ishangsf/rspec
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
rspec/rspec-tools/rspec_tools/validation/rule-metadata-schema.json

315 lines
7.9 KiB
JSON
Raw Blame History

{
"id": "http://www.sonarsource.org/rule-schema-v1.1",
"title": "Rule Implementation",
"type": "object",
"description": "we must have one of these files for each implemented rule",
"additionalProperties": false,
"properties": {
"title": {
"type": "string"
},
"type": {
"type": "string",
"enum": ["CODE_SMELL","BUG","VULNERABILITY","SECURITY_HOTSPOT"]
},
"status": {
"type": "string",
"enum": ["beta","ready","deprecated","superseded", "closed"]
},
"extra": {
"type": "object",
"properties": {
"additionalProperties": false,
"replacementRules": {
"type": "array",
"items": {
"type": "string",
"uniqueItems": true
},
"description": "The rule ids that replace this rule"
},
"legacyKeys": {
"type": "array",
"items": { "type": "string" },
"uniqueItems": true
}
}
},
"remediation": {
"type": "object",
"oneOf": [
{
"additionalProperties": false,
"properties": {
"func": {
"const": "Constant/Issue"
},
"constantCost": {
"$ref": "#/definitions/time"
}
}
}, {
"additionalProperties": false,
"properties": {
"func": {
"const": "Linear"
},
"linearDesc": {
"type": "string"
},
"linearFactor": {
"$ref": "#/definitions/time"
}
}
}, {
"additionalProperties": false,
"properties": {
"func": {
"const": "Linear with offset"
},
"linearDesc": {
"type": "string"
},
"linearOffset": {
"$ref": "#/definitions/time"
},
"linearFactor": {
"$ref": "#/definitions/time"
}
}
}
]
},
"tags": {
"type": "array",
"minItems": 0,
"items": { "type": "string" },
"uniqueItems": true
},
"standards": {
"type": "array",
"minItems": 0,
"items": { "type": "string" },
"uniqueItems": true
},
"defaultSeverity": {
"type": "string",
"enum": ["Info","Minor","Major","Critical","Blocker"]
},
"ruleSpecification": {
"type": "string",
"description": "id of the RSPEC, in the form 'RSPEC-XXXX'"
},
"sqKey": {
"type": "string",
"description": "the key used to save issues on SQ. Often a legacy key"
},
"compatibleLanguages": {
"type": "array",
"minItems": 1,
"items": { "type": "string" },
"uniqueItems": true
},
"scope": {
"type": "string",
"enum": ["Main","Tests","All"],
"description": "scope the rule applies to"
},
"template": {
"type": "boolean"
},
"securityStandards": {
"type": "object",
"additionalProperties": false,
"properties": {
"CWE": {
"type": "array",
"minItems": 0,
"items": { "type": "integer" },
"uniqueItems": true
},
"OWASP": {
"type": "array",
"minItems": 0,
"items": {
"type": "string",
"pattern": "^A([1-9]|10)$"
},
"uniqueItems": true
},
"OWASP Top 10 2021": {
"type": "array",
"minItems": 0,
"items": {
"type": "string",
"pattern": "^A([1-9]|10)$"
},
"uniqueItems": true
},
"OWASP Mobile": {
"type": "array",
"minItems": 0,
"items": {
"type": "string",
"pattern": "^M([1-9]|10)$"
},
"uniqueItems": true
},
"PCI DSS 3.2": {
"type": "array",
"minItems": 0,
"items": {
"type": "string",
"pattern": "^([0-9]{1,3}\\.?){1,4}$"
},
"uniqueItems": true
},
"PCI DSS 4.0": {
"type": "array",
"minItems": 0,
"items": {
"type": "string",
"pattern": "^([0-9]{1,3}\\.?){1,4}$"
},
"uniqueItems": true
},
"CIS": {
"type": "array",
"minItems": 0,
"items": {
"type": "string",
"pattern": "^([0-9]{1,3}\\.?){1,3}$"
},
"uniqueItems": true
},
"HIPAA": {
"type": "array",
"minItems": 0,
"items": {
"type": "string",
"pattern": "^([0-9]{1,3}\\.?){2}$"
},
"uniqueItems": true
},
"CERT": {
"type": "array",
"minItems": 0,
"items": {
"type": "string",
"pattern": "^[A-Z0-9]+-[A-Z]+\\.$"
},
"uniqueItems": true
},
"MASVS": {
"type": "array",
"minItems": 0,
"items": {
"type": "string",
"pattern": "^MSTG-[A-Z]+-[0-9]+$"
},
"uniqueItems": true
},
"ASVS 4.0": {
"type": "array",
"minItems": 0,
"items": {
"type": "string",
"pattern": "^\\d+\\.\\d+\\.\\d+$"
},
"uniqueItems": true
},
"STIG ASD_V5R3": {
"type": "array",
"minItems": 0,
"items": {
"type": "string",
"pattern": "^V-\\d+$"
},
"uniqueItems": true
}
}
},
"defaultQualityProfiles": {
"type": "array",
"items": { "type": "string"},
"uniqueItems": true
},
"educationPrinciples": {
"type": "array",
"items": {
"type": "string",
"enum": ["defense_in_depth", "never_trust_user_input"]
},
"uniqueItems": true
},
"quickfix": {
"type": "string",
"enum": [
"unknown",
"covered",
"partial",
"infeasible",
"targeted"
],
"description": "Can issues of the rule have a quick fix?"
},
"code": {
"type": "object",
"description": "Information related to clean code taxonomy",
"additionalProperties": false,
"properties": {
"impacts": {
"type": "object",
"description": "Software qualities",
"additionalProperties": false,
"minProperties": 1,
"properties": {
"MAINTAINABILITY": {
"type": "string",
"enum": ["INFO", "LOW", "MEDIUM", "HIGH", "BLOCKER"]
},
"RELIABILITY": {
"type": "string",
"enum": ["INFO", "LOW", "MEDIUM", "HIGH", "BLOCKER"]
},
"SECURITY": {
"type": "string",
"enum": ["INFO", "LOW", "MEDIUM", "HIGH", "BLOCKER"]
}
}
},
"attribute": {
"type": "string",
"description": "Clean code attribute",
"enum": ["FORMATTED", "CONVENTIONAL", "IDENTIFIABLE", "CLEAR", "LOGICAL", "COMPLETE", "EFFICIENT", "FOCUSED", "DISTINCT", "MODULAR", "TESTED", "LAWFUL", "TRUSTWORTHY", "RESPECTFUL"]
}
},
"required": ["impacts", "attribute"]
}
},
"if": {
"properties": {"status": {"const": "closed"}}
},
"then": {
"required": []
},
"else": {
"if": {
"properties": {"type": {"const": "SECURITY_HOTSPOT"}}
},
"then": {
"required": ["title","type","status","tags","defaultSeverity","ruleSpecification","sqKey","scope"]
},
"else": {
"required": ["title","type","status","remediation","tags","defaultSeverity","ruleSpecification","sqKey","scope", "quickfix"]
}
},
"definitions": {
"time": {
"type": "string",
"pattern": "^[ ]*[0-9]+[ ]*(min|h|d)$"
}
}
}
Reference in New Issue View Git Blame Copy Permalink