule format (#1004) 2023-03-02 18:07:54 +01:00
Roberto Orlandi
83eefb94b5 Education s5131 one file per language (#1002) 2023-03-02 18:07:54 +01:00
github-actions[bot]
84283b7844
Create rule S6437: Credentials should not be hard-coded (#1600) 2023-03-02 15:55:56 +00:00
github-actions[bot]
f78b300dd0
Modify rule S1135: Add Docker (#1593) 2023-03-02 11:52:43 +01:00
Zsolt Kolbay
bb5403ec63
S3398: Add C# description (#1572) 
* Add C# rule description

* Fix links
 2023-03-02 11:08:03 +01:00
github-actions[bot]
91e637c8a5
Modify rule S1135: Add Kubernetes (#1594) 2023-03-02 10:52:51 +01:00
github-actions[bot]
67eb1dd694
Create rule S1135 (#1595) 2023-03-02 10:28:26 +01:00
github-actions[bot]
f91a518256
Create rule S1135 (#1596) 2023-03-02 10:14:39 +01:00
SonarTech
acb82bf594 update coverage information 2023-03-02 00:34:30 +00:00
Antonio Aversa
863b7861f6
Modify rule S2445: Add C# description and samples (#1570) 2023-03-01 11:52:37 +01:00
Antonio Aversa
d8afb223d8
Modify rule S4545: Add VB.NET specifics, Move C# specifics (#1571) 2023-03-01 10:42:00 +01:00
SonarTech
678acecae5 update coverage information 2023-03-01 00:34:53 +00:00
Roberto Orlandi
89912dadaa
Rule S3052 does not apply to PHP (#1592) 2023-02-28 16:02:12 +01:00
Ilia Kebets
4cdfa1ab5d
AsciiDoc Dos & Don'ts 2023-02-28 10:34:49 +00:00
Johann Beleites
aea8ddfc1f
Create rule S3958[kotlin]: Intermediate Sequence functions should not be left unused (#356) 2023-02-28 10:24:51 +01:00
SonarTech
bbcb90d4c4 update coverage information 2023-02-28 00:34:09 +00:00
Zsolt Kolbay
d68bafc932
Improve S2094: Add exceptions (#1575) 
* Update VB description

* Add Exceptions section
 2023-02-27 19:02:57 +01:00
github-actions[bot]
117fd26cf1
Create rule S6506: Allowing downgrades to a clear-text protocol is security-sensitive (APPSEC-489) (#1588) 
* Create rule S6506

* Add rule docs

* Fix typo

* Apply suggestions from code review

Co-authored-by: Pierre-Loup <49131563+pierre-loup-tristant-sonarsource@users.noreply.github.com>

* Fix URL in example being referenced as a legit URL

---------

Co-authored-by: egon-okerman-sonarsource <egon-okerman-sonarsource@users.noreply.github.com>
Co-authored-by: Egon Okerman <egon.okerman@sonarsource.com>
Co-authored-by: Pierre-Loup <49131563+pierre-loup-tristant-sonarsource@users.noreply.github.com>
 2023-02-27 16:07:40 +01:00
Mary Georgiou
ad7ac5ba98
Modify rule S131(PLSQL): Change title to fit implementation (#1589) 
* update title to match the implementation

* Find replacement for link with broken certificate
 2023-02-27 15:16:49 +01:00
Martin Strecker
04c9cc2c4f
Modify rule S2970: Improve description of supported test library functions (#1518) 2023-02-27 12:54:03 +01:00
SonarTech
9ee31b9a49 update coverage information 2023-02-24 00:33:02 +00:00
Egon Okerman
38b0750ac6
Modify rule S4423: Add Docker (APPSEC-460) (#1585) 
* Add Docker rule

* Remove irrelevant metadata tag

* Update message
 2023-02-23 14:27:11 +01:00
pedro-oliveira-sonarsource
f238f486d8
Modify rule S6437: Add Docker (APPSEC-458) (#1586) 2023-02-23 09:43:48 +01:00
SonarTech
c716dba1e4 update coverage information 2023-02-23 00:33:04 +00:00
github-actions[bot]
c58572f626
Create rule S6505: Allowing shell scripts execution during package installation is security-sensitive (APPSEC-483) (#1584) 2023-02-22 16:09:29 +00:00
Mary Georgiou
ffd8720ca0
Modify rule S2223: Update description to include also the case of global state (#1583) 2023-02-22 15:19:19 +01:00
github-actions[bot]
13174db6cd
Create rule S6504: Having executables not owned by root is security-sensitive (#1581) 2023-02-22 14:35:19 +01:00
SonarTech
28cb47c898 update coverage information 2023-02-22 13:16:55 +00:00
Mary Georgiou
369a47bb71
Modify rule S1444(C#): Add info on decision to not implement this rule for C# (#1578) 2023-02-21 16:34:52 +00:00
SonarTech
9b5475af23 update coverage information 2023-02-21 00:32:51 +00:00
Loïc Joly
af33fce1b9
Modify rule S6191 CPP-3876 Update the RSPEC with un-deprecation of these uses in C++23 
And make the description more beginner-friendly.
 2023-02-20 17:50:29 +00:00
SonarTech
5acb8a684a update coverage information 2023-02-18 00:33:42 +00:00
Marco Borgeaud
dbc0a4e295
Modify rule S6181: Fix typos (CPP-4112) (#1577) 2023-02-17 12:35:10 +01:00
Arseniy Zaostrovnykh
4a54cf1b62
Modify S4433: fix the broken link (#1582) 2023-02-17 12:15:56 +01:00
maksim-grebeniuk-sonarsource
2ab90fb789
Modify rule S5890: Add a message in case of None value assignment (SONARPY-790) (#1573) 2023-02-17 08:55:51 +01:00
github-actions[bot]
a44203e93d
Modify rule S6437: Add Docker (APPSEC-462) (#1574) 2023-02-17 08:33:20 +01:00
Andrea Guarino
cbd4a1bc85
Remove link in french (#1580) 2023-02-16 16:43:19 +01:00
Antonio Aversa
6a81c5e8bb
Add missing semicolon (#1579) 2023-02-16 13:23:33 +00:00
Gregory Paidis
972f4dc5fb
S2198: Add C# (#1534) 
* Change description and add some comments

* Update the description of what the C# implementation actually does for now

* Fix a typo

* Small formatting change on S2198

* Small formatting changes on S2198

* Small formatting change on S2198
 2023-02-15 15:00:19 +01:00
github-actions[bot]
a8b5a83add
Create rule S3063: Add vbnet language (#1524) 
* Add vbnet to rule S3063

* Add adoc for CS/VB

* Add exceptions

* Add invocations exceptions

* Addressed PR comments

* Semplifications, better wording on the descriptions

* Small description fix

* Add indexer and .Length expression exceptions and fix description

* sub-list to inline

* Fix typos

---------

Co-authored-by: cristian-ambrosini-sonarsource <cristian-ambrosini-sonarsource@users.noreply.github.com>
Co-authored-by: Cristian Ambrosini <cristian.ambrosini@sonarsource.com>
 2023-02-15 13:07:42 +01:00
SonarTech
eb541d7fbe update coverage information 2023-02-15 00:33:19 +00:00