Scomocouk
df457e22f2
Modify rule S4035: Fix typo in 'Why is this an issue' section - "IEquitable<T>" -> "IEquatable<T>" ( #3535 )
...
Co-authored-by: Scott Moore <scott.moore@viavisolutions.com>
2024-01-24 12:00:02 +01:00
Loïc Joly
d1fe2c3ef5
CPP-4873 S1001: Literals namespaces should be allowlisted from the rule
2024-01-23 01:58:20 +01:00
SonarTech
b97c7b845e
update coverage information
2024-01-23 00:33:13 +00:00
Fred Tingaud
ba118db149
Modify Rule S6620: Fix title
2024-01-22 12:21:23 +01:00
SonarTech
55210bdb9b
update coverage information
2024-01-22 00:32:46 +00:00
Cristian Ambrosini
5a8cb4555a
Fix S4027 C#: BinaryFormatter. Serialization constructors are obsolete and should not be required ( #3541 )
2024-01-18 14:09:20 +01:00
Gregory Paidis
a69589504d
Modify rules S3260,S6610,S6612,S6613,S6617,S6618: Fix benchmark table ( #3532 )
...
* Fix benchmarks for S3260,S6610,S6612,S6613,S6617,S6618
* Review 1
2024-01-18 09:26:58 +01:00
Pierre-Loup
24a9c85e59
Fix broken links from blogs.bing.com and testng.org ( #3540 )
...
* Fix testng.org broken links
* Fix blogs.bing.com broken link
2024-01-18 09:20:33 +01:00
Pierre-Loup
770348d041
Avoid OWASP Top 10 security-standard mismatch between metadata and description links (RULEAPI-798) ( #3537 )
...
* Add check for security standard mismatch
* Fix security standard mismatches
* Fix Resources/Standards links for secrets rules
* Fix check
* Fix links and update security standard mapping
* Fix maintanability issue
* Apply review suggestions
* Apply suggestions from code review
Co-authored-by: Egon Okerman <egon.okerman@sonarsource.com>
* Fix typo
Co-authored-by: Egon Okerman <egon.okerman@sonarsource.com>
---------
Co-authored-by: Egon Okerman <egon.okerman@sonarsource.com>
2024-01-17 17:20:28 +01:00
Peter Trifanov
f6ac76fbb1
Fix links to Docker docs in S6437 and S6472 ( #3536 )
2024-01-17 14:41:59 +01:00
Egon Okerman
d1417e82f8
Modify CWE and OWASP Top 10 links to follow standard link format (APPSEC-1134) ( #3529 )
...
* Fix all CWE references
* Fix all OWASP references
* Fix missing CWE prefixes
2024-01-15 17:15:56 +01:00
Gregory Paidis
1aafc90f68
Fix benchmarks for S6602,S6603,S6605,S6607,S6608,S6609 ( #3530 )
2024-01-15 08:47:49 +01:00
Gregory Paidis
96fed93d7b
Benchmarks Guide: Update statistical term links ( #3531 )
2024-01-05 13:52:54 +01:00
Egon Okerman
6fe3e11073
Modify rule S5131: Add FastAPI (APPSEC-1250) ( #3412 )
2024-01-04 11:23:05 +01:00
Egon Okerman
6a8c878999
Fix Flask example ( #3527 )
2024-01-03 16:36:15 +01:00
SonarTech
5a6e7fd8cd
update coverage information
2023-12-23 00:32:44 +00:00
github-actions[bot]
816372774e
Create rule S6870: Storage limits should be enforced ( #3521 )
2023-12-22 15:52:20 +01:00
github-actions[bot]
1f170595e5
Create rule S1444: Public "static" fields should be read-only ( #3475 )
2023-12-22 15:12:45 +01:00
Fred Tingaud
a1090dca6c
Clean warnings
2023-12-22 14:18:33 +01:00
Fred Tingaud
1012001409
RULEAPI-800 Detect usages of C++ instead of {cpp} in asciidoc
2023-12-22 13:58:58 +01:00
github-actions[bot]
c292108e16
Modify rule S6473: add Kubernetes (APPSEC-1395) ( #3522 )
...
* Add kubernetes to rule S6473
* Initial draft
---------
Co-authored-by: egon-okerman-sonarsource <egon-okerman-sonarsource@users.noreply.github.com>
Co-authored-by: Egon Okerman <egon.okerman@sonarsource.com>
2023-12-22 11:54:01 +01:00
Nils Werner
fe93f7c6bd
Fix typo in S1125 description ( #3518 )
2023-12-22 10:07:51 +01:00
Marco Borgeaud
072e67b8d4
Fix asciidoc w.r.t. C++ ( #3519 )
...
"C++" spelled as-is can result in unexpected rendering, such as
C++20 was released before C++17
renders as
C20 was released before C17
Make consistent use of `[source,cpp]`.
2023-12-21 15:51:41 +01:00
Angelo Buono
8d14cd83c7
Update java:S1068 exceptions to mention classes with Lombok annotations ( #3523 )
...
Co-authored-by: Johann Beleites <sdefend_9jftz8pq@esnail.de>
2023-12-21 14:07:24 +00:00
kevin.hinz
d47197b23a
Update description.adoc ( #3509 )
2023-12-21 10:01:03 +01:00
kevin.hinz
014db5e0bd
Update rationale.adoc ( #3520 )
2023-12-21 09:09:34 +01:00
github-actions[bot]
50c8c02bc5
Create rule S6869: CPU limits should be enforced ( #3515 )
2023-12-20 12:07:04 +01:00
Fred Tingaud
22b4470f2a
Modify CFamily rules: CPP-4080 Refresh and standardize CppCoreGuidelines references ( #3514 )
...
Update all links to C++ Core Guidelines to `e49158a`.
Refresh done using the following script and some manual edits:
db76e34e74/personal/fred-tingaud/rspec/refresh-cppcoreguidelines.py
2023-12-20 10:08:18 +01:00
daniel-teuchert-sonarsource
6610704c1c
Added CWE ( #3516 )
2023-12-19 14:14:41 +01:00
github-actions[bot]
b5a13febc2
Create rule S6868: Allowing command execution is security sensitive ( #3513 )
...
* Create rule S6868
* Added description for S6868
* Removed title duplicate
* Adjusted code example language
* Update rules/S6868/kubernetes/rule.adoc
Co-authored-by: Sebastien Andrivet <138577785+sebastien-andrivet-sonarsource@users.noreply.github.com>
---------
Co-authored-by: daniel-teuchert-sonarsource <daniel-teuchert-sonarsource@users.noreply.github.com>
Co-authored-by: Daniel Teuchert <daniel.teuchert@sonarsource.com>
Co-authored-by: daniel-teuchert-sonarsource <141642369+daniel-teuchert-sonarsource@users.noreply.github.com>
Co-authored-by: Sebastien Andrivet <138577785+sebastien-andrivet-sonarsource@users.noreply.github.com>
2023-12-19 14:12:12 +01:00
github-actions[bot]
dcac6104e1
Create rule S6867 ( #3511 )
...
* Create rule S6867
Co-authored-by: hendrik-buchwald-sonarsource <64110887+hendrik-buchwald-sonarsource@users.noreply.github.com>
2023-12-19 13:16:14 +01:00
github-actions[bot]
7830f4aa98
Create rule S6865 ( #3505 )
...
* Create rule S6865
* Added description
* Improved description
* Fix layout to pass asciidoc tests
* Fix layout to pass asciidoc tests
* Some adjustments after review
---------
Co-authored-by: daniel-teuchert-sonarsource <daniel-teuchert-sonarsource@users.noreply.github.com>
Co-authored-by: Daniel Teuchert <daniel.teuchert@sonarsource.com>
Co-authored-by: daniel-teuchert-sonarsource <141642369+daniel-teuchert-sonarsource@users.noreply.github.com>
2023-12-19 12:38:17 +01:00
hendrik-buchwald-sonarsource
8c10b08710
Modify rule S6864: Update text regarding namespaces ( #3512 )
2023-12-19 10:09:01 +01:00
SonarTech
26aa9b5d3b
update coverage information
2023-12-19 00:32:38 +00:00
Pierre-Loup
241c6bbf54
Modify rule S6287: Add FastAPI support (APPSEC-1252) ( #3390 )
2023-12-18 11:17:43 +01:00
github-actions[bot]
8d5e029e90
Create rule S6864: Memory limits should be enforced ( #3491 )
2023-12-18 09:41:50 +01:00
Gregory Paidis
0f0aabf9da
Add documentation about benchmark results ( #3508 )
2023-12-15 17:39:01 +01:00
github-actions[bot]
1dcfab1348
Create rule S6857: SpEL expression should have valid syntax ( #3463 )
2023-12-15 13:48:43 +01:00
Sebastien Andrivet
e65855198a
Deprecate rule S6245 ( #3501 )
2023-12-15 09:16:02 +01:00
Sebastien Andrivet
10876b1236
Modify rule S1876: No more a hotspot, now a code smell (APPSEC-1400) ( #3495 )
...
* Deprecate rule S876
* The rule is not deprecated, it is changed to a code smell
* Add missing quickfix
* Update the title
2023-12-14 17:16:37 +01:00
Egon Okerman
1f6366ebd7
Close rule S5750 ( #3507 )
2023-12-14 17:02:35 +01:00
Egon Okerman
73c697e14f
Deprecate rule S5743 ( #3504 )
2023-12-14 15:18:24 +01:00
Egon Okerman
979b78197d
Update rule S4792 to deprecated ( #3498 )
2023-12-14 15:17:36 +01:00
Pavel Mikula
563d745a80
Modify rule S3928: Update exceptions ( #3500 )
...
Modify S3928: Update exceptions
2023-12-14 15:13:03 +01:00
Loïc Joly
4c24467534
CPP-4803 S3630: Clarify in RSPEC what is expected from users before C++20
2023-12-14 15:01:44 +01:00
Marharyta
75c6ede0e3
Fix compliant example ( #3503 )
2023-12-14 11:52:12 +01:00
Marharyta
bf5320781b
Add Java interop section ( #3502 )
2023-12-14 11:39:45 +01:00
SonarTech
82b586d33d
update coverage information
2023-12-14 00:33:00 +00:00
github-actions[bot]
6f7aa63261
Create rule S6863: Set appropriate Status Codes on HTTP responses ( #3485 )
2023-12-13 15:28:06 +01:00
Ilia Kebets
7c1099e676
Modify S3358: add link to blog post ( #3493 )
2023-12-13 10:32:03 +01:00
