Modify rule S6945: Upgrade severity and impact to Critical and HIGH

Following the documentation, MAINTAINABILITY issues should have at least HIGH
impact, and Critical severity, if they can lead to the introduction of bugs.

RELIABILITY issues should have at least HIGH impact, and Critical severity,
if they can for example cause corrupted data.

Both applies here. Hence, we upgrade the `defaultSeverity` and impact
levels.

These are the documentation link:
https://docs.sonarsource.com/sonarqube-server/2025.1/extension-guide/adding-coding-rules/#setting-severities-in-mqr-mode
https://docs.sonarsource.com/sonarqube-server/2025.1/extension-guide/adding-coding-rules/#setting-severities-in-se-mode

.github/workflows/PullRequestClosed.yml

@@ -14,6 +14,7 @@ jobs:
     # For external PR, ticket should be moved manually
     if: |
         github.event.pull_request.head.repo.full_name == github.repository
+        && github.event.pull_request.merged
     steps:
       - id: secrets
         uses: SonarSource/vault-action-wrapper@v3

.github/workflows/main.yml

@@ -7,7 +7,7 @@ on:
 
 jobs:
   build-and-deploy:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-20.04
     permissions:
       pull-requests: read # Get the list and metadata of open new-rule PRs
       contents: write # Get the contents of open new-rule PRs, the 'master'; write to 'gh-pages' branch

.github/workflows/update_coverage.yml

@@ -10,6 +10,7 @@ jobs:
     permissions:
       id-token: write # required by SonarSource/vault-action-wrapper
       contents: write
+      checks: read # required by fountainhead/action-wait-for-check
       actions: write # required by andymckay/cancel-action
     env:
       TMP_BRANCH: temporary/coverage_update
@@ -29,7 +30,6 @@ jobs:
         fetch-depth: 0
         path: 'rspec'
         token: ${{ fromJSON(steps.secrets.outputs.vault).coverage_github_token }}
-        ref: 'master'
 
     - uses: actions/setup-python@v4
       with:
@@ -73,62 +73,40 @@ jobs:
         git commit -m "update coverage information"
         git push --force-with-lease origin $TMP_BRANCH
 
-    - name: 'Create a PR'
-      id: create-github-pr
-      working-directory: 'rspec'
-      env:
-        GH_TOKEN: ${{ fromJSON(steps.secrets.outputs.vault).coverage_github_token }}
-      run: |
-        PR_URL=$(gh pr create --head ${{ env.TMP_BRANCH }} --title "Update coverage information" --body "" --label "rspec system")
-        gh pr merge $PR_URL
+    - name: 'Wait for CI to succeed'
+      if: steps.gen-coverage.outputs.new_coverage == 'true'
+      uses: fountainhead/action-wait-for-check@v1.0.0
+      id: wait-for-build
+      with:
+        token: ${{ secrets.GITHUB_TOKEN }}
+        checkName: all_required_checks
+        ref: ${{ env.TMP_BRANCH }}
+        timeoutSeconds: 2400
+        intervalSeconds: 30
 
-    - name: 'Wait until the PR is merged'
-      id: wait-for-pr-to-merge
-      env:
-        GH_TOKEN: ${{ fromJSON(steps.secrets.outputs.vault).coverage_github_token }}
+    - name: 'Push the updated coverage to master'
+      if: |
+        steps.gen-coverage.outputs.new_coverage == 'true' &&
+        steps.wait-for-build.outputs.conclusion == 'success' &&
+        (github.event_name != 'workflow_dispatch' || github.ref == format('refs/heads/{0}', github.event.repository.default_branch))
       working-directory: 'rspec'
       run: |
-        set -ueo pipefail
+        git checkout master
+        git merge $TMP_BRANCH
+        git push origin master
 
-        # Implicitly referring to the PR corresponding to current branch
+    - name: 'Delete the temporary branch'
+      if: always() && steps.create-temp-branch.conclusion == 'success'
+      uses: dawidd6/action-delete-branch@v3
+      with:
+        github_token: ${{ secrets.GITHUB_TOKEN }}
+        branches: ${{ env.TMP_BRANCH}}
 
-        # Set timeout (20 minutes in seconds)
-        TIMEOUT=1200 # seconds
-        START_TIME=$(date +%s)
-        INTERVAL=20 # seconds
-
-        while true; do
-          # Check if the PR is merged
-          PR_STATE=$(gh pr view --json state,mergedAt -q '.state')
-          MERGED_AT=$(gh pr view --json state,mergedAt -q '.mergedAt')
-
-          if [[ "${PR_STATE}" == "MERGED" ]]; then
-            echo "PR merged at: $MERGED_AT"
-            exit 0
-          fi
-          echo "PR state is ${PR_STATE}"
-
-          # Check for timeout
-          CURRENT_TIME=$(date +%s)
-          ELAPSED_TIME=$((CURRENT_TIME - START_TIME))
-
-          if [[ "${ELAPSED_TIME}" -gt "${TIMEOUT}" ]]; then
-            echo "Timeout waiting for PR to merge."
-            exit 1
-          fi
-
-          # Wait for $INTERVAL seconds before checking again
-          sleep "$INTERVAL"
-        done
-
-    - name: 'Close PR and delete branch upon failure to merge'
-      if: ${{ failure() }}
-      env:
-        GH_TOKEN: ${{ fromJSON(steps.secrets.outputs.vault).coverage_github_token }}
-      working-directory: 'rspec'
-      run: |
-        PR_URL=$(gh pr view --json url --jq '.url')
-        gh pr close "$PR_URL" --delete-branch
+    - name: 'Fail if the change breaks CI'
+      if: |
+        steps.gen-coverage.outputs.new_coverage == 'true' &&
+        steps.wait-for-build.outputs.conclusion != 'success'
+      run: exit 1
 
     - name: 'Notify on slack about the failure'
       if: ${{ failure() }}

.github/workflows/update_quickfix_status.yml

@@ -25,7 +25,7 @@ on:
 jobs:
   update_quickfix_status:
     name: Update quick fix status
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-20.04
     permissions:
       contents: write
       pull-requests: write

docs/header_names/allowed_framework_names.adoc

@@ -27,7 +27,6 @@
 * libxml2
 // Java
 * Android
-* Android WebView
 * Apache Commons
 * Apache Commons
 * Apache Commons Email
@@ -43,13 +42,12 @@
 * Java EE
 * Java JWT
 * Java SE
-* Java JDBC API
-* Java I/O API
 * Jdom2
 * JSP
 * Legacy Mongo Java API
 * OkHttp
 * Realm
+* Java Cryptography Extension
 * Apache HttpClient
 * Couchbase
 * SAX
@@ -98,7 +96,6 @@
 * Argon2-cffi
 * Bcrypt
 * Cryptodome
-* databases
 * Django
 * Django Templates
 * FastAPI
@@ -161,5 +158,3 @@
 * Go Standard Library
 // Kubernetes
 * Helm
-// Kotlin
-Jetpack Compose

docs/link_formatting.adoc

@@ -45,7 +45,6 @@ When web pages have massively long names like "Java™ Platform, Standard Editio
 * AWS blog - https://aws.amazon.com/blogs
 * Azure Documentation - https://learn.microsoft.com/en-us/azure/?product=popular
 * CERT - https://wiki.sei.cmu.edu/confluence/display/seccode
-* Clippy Lints - https://rust-lang.github.io/rust-clippy/master/index.html
 * {cpp} reference - https://en.cppreference.com/w/
 * {cpp} Core Guidelines - https://github.com/isocpp/CppCoreGuidelines/blob/e49158a/CppCoreGuidelines.md
 * CVE - https://cve.mitre.org

frontend/src/RulePage.tsx

@@ -158,7 +158,7 @@ const languageToJiraProject = new Map(Object.entries({
   'HTML': 'SONARHTML',
   'PHP': 'SONARPHP',
   'PLI': 'SONARPLI',
-  'PLSQL': 'PLSQL',
+  'PLSQL': 'SONARPLSQL',
   'RPG': 'SONARRPG',
   'APEX': 'SONARAPEX',
   'RUBY': 'SONARRUBY',
@@ -168,8 +168,8 @@ const languageToJiraProject = new Map(Object.entries({
   'GO': 'SONARGO',
   'SECRETS': 'SONARTEXT',
   'SWIFT': 'SONARSWIFT',
-  'TSQL': 'TSQL',
-  'VB6': 'VB6',
+  'TSQL': 'SONARTSQL',
+  'VB6': 'SONARVBSIX',
   'XML': 'SONARXML',
   'CLOUDFORMATION': 'SONARIAC',
   'TERRAFORM': 'SONARIAC',
@@ -320,7 +320,7 @@ function usePageMetadata(ruleid: string, language: string, classes: UsedStyles):
 
   if (coverage !== 'Not Covered') {
     prUrl = undefined;
-    branch = 'master';
+    branch = 'master'; 
   }
 
   return {

rspec-tools/rspec_template/single_language/secrets/metadata.json

@@ -7,7 +7,7 @@
     },
     "attribute": "TRUSTWORTHY"
   },
-  "status": "beta",
+  "status": "ready",
   "remediation": {
     "func": "Constant\/Issue",
     "constantCost": "30min"

rspec-tools/rspec_template/single_language/secrets/rule.adoc

@@ -1,11 +1,3 @@
-:example_env: ENV_VAR_NAME
-:example_name: java-property-name
-:example_secret: example_secret_value
-
-// Set value that can be used to refer to the type of secret in, for example:
-// "An attacker can use this {secret_type} to ..."
-// Commonly used values: access token, api key, application secret, application key or consumer key, service password, OAuth token, deployment password
-:secret_type: secret
 
 include::../../../shared_content/secrets/description.adoc[]
 
@@ -17,97 +9,32 @@ include::../../../shared_content/secrets/rationale.adoc[]
 
 // Optional: Give a general description of the secret and what it's used for.
 
-include::../../../shared_content/secrets/impact/generic_impact.adoc[]
+Below are some real-world scenarios that illustrate some impacts of an attacker
+exploiting the secret.
 
-// Uncomment the following line, if specifying detailed impacts from below (also make sure to have new lines around the uncommented includes):
-// include::../../../shared_content/secrets/impact/specific_impact_intro.adoc[]
+// Set value that can be used to refer to the type of secret in, for example:
+// "An attacker can use this {secret_type} to ..."
+:secret_type: secret
 
-// Secret may allow hosting arbitrary files
-// include::../../../shared_content/secrets/impact/malware_distribution.adoc[]
+// Where possible, use predefined content for common impacts. This content can
+// be found in the folder "shared_content/secrets/impact".
+// When using predefined content, search for any required variables to be set and include them in this file.
+// Not adding them will not trigger warnings.
 
-// Secret may allow accessing or compromising sensitive data
-// include::../../../shared_content/secrets/impact/data_compromise.adoc[]
-
-// Secret may allow uploading artifacts to services used elsewhere in the supply chain
-// This is specific for code and artifact repositories
-// include::../../../shared_content/secrets/impact/supply_chain_attack.adoc[]
-
-// Secret may be used to trigger workflows
-// This is webhook-specific
-// include::../../../shared_content/secrets/impact/codeless_vulnerability_chaining.adoc[]
-
-// OAuth tokens may allow accessing 3rd party services
-// include::../../../shared_content/secrets/impact/oauth_token_compromise.adoc[]
-
-// Mailing service compromise may allow sending spam, which may result in account termination
-// include::../../../shared_content/secrets/impact/suspicious_activities_termination.adoc[]
-
-// Sensitive information leak / identity impersonation, e.g., through leaked signing secret
-// include::../../../shared_content/secrets/impact/security_downgrade.adoc[]
-
-// Audit trail discrepancies
-// include::../../../shared_content/secrets/impact/non_repudiation.adoc[]
-
-// Package repository secrets may allow access to source code etc.
-// include::../../../shared_content/secrets/impact/source_code_compromise.adoc[]
-
-// Spamming automated calls may cause large bills and rate limited service access
-// include::../../../shared_content/secrets/impact/exceed_rate_limits.adoc[]
-
-// For blockchain specific tokens
-// include::../../../shared_content/secrets/impact/blockchain_data_exposure.adoc[]
-
-// Specific for banking / financial transaction tokens, causing financial loss
-// include::../../../shared_content/secrets/impact/banking_financial_loss.adoc[]
-
-// Secret can be used to send spam or phish users
-// include::../../../shared_content/secrets/impact/phishing.adoc[]
-
-// Secret may allow modifying application data (object stores etc.)
-// include::../../../shared_content/secrets/impact/data_modification.adoc[]
-
-// Specific to services that are used to share PII (personal infos, chat logs, ..)
-// include::../../../shared_content/secrets/impact/personal_data_compromise.adoc[]
-
-// Secret may allow accessing financial data, like CC information or confidential financial reports
-// include::../../../shared_content/secrets/impact/disclosure_of_financial_data.adoc[]
-
-// Secret may allow occurring financial losses through 3rd party API usage
-// include::../../../shared_content/secrets/impact/financial_loss.adoc[]
-
-// Secret may be used to modify dashboards to corrupt shown data
-// Requires setting service_name variable
-// :service_name: secret service
-// include::../../../shared_content/secrets/impact/dataviz_takeover.adoc[]
-
-// Secret is related to IaaS providers and can be used to change DNS, launch VMs, etc.
-// Requires setting service_name variable
-// :service_name: secret service
-// include::../../../shared_content/secrets/impact/infrastructure_takeover.adoc[]
+//include::../../../shared_content/secrets/impact/some_impact.adoc[]
 
 == How to fix it
 
-// 1. Revoke leaked secrets
-
 include::../../../shared_content/secrets/fix/revoke.adoc[]
 
-// 2. Analyze recent use to identify misuse
-
-include::../../../shared_content/secrets/fix/recent_use.adoc[]
-
-// 3. Use a secret vault in the future
-
 include::../../../shared_content/secrets/fix/vault.adoc[]
 
-// 4. Never hard-code secrets
-
-include::../../../shared_content/secrets/fix/default.adoc[]
-
-// OAuth PKCE is very specific to OAuth 2.0
-// include::../../../shared_content/secrets/fix/oauth_pkce.adoc[]
-
 === Code examples
 
+:example_secret: example_secret_value
+:example_name: java-property-name
+:example_env: ENV_VAR_NAME
+
 include::../../../shared_content/secrets/examples.adoc[]
 
 //=== How does this work?

rules/S100/javascript/metadata.json

@@ -1,9 +1,5 @@
 {
   "title": "Function and method names should comply with a naming convention",
   "defaultQualityProfiles": [],
-  "scope": "Main",
-  "compatibleLanguages": [
-    "js",
-    "ts"
-  ]
-}
+  "scope": "Main"
+}

rules/S101/javascript/metadata.json

@@ -2,9 +2,5 @@
   "defaultQualityProfiles": [
     "Sonar way"
   ],
-  "scope": "Main",
-  "compatibleLanguages": [
-    "js",
-    "ts"
-  ]
-}
+  "scope": "Main"
+}

rules/S103/javascript/metadata.json

@@ -2,9 +2,5 @@
   "scope": "Main",
   "defaultQualityProfiles": [],
   "status": "deprecated",
-  "tags": [],
-  "compatibleLanguages": [
-    "js",
-    "ts"
-  ]
-}
+  "tags": []
+}

rules/S104/javascript/metadata.json

@@ -1,7 +1,3 @@
 {
-  "scope": "Main",
-  "compatibleLanguages": [
-    "js",
-    "ts"
-  ]
-}
+  "scope": "Main"
+}

rules/S105/javascript/metadata.json

@@ -2,9 +2,5 @@
   "scope": "Main",
   "defaultQualityProfiles": [],
   "status": "deprecated",
-  "tags": [],
-  "compatibleLanguages": [
-    "js",
-    "ts"
-  ]
-}
+  "tags": []
+}

rules/S106/javascript/metadata.json

@@ -3,9 +3,7 @@
     "bad-practice",
     "user-experience"
   ],
-  "defaultQualityProfiles": [],
-  "compatibleLanguages": [
-    "js",
-    "ts"
+  "defaultQualityProfiles": [
+    
   ]
-}
+}

rules/S106/rust/metadata.json

@@ -1,7 +0,0 @@
-{
-  "defaultQualityProfiles": [],
-  "tags": [
-    "bad-practice",
-    "clippy"
-  ]
-}

rules/S106/rust/rule.adoc

@@ -1,39 +0,0 @@
-:language_std_outputs: print!, println!
-
-== Why is this an issue?
-
-include::../description.adoc[]
-
-=== Code examples
-
-==== Noncompliant code example
-
-[source,rust,diff-id=1,diff-type=noncompliant]
-----
-fn do_something() {
-    println!("my message");  // Noncompliant, output directly to stdout without a logger
-}
-----
-
-==== Compliant solution
-
-[source,rust,diff-id=1,diff-type=compliant]
-----
-use log::{info, LevelFilter};
-use simple_logger::SimpleLogger;
-
-fn do_something() {
-    SimpleLogger::new().with_level(LevelFilter::Info).init().unwrap();
-    // ...
-    info!("my message");  // Compliant, output via logger
-    // ...
-}
-----
-
-== Resources
-
-=== Documentation
-
-* Clippy Lints - https://rust-lang.github.io/rust-clippy/master/index.html#print_stdout
-* OWASP - https://owasp.org/Top10/A09_2021-Security_Logging_and_Monitoring_Failures/[Top 10 2021 Category A9 - Security Logging and Monitoring Failures]
-* OWASP - https://owasp.org/www-project-top-ten/2017/A3_2017-Sensitive_Data_Exposure[Top 10 2017 Category A3 - Sensitive Data Exposure]

rules/S1066/javascript/metadata.json

@@ -1,8 +1,4 @@
 {
   "defaultQualityProfiles": [],
-  "scope": "Main",
-  "compatibleLanguages": [
-    "js",
-    "ts"
-  ]
-}
+  "scope": "Main"
+}

rules/S1067/javascript/metadata.json

@@ -1,7 +1,3 @@
 {
-  "scope": "Main",
-  "compatibleLanguages": [
-    "js",
-    "ts"
-  ]
-}
+  "scope": "Main"
+}

rules/S1068/javascript/metadata.json

@@ -1,8 +1,4 @@
 {
-  "title": "Unused private class members should be removed",
-  "quickfix": "covered",
-  "compatibleLanguages": [
-    "js",
-    "ts"
-  ]
+    "title": "Unused private class members should be removed",
+    "quickfix": "covered"
 }

rules/S107/javascript/metadata.json

@@ -2,9 +2,5 @@
   "defaultQualityProfiles": [
     "Sonar way"
   ],
-  "scope": "Main",
-  "compatibleLanguages": [
-    "js",
-    "ts"
-  ]
-}
+  "scope": "Main"
+}

rules/S107/rust/metadata.json

@@ -1,6 +0,0 @@
-{
-  "tags": [
-    "brain-overload",
-    "clippy"
-  ]
-}

rules/S107/rust/noncompliant.adoc

@@ -1,6 +0,0 @@
-[source,rust]
-----
-fn set_coordinates(x1: i32, y1: i32, z1: i32, x2: i32, y2: i32, z2: i32) { // Noncompliant
-    // ...
-}
-----

rules/S107/rust/rule.adoc

@@ -1,27 +0,0 @@
-:language: rust
-
-include::../rule.adoc[]
-
-== Resources
-
-=== Documentation
-
-* Clippy Lints - https://rust-lang.github.io/rust-clippy/master/index.html#too_many_arguments
-
-ifdef::env-github,rspecator-view[]
-
-'''
-== Implementation Specification
-(visible only on this page)
-
-include::../message.adoc[]
-
-include::../parameters.adoc[]
-
-'''
-== Comments And Links
-(visible only on this page)
-
-include::../comments-and-links.adoc[]
-
-endif::env-github,rspecator-view[]

rules/S107/rust/split-example.adoc

@@ -1,11 +0,0 @@
-[source,rust]
-----
-// Each function does a part of what the original setCoordinates function was doing, so confusion risks are lower
-fn set_origin(x: i32, y: i32, z: i32) {
-    // ...
-}
-
-fn set_size(width: i32, height: i32, depth: i32) {
-    // ...
-}
-----

rules/S107/rust/struct-example.adoc

@@ -1,17 +0,0 @@
-[source,rust]
-----
-struct Point {
-    x: i32,
-    y: i32,
-}
-
-impl Point {
-    fn new(x: i32, y: i32) -> Point {
-        Point { x, y }
-    }
-}
-
-fn set_coordinates(p1: &mut Point, p2: &Point) {
-    // ...
-}
-----

rules/S1077/javascript/metadata.json

@@ -3,9 +3,5 @@
     "accessibility",
     "wcag2-a",
     "react"
-  ],
-  "compatibleLanguages": [
-    "js",
-    "ts"
   ]
-}
+}

rules/S108/javascript/metadata.json

@@ -1,8 +1,4 @@
 {
   "scope": "Main",
-  "quickfix": "covered",
-  "compatibleLanguages": [
-    "js",
-    "ts"
-  ]
-}
+  "quickfix": "covered"
+}

rules/S1082/javascript/metadata.json

@@ -1,31 +1,25 @@
 {
-  "title": "Mouse events should have corresponding keyboard events",
-  "type": "BUG",
-  "status": "ready",
-  "remediation": {
-    "func": "Constant/Issue",
-    "constantCost": "5min"
-  },
-  "tags": [
-    "accessibility",
-    "react"
-  ],
-  "defaultSeverity": "Minor",
-  "ruleSpecification": "RSPEC-1082",
-  "sqKey": "S1082",
-  "scope": "Main",
-  "defaultQualityProfiles": [
-    "Sonar way"
-  ],
-  "quickfix": "unknown",
-  "code": {
-    "impacts": {
-      "RELIABILITY": "LOW"
+    "title": "Mouse events should have corresponding keyboard events",
+    "type": "BUG",
+    "status": "ready",
+    "remediation": {
+        "func": "Constant\/Issue",
+        "constantCost": "5min"
     },
-    "attribute": "COMPLETE"
-  },
-  "compatibleLanguages": [
-    "js",
-    "ts"
-  ]
-}
+    "tags": [
+        "accessibility",
+        "react"
+    ],
+    "defaultSeverity": "Minor",
+    "ruleSpecification": "RSPEC-1082",
+    "sqKey": "S1082",
+    "scope": "Main",
+    "defaultQualityProfiles": ["Sonar way"],
+    "quickfix": "unknown",
+    "code": {
+        "impacts": {
+        "RELIABILITY": "LOW"
+        },
+        "attribute": "COMPLETE"
+    }
+}

rules/S109/javascript/metadata.json

@@ -1,6 +1,3 @@
 {
-  "compatibleLanguages": [
-    "js",
-    "ts"
-  ]
-}
+  
+}

rules/S1090/javascript/metadata.json

@@ -3,7 +3,7 @@
   "type": "CODE_SMELL",
   "status": "ready",
   "remediation": {
-    "func": "Constant/Issue",
+    "func": "Constant\/Issue",
     "constantCost": "5min"
   },
   "tags": [
@@ -14,18 +14,12 @@
   "ruleSpecification": "RSPEC-1090",
   "sqKey": "S1090",
   "scope": "All",
-  "defaultQualityProfiles": [
-    "Sonar way"
-  ],
+  "defaultQualityProfiles": ["Sonar way"],
   "quickfix": "infeasible",
   "code": {
     "impacts": {
       "RELIABILITY": "LOW"
     },
     "attribute": "CONVENTIONAL"
-  },
-  "compatibleLanguages": [
-    "js",
-    "ts"
-  ]
-}
+  }
+}

rules/S1105/javascript/metadata.json

@@ -2,9 +2,5 @@
   "scope": "Main",
   "defaultQualityProfiles": [],
   "status": "deprecated",
-  "tags": [],
-  "compatibleLanguages": [
-    "js",
-    "ts"
-  ]
-}
+  "tags": []
+}

rules/S1110/javascript/metadata.json

@@ -3,9 +3,5 @@
   "quickfix": "covered",
   "defaultQualityProfiles": [],
   "status": "deprecated",
-  "tags": [],
-  "compatibleLanguages": [
-    "js",
-    "ts"
-  ]
-}
+  "tags": []
+}

rules/S1116/javascript/metadata.json

@@ -4,9 +4,5 @@
   "quickfix": "covered",
   "defaultQualityProfiles": [],
   "status": "deprecated",
-  "tags": [],
-  "compatibleLanguages": [
-    "js",
-    "ts"
-  ]
-}
+  "tags": []
+}

rules/S1116/rust/metadata.json

@@ -1,6 +0,0 @@
-{
-  "tags": [
-    "unused",
-    "clippy"
-  ]
-}

rules/S1116/rust/rule.adoc

@@ -1,49 +0,0 @@
-== Why is this an issue?
-
-include::../description.adoc[]
-
-=== Code examples
-
-==== Noncompliant code example
-
-[source,rust,diff-id=1,diff-type=noncompliant]
-----
-fn main() {
-    let x = 5;
-
-    if x > 0 {
-        println!("x is positive");
-    }; // Noncompliant
-
-    match x {
-        1 => println!("x is one"),
-        2 => println!("x is two"),
-        _ => println!("x is something else"),
-    }; // Noncompliant
-}
-----
-
-==== Compliant solution
-
-[source,rust,diff-id=1,diff-type=compliant]
-----
-fn main() {
-    let x = 5;
-
-    if x > 0 {
-        println!("x is positive");
-    }
-
-    match x {
-        1 => println!("x is one"),
-        2 => println!("x is two"),
-        _ => println!("x is something else"),
-    }
-}
-----
-
-== Resources
-
-=== Documentation
-
-* Clippy Lints - https://rust-lang.github.io/rust-clippy/master/index.html#unnecessary_semicolon

rules/S1117/javascript/metadata.json

@@ -1,9 +1,6 @@
 {
   "title": "Variables should not be shadowed",
-  "defaultQualityProfiles": [],
-  "scope": "Main",
-  "compatibleLanguages": [
-    "js",
-    "ts"
-  ]
-}
+  "defaultQualityProfiles": [
+  ],
+  "scope": "Main"
+}

rules/S1119/javascript/metadata.json

@@ -2,9 +2,5 @@
   "defaultQualityProfiles": [
     "Sonar way"
   ],
-  "scope": "Main",
-  "compatibleLanguages": [
-    "js",
-    "ts"
-  ]
-}
+  "scope": "Main"
+}

rules/S1121/javascript/metadata.json

@@ -2,9 +2,5 @@
   "defaultQualityProfiles": [
     "Sonar way"
   ],
-  "scope": "Main",
-  "compatibleLanguages": [
-    "js",
-    "ts"
-  ]
-}
+  "scope": "Main"
+}

rules/S1125/javascript/metadata.json

@@ -3,9 +3,5 @@
   "defaultQualityProfiles": [
     "Sonar way"
   ],
-  "scope": "Main",
-  "compatibleLanguages": [
-    "js",
-    "ts"
-  ]
-}
+  "scope": "Main"
+}

rules/S1126/javascript/metadata.json

@@ -3,8 +3,5 @@
     "Sonar way"
   ],
   "scope": "Main",
-  "quickfix": "covered",
-  "compatibleLanguages": [
-    "js"
-  ]
-}
+  "quickfix": "covered"
+}

rules/S1128/javascript/metadata.json

@@ -8,9 +8,5 @@
     "Sonar way"
   ],
   "scope": "Main",
-  "quickfix": "covered",
-  "compatibleLanguages": [
-    "js",
-    "ts"
-  ]
-}
+  "quickfix": "covered"
+}

rules/S113/javascript/metadata.json

@@ -3,9 +3,5 @@
   "quickfix": "covered",
   "defaultQualityProfiles": [],
   "status": "deprecated",
-  "tags": [],
-  "compatibleLanguages": [
-    "js",
-    "ts"
-  ]
-}
+  "tags": []
+}

rules/S1131/javascript/metadata.json

@@ -1,10 +1,6 @@
 {
-  "quickfix": "covered",
-  "defaultQualityProfiles": [],
-  "status": "deprecated",
-  "tags": [],
-  "compatibleLanguages": [
-    "js",
-    "ts"
-  ]
-}
+    "quickfix": "covered",
+    "defaultQualityProfiles": [],
+    "status": "deprecated",
+    "tags": []
+}

rules/S1134/javascript/metadata.json

@@ -2,9 +2,5 @@
   "defaultQualityProfiles": [
     "Sonar way"
   ],
-  "scope": "Main",
-  "compatibleLanguages": [
-    "js",
-    "ts"
-  ]
-}
+  "scope": "Main"
+}

rules/S1135/flex/metadata.json

@@ -1,2 +1,3 @@
 {
+  
 }

rules/S1135/flex/rule.adoc

@@ -1,16 +1,17 @@
 == Why is this an issue?
 
-include::../rationale.adoc[]
+include::../description.adoc[]
 
-include::../impact.adoc[]
+=== Noncompliant code example
 
-// How to fix it section
+[source,flex]
+----
+void doSomething() {
+  // TODO
+}
+----
 
-include::how-to-fix-it/java-io-api.adoc[]
-
-== Resources
-
-include::../common/resources/standards-mobile.adoc[]
+include::../see.adoc[]
 
 ifdef::env-github,rspecator-view[]
 

rules/S1135/javascript/metadata.json

@@ -2,9 +2,5 @@
   "defaultQualityProfiles": [
     "Sonar way"
   ],
-  "scope": "Main",
-  "compatibleLanguages": [
-    "js",
-    "ts"
-  ]
-}
+  "scope": "Main"
+}

rules/S1143/javascript/metadata.json

@@ -2,9 +2,5 @@
   "defaultQualityProfiles": [
     "Sonar way"
   ],
-  "scope": "Main",
-  "compatibleLanguages": [
-    "js",
-    "ts"
-  ]
-}
+  "scope": "Main"
+}

rules/S1154/javascript/metadata.json

@@ -3,7 +3,7 @@
   "type": "BUG",
   "status": "deprecated",
   "remediation": {
-    "func": "Constant/Issue",
+    "func": "Constant\/Issue",
     "constantCost": "20min"
   },
   "tags": [
@@ -14,7 +14,9 @@
     "replacementRules": [
       "RSPEC-2201"
     ],
-    "legacyKeys": []
+    "legacyKeys": [
+
+    ]
   },
   "defaultSeverity": "Major",
   "ruleSpecification": "RSPEC-1154",
@@ -25,10 +27,8 @@
       "EXP00-J."
     ]
   },
-  "defaultQualityProfiles": [],
-  "quickfix": "unknown",
-  "compatibleLanguages": [
-    "js",
-    "ts"
-  ]
-}
+  "defaultQualityProfiles": [
+
+  ],
+  "quickfix": "unknown"
+}

rules/S1161/dart/rule.adoc

@@ -47,6 +47,8 @@ ifdef::env-github,rspecator-view[]
 
 The member '<method name>' overrides an inherited member but isn't annotated with '@override'.
 
+If the member is a setter, the method name will end with a `=` sign, to distinguish it from the corresponding getter.
+
 === Highlighting
 
 The identifier of the method, property or operator.

rules/S117/javascript/metadata.json

@@ -1,9 +1,5 @@
 {
   "title": "Variable, property and parameter names should comply with a naming convention",
   "defaultQualityProfiles": [],
-  "scope": "Main",
-  "compatibleLanguages": [
-    "js",
-    "ts"
-  ]
-}
+  "scope": "Main"
+}

rules/S1172/cfamily/rule.adoc

@@ -6,8 +6,6 @@ include::../description.adoc[]
 
 There are some cases when you want to have an unused parameter (usually because the function has to conform to a fixed prototype, or because it is virtual, or it will be called from a template). In this case, and if the parameter is never used, an accepted practice is to leave it unnamed. If it is only sometimes used (for instance, depending on conditional compilation), you may, since {cpp}17, use the ``\[[maybe_unused]]`` attribute to be explicit about it.
 
-In case of C, since C23 you can also leave the parameter unnamed if it is never used, or use the `\[[maybe_unused]]` attribute if it is only used sometimes.
-
 [source,cpp]
 ----
 void f([[maybe_unused]] int i) {

rules/S1172/javascript/metadata.json

@@ -1,9 +1,6 @@
 {
-  "defaultQualityProfiles": [],
+  "defaultQualityProfiles": [
+  ],
   "scope": "Main",
-  "quickfix": "covered",
-  "compatibleLanguages": [
-    "js",
-    "ts"
-  ]
-}
+  "quickfix": "covered"
+}

rules/S1186/javascript/metadata.json

@@ -4,9 +4,5 @@
     "Sonar way"
   ],
   "scope": "Main",
-  "quickfix": "covered",
-  "compatibleLanguages": [
-    "js",
-    "ts"
-  ]
-}
+  "quickfix": "covered"
+}

rules/S1192/javascript/metadata.json

@@ -1,7 +1,5 @@
 {
-  "defaultQualityProfiles": [],
-  "compatibleLanguages": [
-    "js",
-    "ts"
+  "defaultQualityProfiles": [
+
   ]
-}
+}

rules/S1199/javascript/metadata.json

@@ -1,6 +1,2 @@
 {
-  "compatibleLanguages": [
-    "js",
-    "ts"
-  ]
 }

rules/S121/javascript/metadata.json

@@ -1,7 +1,3 @@
 {
-  "scope": "Main",
-  "compatibleLanguages": [
-    "js",
-    "ts"
-  ]
-}
+  "scope": "Main"
+}

rules/S1219/javascript/metadata.json

@@ -2,9 +2,5 @@
   "defaultQualityProfiles": [
     "Sonar way"
   ],
-  "scope": "Main",
-  "compatibleLanguages": [
-    "js",
-    "ts"
-  ]
-}
+  "scope": "Main"
+}

rules/S122/javascript/metadata.json

@@ -2,9 +2,5 @@
   "scope": "Main",
   "defaultQualityProfiles": [],
   "status": "deprecated",
-  "tags": [],
-  "compatibleLanguages": [
-    "js",
-    "ts"
-  ]
-}
+  "tags": []
+}

rules/S1226/javascript/metadata.json

@@ -1,8 +1,4 @@
 {
   "title": "Initial values of parameters, caught exceptions, and loop variables should not be ignored",
-  "scope": "Main",
-  "compatibleLanguages": [
-    "js",
-    "ts"
-  ]
-}
+  "scope": "Main"
+}

rules/S124/javascript/metadata.json

@@ -1,6 +1,3 @@
 {
-  "compatibleLanguages": [
-    "js",
-    "ts"
-  ]
-}
+  
+}

rules/S125/javascript/metadata.json

@@ -3,9 +3,5 @@
     "Sonar way"
   ],
   "scope": "Main",
-  "quickfix": "covered",
-  "compatibleLanguages": [
-    "js",
-    "ts"
-  ]
-}
+  "quickfix": "covered"
+}

rules/S126/javascript/metadata.json

@@ -1,7 +1,3 @@
 {
-  "scope": "Main",
-  "compatibleLanguages": [
-    "js",
-    "ts"
-  ]
-}
+  "scope": "Main"
+}

rules/S126/rust/metadata.json

@@ -1,7 +0,0 @@
-{
-  "tags": [
-    "clippy"
-  ],
-  "defaultQualityProfiles": [
-  ]
-}

rules/S126/rust/rule.adoc

@@ -1,33 +0,0 @@
-== Why is this an issue?
-
-include::../description.adoc[]
-
-=== Noncompliant code example
-
-[source,rust,diff-id=1,diff-type=noncompliant]
-----
-if x == 0 {
-    do_something();
-} else if x == 1 {
-    do_something_else();
-}
-----
-
-=== Compliant solution
-
-[source,rust,diff-id=1,diff-type=compliant]
-----
-if x == 0 {
-    do_something();
-} else if x == 1 {
-    do_something_else();
-} else {
-    panic!("Unexpected value for x");
-}
-----
-
-== Resources
-
-=== Documentation
-
-* Clippy Lints - https://rust-lang.github.io/rust-clippy/master/index.html#else_if_without_else

rules/S1264/javascript/metadata.json

@@ -3,9 +3,5 @@
     "Sonar way"
   ],
   "scope": "Main",
-  "quickfix": "covered",
-  "compatibleLanguages": [
-    "js",
-    "ts"
-  ]
-}
+  "quickfix": "covered"
+}

rules/S1265/cfamily/rule.adoc

@@ -14,7 +14,7 @@ Up to this point, we mentioned `operator new` and `operator delete`, but it is a
 
 For instance, if `++void * operator new[]( std::size_t count, std::align_val_t al );++` is defined (for arrays, with extra alignment), then `++void operator delete[]( void* ptr, std::align_val_t al ) noexcept;++` should be defined too.
 
-Additionally, it is possible to define a version of the delete operator with an additional size argument, alongside the unsized version of `operator delete`. When overloading these operators in a class, defining both a sized and an unsized version of operator delete is useless, since the unsized version will always be preferred. However, for free replacement (introduced in {cpp}14), it is necessary to specify both versions since the language does not specify which version will be called.
+Additionally, since {cpp}17, it is possible to define a version of the delete operator with an additional size argument, alongside the unsized version of `operator delete`. When overloading these operators in a class, defining both a sized and an unsized version of operator delete is useless, since the unsized version will always be preferred. However, for free replacement, it is necessary to specify both versions since the language does not specify which version will be called.
 
 === What is the potential impact?
 
@@ -24,7 +24,7 @@ Deallocating memory that was not allocated with the corresponding strategy resul
 
 == How to fix it
 
-Each overload of the `operator new` should have a matching overload `operator delete` and vice versa. Within a class, define only a sized or an unsized version of `operator delete`, but as a free function (availalble since {cpp}14), define both.
+Each overload of the `operator new` should have a matching overload `operator delete` and vice versa. Since {cpp}17, within a class, define only a sized or an unsized version of `operator delete`, but as a free function, define both.
 
 === Example with overloaded operators in a class
 

rules/S128/javascript/metadata.json

@@ -2,9 +2,5 @@
   "defaultQualityProfiles": [
     "Sonar way"
   ],
-  "scope": "Main",
-  "compatibleLanguages": [
-    "js",
-    "ts"
-  ]
-}
+  "scope": "Main"
+}

rules/S1289/cobol/rule.adoc

@@ -30,8 +30,6 @@ MOVE "John" TO FIRST_NAME.
 
 ``++FILLER++`` top level data items and top level data items which have sub data items with a ``++VALUE++`` clause are not checked by this rule.
 
-``++EXTERNAL++`` data items are not checked by this rule.
-
 ifdef::env-github,rspecator-view[]
 
 '''

rules/S1291/javascript/metadata.json

@@ -1,6 +1,2 @@
 {
-  "compatibleLanguages": [
-    "js",
-    "ts"
-  ]
 }

rules/S1301/javascript/metadata.json

@@ -3,9 +3,5 @@
   "defaultQualityProfiles": [
     "Sonar way"
   ],
-  "scope": "Main",
-  "compatibleLanguages": [
-    "js",
-    "ts"
-  ]
-}
+  "scope": "Main"
+}

rules/S131/javascript/metadata.json

@@ -5,9 +5,5 @@
   "tags": [
     "cwe",
     "type-dependent"
-  ],
-  "compatibleLanguages": [
-    "js",
-    "ts"
   ]
-}
+}

rules/S1313/javascript/metadata.json

@@ -1,9 +1,5 @@
 {
   "defaultQualityProfiles": [
     "Sonar way"
-  ],
-  "compatibleLanguages": [
-    "js",
-    "ts"
   ]
-}
+}

rules/S1314/javascript/metadata.json

@@ -2,9 +2,5 @@
   "defaultQualityProfiles": [
     "Sonar way"
   ],
-  "scope": "Main",
-  "compatibleLanguages": [
-    "js",
-    "ts"
-  ]
-}
+  "scope": "Main"
+}

rules/S1321/javascript/metadata.json

@@ -1,5 +1,3 @@
 {
-  "compatibleLanguages": [
-    "js"
-  ]
-}
+
+}

rules/S134/javascript/metadata.json

@@ -1,7 +1,3 @@
 {
-  "scope": "Main",
-  "compatibleLanguages": [
-    "js",
-    "ts"
-  ]
-}
+  "scope": "Main"
+}

rules/S135/javascript/metadata.json

@@ -1,8 +1,4 @@
 {
   "defaultQualityProfiles": [],
-  "scope": "Main",
-  "compatibleLanguages": [
-    "js",
-    "ts"
-  ]
-}
+  "scope": "Main"
+}

rules/S138/javascript/metadata.json

@@ -1,7 +1,5 @@
 {
-  "defaultQualityProfiles": [],
-  "compatibleLanguages": [
-    "js",
-    "ts"
+  "defaultQualityProfiles": [
+
   ]
-}
+}

rules/S139/javascript/metadata.json

@@ -2,9 +2,5 @@
   "scope": "Main",
   "defaultQualityProfiles": [],
   "status": "deprecated",
-  "tags": [],
-  "compatibleLanguages": [
-    "js",
-    "ts"
-  ]
-}
+  "tags": []
+}

rules/S1438/javascript/metadata.json

@@ -1,10 +1,6 @@
 {
-  "quickfix": "covered",
-  "defaultQualityProfiles": [],
-  "status": "deprecated",
-  "tags": [],
-  "compatibleLanguages": [
-    "js",
-    "ts"
-  ]
-}
+    "quickfix": "covered",
+    "defaultQualityProfiles": [],
+    "status": "deprecated",
+    "tags": []
+}

rules/S1439/javascript/metadata.json

@@ -2,9 +2,5 @@
   "title": "Only \"while\", \"do\", \"for\" and \"switch\" statements should be labelled",
   "defaultQualityProfiles": [
     "Sonar way"
-  ],
-  "compatibleLanguages": [
-    "js",
-    "ts"
   ]
-}
+}

rules/S1440/javascript/metadata.json

@@ -1,7 +1,5 @@
 {
-  "defaultQualityProfiles": [],
-  "compatibleLanguages": [
-    "js",
-    "ts"
+  "defaultQualityProfiles": [
+
   ]
-}
+}

rules/S1441/javascript/metadata.json

@@ -2,11 +2,13 @@
   "title": "Quotes for string literals should be used consistently",
   "type": "CODE_SMELL",
   "remediation": {
-    "func": "Constant/Issue",
+    "func": "Constant\/Issue",
     "constantCost": "1min"
   },
   "extra": {
-    "replacementRules": [],
+    "replacementRules": [
+
+    ],
     "legacyKeys": [
       "SingleQuote"
     ]
@@ -24,9 +26,5 @@
       "MAINTAINABILITY": "MEDIUM"
     },
     "attribute": "FORMATTED"
-  },
-  "compatibleLanguages": [
-    "js",
-    "ts"
-  ]
-}
+  }
+}

rules/S1442/javascript/metadata.json

@@ -1,5 +1,3 @@
 {
-  "compatibleLanguages": [
-    "js"
-  ]
-}
+  
+}

rules/S1444/javascript/metadata.json

@@ -1,7 +1,4 @@
 {
-  "title": "Public \"static\" fields should be read-only",
-  "quickfix": "covered",
-  "compatibleLanguages": [
-    "ts"
-  ]
-}
+    "title": "Public \"static\" fields should be read-only",
+    "quickfix": "covered"
+}

rules/S1451/javascript/metadata.json

@@ -1,7 +1,3 @@
 {
-  "scope": "Main",
-  "compatibleLanguages": [
-    "js",
-    "ts"
-  ]
-}
+  "scope": "Main"
+}

rules/S1472/javascript/metadata.json

@@ -1,6 +1,3 @@
 {
-  "compatibleLanguages": [
-    "js",
-    "ts"
-  ]
-}
+  
+}

rules/S1479/javascript/metadata.json

@@ -2,9 +2,5 @@
   "defaultQualityProfiles": [
     "Sonar way"
   ],
-  "scope": "Main",
-  "compatibleLanguages": [
-    "js",
-    "ts"
-  ]
-}
+  "scope": "Main"
+}

rules/S1481/javascript/metadata.json

@@ -3,8 +3,5 @@
   "defaultQualityProfiles": [
     "Sonar way"
   ],
-  "scope": "Main",
-  "compatibleLanguages": [
-    "js"
-  ]
-}
+  "scope": "Main"
+}

rules/S1488/javascript/metadata.json

@@ -1,9 +1,6 @@
 {
-  "defaultQualityProfiles": [],
+  "defaultQualityProfiles": [
+  ],
   "scope": "Main",
-  "quickfix": "covered",
-  "compatibleLanguages": [
-    "js",
-    "ts"
-  ]
-}
+  "quickfix": "covered"
+}

rules/S1488/rust/metadata.json

@@ -1,7 +0,0 @@
-{
-  "title": "Local variables should not be declared and then immediately returned",
-  "tags": [
-    "clumsy",
-    "clippy"
-  ]
-}

rules/S1488/rust/rule.adoc

@@ -1,34 +0,0 @@
-== Why is this an issue?
-
-Declaring a variable only to immediately return it is considered a bad practice because it adds unnecessary complexity to the code. This practice can make the code harder to read and understand, as it introduces an extra step that doesn't add any value. Instead of declaring a variable and then immediately returning, it is generally better to return or throw the value directly. This makes the code cleaner, simpler, and easier to understand.
-
-== How to fix it
-
-Declaring a variable only to immediately return it is considered a bad practice because it adds unnecessary complexity to the code. To fix the issue, return the value directly.
-
-=== Code examples
-
-==== Noncompliant code example
-
-[source,rust,diff-id=1,diff-type=noncompliant]
-----
-fn compute_duration_in_milliseconds(hours: u32, minutes: u32, seconds: u32) -> u32 {
-    let duration = (((hours * 60) + minutes) * 60 + seconds) * 1000;
-    duration
-}
-----
-
-==== Compliant solution
-
-[source,rust,diff-id=1,diff-type=compliant]
-----
-fn compute_duration_in_milliseconds(hours: u32, minutes: u32, seconds: u32) -> u32 {
-    (((hours * 60) + minutes) * 60 + seconds) * 1000
-}
-----
-
-== Resources
-
-=== Documentation
-
-* Clippy Lints - https://rust-lang.github.io/rust-clippy/master/index.html#let_and_return

rules/S1515/javascript/metadata.json

@@ -1,6 +1,3 @@
 {
-  "compatibleLanguages": [
-    "js",
-    "ts"
-  ]
-}
+  
+}

rules/S1516/javascript/metadata.json

@@ -1,6 +1,3 @@
 {
-  "compatibleLanguages": [
-    "js",
-    "ts"
-  ]
-}
+  
+}

rules/S1523/javascript/metadata.json

@@ -1,9 +1,5 @@
 {
   "defaultQualityProfiles": [
     "Sonar way"
-  ],
-  "compatibleLanguages": [
-    "js",
-    "ts"
   ]
-}
+}

rules/S1525/javascript/metadata.json

@@ -3,10 +3,12 @@
   "type": "VULNERABILITY",
   "status": "deprecated",
   "remediation": {
-    "func": "Constant/Issue",
+    "func": "Constant\/Issue",
     "constantCost": "5min"
   },
-  "tags": [],
+  "tags": [
+
+  ],
   "extra": {
     "replacementRules": [
       "RSPEC-4507"
@@ -19,10 +21,8 @@
   "ruleSpecification": "RSPEC-1525",
   "sqKey": "S1525",
   "scope": "Main",
-  "defaultQualityProfiles": [],
-  "quickfix": "unknown",
-  "compatibleLanguages": [
-    "js",
-    "ts"
-  ]
-}
+  "defaultQualityProfiles": [
+
+  ],
+  "quickfix": "unknown"
+}

rules/S1526/javascript/metadata.json

@@ -9,7 +9,7 @@
   },
   "status": "ready",
   "remediation": {
-    "func": "Constant/Issue",
+    "func": "Constant\/Issue",
     "constantCost": "10min"
   },
   "tags": [
@@ -26,9 +26,5 @@
   "sqKey": "S1526",
   "scope": "Main",
   "defaultQualityProfiles": [],
-  "quickfix": "unknown",
-  "compatibleLanguages": [
-    "js",
-    "ts"
-  ]
-}
+  "quickfix": "unknown"
+}

rules/S1527/javascript/metadata.json

@@ -1,5 +1,3 @@
 {
-  "compatibleLanguages": [
-    "js"
-  ]
-}
+  
+}