diff --git a/.cirrus.star b/.cirrus.star
index 28b17b70fc3..9f91e1542c6 100644
--- a/.cirrus.star
+++ b/.cirrus.star
@@ -1,4 +1,4 @@
-load("github.com/SonarSource/cirrus-modules@v2", "load_features")
+load("github.com/SonarSource/cirrus-modules@v3", "load_features")
def main(ctx):
return load_features(ctx)
diff --git a/LICENSE b/LICENSE
index 0a041280bd0..28723feb3de 100644
--- a/LICENSE
+++ b/LICENSE
@@ -1,165 +1,184 @@
- GNU LESSER GENERAL PUBLIC LICENSE
- Version 3, 29 June 2007
-
- Copyright (C) 2007 Free Software Foundation, Inc.
- Everyone is permitted to copy and distribute verbatim copies
- of this license document, but changing it is not allowed.
-
-
- This version of the GNU Lesser General Public License incorporates
-the terms and conditions of version 3 of the GNU General Public
-License, supplemented by the additional permissions listed below.
-
- 0. Additional Definitions.
-
- As used herein, "this License" refers to version 3 of the GNU Lesser
-General Public License, and the "GNU GPL" refers to version 3 of the GNU
-General Public License.
-
- "The Library" refers to a covered work governed by this License,
-other than an Application or a Combined Work as defined below.
-
- An "Application" is any work that makes use of an interface provided
-by the Library, but which is not otherwise based on the Library.
-Defining a subclass of a class defined by the Library is deemed a mode
-of using an interface provided by the Library.
-
- A "Combined Work" is a work produced by combining or linking an
-Application with the Library. The particular version of the Library
-with which the Combined Work was made is also called the "Linked
-Version".
-
- The "Minimal Corresponding Source" for a Combined Work means the
-Corresponding Source for the Combined Work, excluding any source code
-for portions of the Combined Work that, considered in isolation, are
-based on the Application, and not on the Linked Version.
-
- The "Corresponding Application Code" for a Combined Work means the
-object code and/or source code for the Application, including any data
-and utility programs needed for reproducing the Combined Work from the
-Application, but excluding the System Libraries of the Combined Work.
-
- 1. Exception to Section 3 of the GNU GPL.
-
- You may convey a covered work under sections 3 and 4 of this License
-without being bound by section 3 of the GNU GPL.
-
- 2. Conveying Modified Versions.
-
- If you modify a copy of the Library, and, in your modifications, a
-facility refers to a function or data to be supplied by an Application
-that uses the facility (other than as an argument passed when the
-facility is invoked), then you may convey a copy of the modified
-version:
-
- a) under this License, provided that you make a good faith effort to
- ensure that, in the event an Application does not supply the
- function or data, the facility still operates, and performs
- whatever part of its purpose remains meaningful, or
-
- b) under the GNU GPL, with none of the additional permissions of
- this License applicable to that copy.
-
- 3. Object Code Incorporating Material from Library Header Files.
-
- The object code form of an Application may incorporate material from
-a header file that is part of the Library. You may convey such object
-code under terms of your choice, provided that, if the incorporated
-material is not limited to numerical parameters, data structure
-layouts and accessors, or small macros, inline functions and templates
-(ten or fewer lines in length), you do both of the following:
-
- a) Give prominent notice with each copy of the object code that the
- Library is used in it and that the Library and its use are
- covered by this License.
-
- b) Accompany the object code with a copy of the GNU GPL and this license
- document.
-
- 4. Combined Works.
-
- You may convey a Combined Work under terms of your choice that,
-taken together, effectively do not restrict modification of the
-portions of the Library contained in the Combined Work and reverse
-engineering for debugging such modifications, if you also do each of
-the following:
-
- a) Give prominent notice with each copy of the Combined Work that
- the Library is used in it and that the Library and its use are
- covered by this License.
-
- b) Accompany the Combined Work with a copy of the GNU GPL and this license
- document.
-
- c) For a Combined Work that displays copyright notices during
- execution, include the copyright notice for the Library among
- these notices, as well as a reference directing the user to the
- copies of the GNU GPL and this license document.
-
- d) Do one of the following:
-
- 0) Convey the Minimal Corresponding Source under the terms of this
- License, and the Corresponding Application Code in a form
- suitable for, and under terms that permit, the user to
- recombine or relink the Application with a modified version of
- the Linked Version to produce a modified Combined Work, in the
- manner specified by section 6 of the GNU GPL for conveying
- Corresponding Source.
-
- 1) Use a suitable shared library mechanism for linking with the
- Library. A suitable mechanism is one that (a) uses at run time
- a copy of the Library already present on the user's computer
- system, and (b) will operate properly with a modified version
- of the Library that is interface-compatible with the Linked
- Version.
-
- e) Provide Installation Information, but only if you would otherwise
- be required to provide such information under section 6 of the
- GNU GPL, and only to the extent that such information is
- necessary to install and execute a modified version of the
- Combined Work produced by recombining or relinking the
- Application with a modified version of the Linked Version. (If
- you use option 4d0, the Installation Information must accompany
- the Minimal Corresponding Source and Corresponding Application
- Code. If you use option 4d1, you must provide the Installation
- Information in the manner specified by section 6 of the GNU GPL
- for conveying Corresponding Source.)
-
- 5. Combined Libraries.
-
- You may place library facilities that are a work based on the
-Library side by side in a single library together with other library
-facilities that are not Applications and are not covered by this
-License, and convey such a combined library under terms of your
-choice, if you do both of the following:
-
- a) Accompany the combined library with a copy of the same work based
- on the Library, uncombined with any other library facilities,
- conveyed under the terms of this License.
-
- b) Give prominent notice with the combined library that part of it
- is a work based on the Library, and explaining where to find the
- accompanying uncombined form of the same work.
-
- 6. Revised Versions of the GNU Lesser General Public License.
-
- The Free Software Foundation may publish revised and/or new versions
-of the GNU Lesser General Public License from time to time. Such new
-versions will be similar in spirit to the present version, but may
-differ in detail to address new problems or concerns.
-
- Each version is given a distinguishing version number. If the
-Library as you received it specifies that a certain numbered version
-of the GNU Lesser General Public License "or any later version"
-applies to it, you have the option of following the terms and
-conditions either of that published version or of any later version
-published by the Free Software Foundation. If the Library as you
-received it does not specify a version number of the GNU Lesser
-General Public License, you may choose any version of the GNU Lesser
-General Public License ever published by the Free Software Foundation.
-
- If the Library as you received it specifies that a proxy can decide
-whether future versions of the GNU Lesser General Public License shall
-apply, that proxy's public statement of acceptance of any version is
-permanent authorization for you to choose that version for the
-Library.
+SONAR Source-Available License v1.0
+Last Updated November 13, 2024
+
+1. DEFINITIONS
+
+"Agreement" means this Sonar Source-Available License v1.0
+
+"Competing" means marketing a product or service as a substitute for the
+functionality or value of SonarQube. A product or service may compete regardless
+of how it is designed or deployed. For example, a product or service may compete
+even if it provides its functionality via any kind of interface (including
+services, libraries, or plug-ins), even if it is ported to a different platform
+or programming language, and even if it is provided free of charge.
+
+"Contribution" means:
+
+ a) in the case of the initial Contributor, the initial content Distributed under
+this Agreement, and
+
+ b) in the case of each subsequent Contributor:
+ i) changes to the Program, and
+ ii) additions to the Program;
+
+where such changes and/or additions to the Program originate from and are
+Distributed by that particular Contributor. A Contribution "originates" from a
+Contributor if it was added to the Program by such Contributor itself or anyone
+acting on such Contributor's behalf. Contributions do not include changes or
+additions to the Program that are not Modified Works.
+
+"Contributor" means any person or entity that Distributes the Program.
+
+"Derivative Works" shall mean any work, whether in Source Code or other form,
+that is based on (or derived from) the Program and for which the editorial
+revisions, annotations, elaborations, or other modifications represent, as a
+whole, an original work of authorship.
+
+"Distribute" means the acts of a) distributing or b) making available in any
+manner that enables the transfer of a copy.
+
+"Licensed Patents" mean patent claims licensable by a Contributor that are
+necessarily infringed by the use or sale of its Contribution alone or when
+combined with the Program.
+
+"Modified Works" shall mean any work in Source Code or other form that results
+from an addition to, deletion from, or modification of the contents of the
+Program, including, for purposes of clarity, any new file in Source Code form
+that contains any contents of the Program. Modified Works shall not include
+works that contain only declarations, interfaces, types, classes, structures, or
+files of the Program solely in each case in order to link to, bind by name, or
+subclass the Program or Modified Works thereof.
+
+"Non-competitive Purpose" means any purpose except for (a) providing to others
+any product or service that includes or offers the same or substantially similar
+functionality as SonarQube, (b) Competing with SonarQube, and/or (c) employing,
+using, or engaging artificial intelligence technology that is not part of the
+Program to ingest, interpret, analyze, train on, or interact with the data
+provided by the Program, or to engage with the Program in any manner.
+
+"Notices" means any legal statements or attributions included with the Program,
+including, without limitation, statements concerning copyright, patent,
+trademark, disclaimers of warranty, or limitations of liability
+
+"Program" means the Contributions Distributed in accordance with this Agreement.
+
+"Recipient" means anyone who receives the Program under this Agreement,
+including Contributors.
+
+"SonarQube" means an open-source or commercial edition of software offered by
+SonarSource that is branded "SonarQube".
+
+"SonarSource" means SonarSource SA, a Swiss company registered in Switzerland
+under UID No. CHE-114.587.664.
+
+"Source Code" means the form of a Program preferred for making modifications,
+including but not limited to software source code, documentation source, and
+configuration files.
+
+2. GRANT OF RIGHTS
+
+ a) Subject to the terms of this Agreement, each Contributor hereby grants
+Recipient a non-exclusive, worldwide, royalty-free copyright license, for any
+Non-competitive Purpose, to reproduce, prepare Derivative Works of, publicly
+display, publicly perform, Distribute and sublicense the Contribution of such
+Contributor, if any, and such Derivative Works.
+
+ b) Subject to the terms of this Agreement, each Contributor hereby grants
+Recipient a non-exclusive, worldwide, royalty-free patent license under Licensed
+Patents, for any Non-competitive Purpose, to make, use, sell, offer to sell,
+import, and otherwise transfer the Contribution of such Contributor, if any, in
+Source Code or other form. This patent license shall apply to the combination of
+the Contribution and the Program if, at the time the Contribution is added by
+the Contributor, such addition of the Contribution causes such combination to be
+covered by the Licensed Patents. The patent license shall not apply to any other
+combinations that include the Contribution.
+
+ c) Recipient understands that although each Contributor grants the licenses to
+its Contributions set forth herein, no assurances are provided by any
+Contributor that the Program does not infringe the patent or other intellectual
+property rights of any other entity. Each Contributor disclaims any liability to
+Recipient for claims brought by any other entity based on infringement of
+intellectual property rights or otherwise. As a condition to exercising the
+rights and licenses granted hereunder, each Recipient hereby assumes sole
+responsibility to secure any other intellectual property rights needed, if any.
+For example, if a third-party patent license is required to allow Recipient to
+Distribute the Program, it is Recipient's responsibility to acquire that license
+before distributing the Program.
+
+ d) Each Contributor represents that to its knowledge it has sufficient copyright
+rights in its Contribution, if any, to grant the copyright license set forth in
+this Agreement.
+
+3. REQUIREMENTS
+
+3.1 If a Contributor Distributes the Program in any form, then the Program must
+also be made available as Source Code, in accordance with section 3.2, and the
+Contributor must accompany the Program with a statement that the Source Code for
+the Program is available under this Agreement, and inform Recipients how to
+obtain it in a reasonable manner on or through a medium customarily used for
+software exchange; and
+
+3.2 When the Program is Distributed as Source Code:
+
+ a) it must be made available under this Agreement, and
+
+ b) a copy of this Agreement must be included with each copy of the Program.
+
+3.3 Contributors may not remove or alter any Notices contained within the
+Program from any copy of the Program which they Distribute, provided that
+Contributors may add their own appropriate Notices.
+
+4. NO WARRANTY
+
+EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, AND TO THE EXTENT PERMITTED BY
+APPLICABLE LAW, THE PROGRAM IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES
+OR CONDITIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED INCLUDING, WITHOUT
+LIMITATION, ANY WARRANTIES OR CONDITIONS OF TITLE, NON-INFRINGEMENT,
+MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Each Recipient is solely
+responsible for determining the appropriateness of using and distributing the
+Program and assumes all risks associated with its exercise of rights under this
+Agreement, including but not limited to the risks and costs of program errors,
+compliance with applicable laws, damage to or loss of data, programs or
+equipment, and unavailability or interruption of operations.
+
+5. DISCLAIMER OF LIABILITY
+
+EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, AND TO THE EXTENT PERMITTED BY
+APPLICABLE LAW, NEITHER RECIPIENT NOR ANY CONTRIBUTORS SHALL HAVE ANY LIABILITY
+FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+DAMAGES (INCLUDING WITHOUT LIMITATION LOST PROFITS), HOWEVER CAUSED AND ON ANY
+THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OR DISTRIBUTION OF
+THE PROGRAM OR THE EXERCISE OF ANY RIGHTS GRANTED HEREUNDER, EVEN IF ADVISED OF
+THE POSSIBILITY OF SUCH DAMAGES.
+
+6. GENERAL
+
+If any provision of this Agreement is invalid or unenforceable under applicable
+law, it shall not affect the validity or enforceability of the remainder of the
+terms of this Agreement, and without further action by the parties hereto, such
+provision shall be reformed to the minimum extent necessary to make such
+provision valid and enforceable.
+
+If Recipient institutes patent litigation against any entity (including a
+cross-claim or counterclaim in a lawsuit) alleging that the Program itself
+(excluding combinations of the Program with other software or hardware)
+infringes such Recipient’s patent(s), then such Recipient’s rights granted under
+Section 2(b) shall terminate as of the date such litigation is filed.
+
+All Recipient’s rights under this Agreement shall terminate if it fails to
+comply with any of the material terms or conditions of this Agreement and does
+not cure such failure in a reasonable period of time after becoming aware of
+such noncompliance. If all Recipient’s rights under this Agreement terminate,
+Recipient agrees to cease use and distribution of the Program as soon as
+reasonably practicable. However, Recipient’s obligations under this Agreement
+and any licenses granted by Recipient relating to the Program shall continue and
+survive.
+
+Except as expressly stated in Sections 2(a) and 2(b) above, Recipient receives
+no rights or licenses to the intellectual property of any Contributor under this
+Agreement, whether expressly, by implication, estoppel, or otherwise. All rights
+in the Program not expressly granted under this Agreement are reserved. Nothing
+in this Agreement is intended to be enforceable by any entity that is not a
+Contributor or Recipient. No third-party beneficiary rights are created under
+this Agreement.
diff --git a/README.adoc b/README.adoc
index 353e58b8348..140ee608c0b 100644
--- a/README.adoc
+++ b/README.adoc
@@ -8,6 +8,8 @@ This repository contains the specification of every static-analysis rule availab
It also contains rules which have been dropped and rules which will one day be implemented.
+The content of this repository is covered by the link:LICENSE[SONAR Source-Available License v1.0].
+
== Rules directory structure
* https://github.com/SonarSource/rspec/tree/master/rules[rules] directory: contains every specified rule.
diff --git a/frontend/public/covered_rules.json b/frontend/public/covered_rules.json
index 852b40655f1..5240b2e7177 100644
--- a/frontend/public/covered_rules.json
+++ b/frontend/public/covered_rules.json
@@ -321,6 +321,7 @@
"S2216": "sonar-cpp 5.1.0.10083",
"S2234": "sonar-cpp 5.1.0.10083",
"S2245": "sonar-cpp 6.15.0.25047",
+ "S2253": "sonar-cpp master",
"S2259": "sonar-cpp 5.1.0.10083",
"S2260": "sonar-cpp 5.1.0.10083",
"S2275": "sonar-cpp 6.2.0.11201",
@@ -411,6 +412,7 @@
"S5271": "sonar-cpp 6.2.0.11201",
"S5273": "sonar-cpp 6.2.0.11201",
"S5276": "sonar-cpp 6.10.0.18490",
+ "S5277": "sonar-cpp master",
"S5278": "sonar-cpp 6.2.0.11201",
"S5279": "sonar-cpp 6.2.0.11201",
"S5280": "sonar-cpp 6.2.0.11201",
@@ -457,13 +459,13 @@
"S5982": "sonar-cpp 6.13.0.22261",
"S6069": "sonar-cpp 6.14.0.23970",
"S6200": "sonar-cpp 6.27.0.38122",
- "S6418": "sonar-cpp master",
+ "S6418": "sonar-cpp 6.61.0.77816",
"S6655": "sonar-cpp 6.47.0.62356",
"S6871": "sonar-cpp 6.53.0.67215",
"S6936": "sonar-cpp 6.54.0.69031",
"S6991": "sonar-cpp 6.57.0.73017",
"S6996": "sonar-cpp 6.57.0.73017",
- "S7116": "sonar-cpp master",
+ "S7116": "sonar-cpp 6.61.0.77816",
"S784": "sonar-cpp 5.1.0.10083",
"S787": "sonar-cpp 5.1.0.10083",
"S793": "sonar-cpp 5.1.0.10083",
@@ -534,6 +536,7 @@
"S959": "sonar-cpp 5.1.0.10083",
"S960": "sonar-cpp 5.1.0.10083",
"S961": "sonar-cpp 5.1.0.10083",
+ "S963": "sonar-cpp master",
"S966": "sonar-cpp 5.1.0.10083",
"S967": "sonar-cpp 6.3.0.11371",
"S968": "sonar-cpp 5.1.0.10083",
@@ -947,6 +950,7 @@
"S2216": "sonar-cpp 5.1.0.10083",
"S2234": "sonar-cpp 5.1.0.10083",
"S2245": "sonar-cpp 6.15.0.25047",
+ "S2253": "sonar-cpp master",
"S2259": "sonar-cpp 5.1.0.10083",
"S2260": "sonar-cpp 5.1.0.10083",
"S2275": "sonar-cpp 6.2.0.11201",
@@ -1292,7 +1296,7 @@
"S6369": "sonar-cpp 6.29.0.41127",
"S6372": "sonar-cpp 6.29.0.41127",
"S6391": "sonar-cpp 6.29.0.41127",
- "S6418": "sonar-cpp master",
+ "S6418": "sonar-cpp 6.61.0.77816",
"S6427": "sonar-cpp 6.35.0.50389",
"S6456": "sonar-cpp 6.40.0.60592",
"S6458": "sonar-cpp 6.40.0.60592",
@@ -1329,13 +1333,13 @@
"S7038": "sonar-cpp 6.58.0.74356",
"S7040": "sonar-cpp 6.58.0.74356",
"S7042": "sonar-cpp 6.58.0.74356",
- "S7116": "sonar-cpp master",
- "S7118": "sonar-cpp master",
- "S7119": "sonar-cpp master",
- "S7121": "sonar-cpp master",
- "S7127": "sonar-cpp master",
- "S7129": "sonar-cpp master",
- "S7132": "sonar-cpp master",
+ "S7116": "sonar-cpp 6.61.0.77816",
+ "S7118": "sonar-cpp 6.61.0.77816",
+ "S7119": "sonar-cpp 6.61.0.77816",
+ "S7121": "sonar-cpp 6.61.0.77816",
+ "S7127": "sonar-cpp 6.61.0.77816",
+ "S7129": "sonar-cpp 6.61.0.77816",
+ "S7132": "sonar-cpp 6.61.0.77816",
"S784": "sonar-cpp 5.1.0.10083",
"S787": "sonar-cpp 5.1.0.10083",
"S793": "sonar-cpp 5.1.0.10083",
@@ -1435,490 +1439,398 @@
"S999": "sonar-cpp 5.1.0.10083"
},
"CSH": {
- "S100": "sonar-dotnet 6.6.0.3969",
- "S1006": "sonar-dotnet 6.6.0.3969",
- "S101": "sonar-dotnet 6.6.0.3969",
- "S103": "sonar-dotnet 6.6.0.3969",
- "S104": "sonar-dotnet 6.6.0.3969",
- "S1048": "sonar-dotnet 7.0.0.4787",
- "S105": "sonar-dotnet 6.6.0.3969",
- "S106": "sonar-dotnet 7.5.0.6605",
- "S1066": "sonar-dotnet 6.6.0.3969",
- "S1067": "sonar-dotnet 6.6.0.3969",
- "S107": "sonar-dotnet 6.6.0.3969",
- "S1075": "sonar-dotnet 6.6.0.3969",
- "S108": "sonar-dotnet 6.6.0.3969",
- "S109": "sonar-dotnet 7.0.0.4787",
- "S110": "sonar-dotnet 6.6.0.3969",
- "S1104": "sonar-dotnet 6.6.0.3969",
- "S1109": "sonar-dotnet 6.6.0.3969",
- "S1110": "sonar-dotnet 6.7",
- "S1116": "sonar-dotnet 6.6.0.3969",
- "S1117": "sonar-dotnet 6.6.0.3969",
- "S1118": "sonar-dotnet 6.6.0.3969",
- "S112": "sonar-dotnet 6.6.0.3969",
- "S1121": "sonar-dotnet 6.6.0.3969",
- "S1123": "sonar-dotnet 6.6.0.3969",
- "S1125": "sonar-dotnet 6.6.0.3969",
- "S1128": "sonar-dotnet 7.17.0.9346",
- "S113": "sonar-dotnet 6.7",
- "S1133": "sonar-dotnet 8.53.0.62665",
- "S1134": "sonar-dotnet 6.6.0.3969",
- "S1135": "sonar-dotnet 6.6.0.3969",
- "S1144": "sonar-dotnet 6.6.0.3969",
- "S1145": {
- "since": "sonar-dotnet 6.6.0.3969",
- "until": "sonar-dotnet 8.25.0.33663"
- },
- "S1147": "sonar-dotnet 6.8.0.4636",
- "S1151": "sonar-dotnet 7.0.0.4787",
- "S1155": "sonar-dotnet 6.6.0.3969",
- "S1163": "sonar-dotnet 6.6.0.3969",
- "S1168": "sonar-dotnet 6.6.0.3969",
- "S1172": "sonar-dotnet 6.6.0.3969",
- "S1185": "sonar-dotnet 6.6.0.3969",
- "S1186": "sonar-dotnet 6.6.0.3969",
- "S1192": "sonar-dotnet 7.1.0.5212",
- "S1199": "sonar-dotnet 7.17.0.9346",
- "S1200": "sonar-dotnet 6.6.0.3969",
- "S1206": "sonar-dotnet 6.6.0.3969",
- "S121": "sonar-dotnet 6.6.0.3969",
- "S1210": "sonar-dotnet 6.6.0.3969",
- "S1215": "sonar-dotnet 6.6.0.3969",
- "S122": "sonar-dotnet 6.6.0.3969",
- "S1226": "sonar-dotnet 6.6.0.3969",
- "S1227": "sonar-dotnet 6.6.0.3969",
- "S1244": "sonar-dotnet 6.6.0.3969",
- "S125": "sonar-dotnet 6.6.0.3969",
- "S126": "sonar-dotnet 6.6.0.3969",
- "S1264": "sonar-dotnet 7.0.0.4787",
- "S127": "sonar-dotnet 6.6.0.3969",
- "S1301": "sonar-dotnet 6.6.0.3969",
- "S1309": "sonar-dotnet 6.6.0.3969",
- "S131": "sonar-dotnet 6.6.0.3969",
- "S1312": "sonar-dotnet 9.22.0.87781",
- "S1313": "sonar-dotnet 6.6.0.3969",
- "S134": "sonar-dotnet 6.6.0.3969",
- "S138": "sonar-dotnet 6.8.0.4636",
- "S1449": "sonar-dotnet 6.6.0.3969",
- "S1450": "sonar-dotnet 6.6.0.3969",
- "S1451": "sonar-dotnet 6.6.0.3969",
- "S1479": "sonar-dotnet 6.6.0.3969",
- "S1481": "sonar-dotnet 6.6.0.3969",
- "S1523": {
- "since": "sonar-dotnet 7.9.0.7583",
- "until": "sonar-dotnet 7.13.0.8313"
- },
- "S1541": "sonar-dotnet 6.6.0.3969",
- "S1607": "sonar-dotnet 6.6.0.3969",
- "S1643": "sonar-dotnet 6.6.0.3969",
- "S1656": "sonar-dotnet 6.6.0.3969",
- "S1659": "sonar-dotnet 6.6.0.3969",
- "S1694": "sonar-dotnet 6.6.0.3969",
- "S1696": "sonar-dotnet 6.6.0.3969",
- "S1697": {
- "since": "sonar-dotnet 6.6.0.3969",
- "until": "sonar-dotnet 8.25.0.33663"
- },
- "S1698": "sonar-dotnet 6.6.0.3969",
- "S1699": "sonar-dotnet 6.6.0.3969",
- "S1751": "sonar-dotnet 6.6.0.3969",
- "S1764": "sonar-dotnet 6.6.0.3969",
- "S1821": "sonar-dotnet 7.0.0.4787",
- "S1848": "sonar-dotnet 6.6.0.3969",
- "S1854": "sonar-dotnet 6.6.0.3969",
- "S1858": "sonar-dotnet 6.6.0.3969",
- "S1862": "sonar-dotnet 6.6.0.3969",
- "S1871": "sonar-dotnet 6.6.0.3969",
- "S1905": "sonar-dotnet 6.6.0.3969",
- "S1939": "sonar-dotnet 6.6.0.3969",
- "S1940": "sonar-dotnet 6.6.0.3969",
- "S1944": "sonar-dotnet 6.6.0.3969",
- "S1994": "sonar-dotnet 6.6.0.3969",
- "S2053": "sonar-dotnet 8.16.0.25740",
- "S2068": "sonar-dotnet 6.6.0.3969",
- "S2070": {
- "since": "sonar-dotnet 6.6.0.3969",
- "until": "sonar-dotnet 8.25.0.33663"
- },
+ "S100": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1006": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S101": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S103": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S104": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1048": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S105": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S106": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1066": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1067": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S107": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1075": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S108": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S109": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S110": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1104": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1109": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1110": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1116": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1117": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1118": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S112": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1121": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1123": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1125": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1128": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S113": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1133": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1134": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1135": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1144": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1147": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1151": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1155": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1163": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1168": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1172": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1185": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1186": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1192": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1199": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1200": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1206": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S121": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1210": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1215": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S122": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1226": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1227": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1244": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S125": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S126": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1264": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S127": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1301": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1309": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S131": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1312": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1313": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S134": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S138": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1449": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1450": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1451": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1479": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1481": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1541": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1607": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1643": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1656": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1659": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1694": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1696": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1698": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1699": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1751": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1764": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1821": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1848": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1854": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1858": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1862": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1871": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1905": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1939": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1940": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1944": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1994": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2053": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2068": "sonar-dotnet-enterprise 10.0.0.102753",
"S2076": "sonar-security 7.4.0.1949",
- "S2077": "sonar-dotnet 7.9.0.7583",
+ "S2077": "sonar-dotnet-enterprise 10.0.0.102753",
"S2078": "sonar-security 7.4.0.1949",
"S2083": "sonar-security 7.4.0.1949",
"S2091": "sonar-security 7.4.0.1949",
- "S2092": "sonar-dotnet 7.1.0.5212",
- "S2094": "sonar-dotnet 8.54.0.64047",
- "S2114": "sonar-dotnet 6.6.0.3969",
- "S2115": "sonar-dotnet 8.22.0.31243",
- "S2123": "sonar-dotnet 6.6.0.3969",
- "S2139": "sonar-dotnet 9.22.0.87781",
- "S2148": "sonar-dotnet 7.5.0.6605",
- "S2156": "sonar-dotnet 6.6.0.3969",
- "S2166": "sonar-dotnet 8.53.0.62665",
- "S2178": "sonar-dotnet 6.6.0.3969",
- "S2183": "sonar-dotnet 6.6.0.3969",
- "S2184": "sonar-dotnet 6.6.0.3969",
- "S2187": "sonar-dotnet 6.6.0.3969",
- "S2190": "sonar-dotnet 6.6.0.3969",
- "S2197": "sonar-dotnet 6.6.0.3969",
- "S2198": "sonar-dotnet 8.53.0.62665",
- "S2201": "sonar-dotnet 6.6.0.3969",
- "S2219": "sonar-dotnet 6.6.0.3969",
- "S2221": "sonar-dotnet 6.6.0.3969",
- "S2222": "sonar-dotnet 8.34.0.42011",
- "S2223": "sonar-dotnet 6.6.0.3969",
- "S2225": "sonar-dotnet 6.6.0.3969",
- "S2228": {
- "since": "sonar-dotnet 6.6.0.3969",
- "until": "sonar-dotnet 9.11.0.78383"
- },
- "S2234": "sonar-dotnet 6.6.0.3969",
- "S2245": "sonar-dotnet 7.1.0.5212",
- "S2251": "sonar-dotnet 8.0.0.9566",
- "S2252": "sonar-dotnet 7.17.0.9346",
- "S2255": {
- "since": "sonar-dotnet 7.1.0.5212",
- "until": "sonar-dotnet 9.8.0.76515"
- },
- "S2257": "sonar-dotnet 8.16.0.25740",
- "S2259": "sonar-dotnet 6.6.0.3969",
- "S2275": "sonar-dotnet 6.6.0.3969",
- "S2278": {
- "since": "sonar-dotnet 6.6.0.3969",
- "until": "sonar-dotnet 8.25.0.33663"
- },
- "S2290": "sonar-dotnet 6.6.0.3969",
- "S2291": "sonar-dotnet 6.6.0.3969",
- "S2292": "sonar-dotnet 6.6.0.3969",
- "S2302": "sonar-dotnet 6.8.0.4636",
- "S2306": "sonar-dotnet 6.6.0.3969",
- "S2325": "sonar-dotnet 6.6.0.3969",
- "S2326": "sonar-dotnet 6.6.0.3969",
- "S2327": "sonar-dotnet 7.3.0.5690",
- "S2328": "sonar-dotnet 6.6.0.3969",
- "S2330": "sonar-dotnet 6.6.0.3969",
- "S2333": "sonar-dotnet 6.6.0.3969",
- "S2339": "sonar-dotnet 6.6.0.3969",
- "S2342": "sonar-dotnet 6.6.0.3969",
- "S2344": "sonar-dotnet 6.6.0.3969",
- "S2345": "sonar-dotnet 6.6.0.3969",
- "S2346": "sonar-dotnet 6.6.0.3969",
- "S2357": "sonar-dotnet 6.6.0.3969",
- "S2360": "sonar-dotnet 6.6.0.3969",
- "S2365": "sonar-dotnet 6.6.0.3969",
- "S2368": "sonar-dotnet 6.6.0.3969",
- "S2372": "sonar-dotnet 6.6.0.3969",
- "S2376": "sonar-dotnet 6.6.0.3969",
- "S2386": "sonar-dotnet 6.6.0.3969",
- "S2387": "sonar-dotnet 6.6.0.3969",
- "S2436": "sonar-dotnet 6.6.0.3969",
- "S2437": "sonar-dotnet 6.6.0.3969",
- "S2445": "sonar-dotnet 8.54.0.64047",
- "S2479": "sonar-dotnet 8.0.0.9566",
- "S2486": "sonar-dotnet 6.6.0.3969",
- "S2551": "sonar-dotnet 6.6.0.3969",
- "S2583": "sonar-dotnet 6.6.0.3969",
- "S2589": "sonar-dotnet 6.6.0.3969",
- "S2612": "sonar-dotnet 8.19.0.28253",
- "S2629": "sonar-dotnet 9.21.0.86780",
+ "S2092": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2094": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2114": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2115": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2123": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2139": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2148": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2156": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2166": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2178": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2183": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2184": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2187": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2190": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2197": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2198": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2201": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2219": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2221": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2222": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2223": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2225": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2234": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2245": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2251": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2252": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2257": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2259": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2275": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2290": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2291": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2292": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2302": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2306": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2325": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2326": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2327": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2328": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2330": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2333": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2339": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2342": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2344": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2345": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2346": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2357": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2360": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2365": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2368": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2372": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2376": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2386": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2387": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2436": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2437": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2445": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2479": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2486": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2551": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2583": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2589": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2612": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2629": "sonar-dotnet-enterprise 10.0.0.102753",
"S2631": "sonar-security 7.4.0.1949",
- "S2674": "sonar-dotnet 6.6.0.3969",
- "S2681": "sonar-dotnet 6.6.0.3969",
- "S2688": "sonar-dotnet 6.6.0.3969",
- "S2692": "sonar-dotnet 6.6.0.3969",
- "S2696": "sonar-dotnet 6.6.0.3969",
- "S2699": "sonar-dotnet 6.6.0.3969",
- "S2701": "sonar-dotnet 6.6.0.3969",
- "S2737": "sonar-dotnet 6.6.0.3969",
- "S2743": "sonar-dotnet 6.6.0.3969",
- "S2755": "sonar-dotnet 8.4.0.15306",
- "S2757": "sonar-dotnet 6.6.0.3969",
- "S2758": {
- "since": "sonar-dotnet 6.6.0.3969",
- "until": "sonar-dotnet 8.25.0.33663"
- },
- "S2760": "sonar-dotnet 6.6.0.3969",
- "S2761": "sonar-dotnet 6.6.0.3969",
- "S2857": "sonar-dotnet 8.0.0.9566",
- "S2925": "sonar-dotnet 9.4.0.72892",
- "S2930": "sonar-dotnet 6.6.0.3969",
- "S2931": "sonar-dotnet 6.6.0.3969",
- "S2933": "sonar-dotnet 6.6.0.3969",
- "S2934": "sonar-dotnet 6.6.0.3969",
- "S2952": "sonar-dotnet 6.6.0.3969",
- "S2953": "sonar-dotnet 6.6.0.3969",
- "S2955": "sonar-dotnet 6.6.0.3969",
- "S2970": "sonar-dotnet 8.54.0.64047",
- "S2971": "sonar-dotnet 6.6.0.3969",
- "S2995": "sonar-dotnet 6.6.0.3969",
- "S2996": "sonar-dotnet 6.6.0.3969",
- "S2997": "sonar-dotnet 6.6.0.3969",
- "S3005": "sonar-dotnet 6.6.0.3969",
- "S3010": "sonar-dotnet 6.6.0.3969",
- "S3011": "sonar-dotnet 7.9.0.7583",
- "S3052": "sonar-dotnet 6.6.0.3969",
- "S3059": "sonar-dotnet 8.30.0.37606",
- "S3060": "sonar-dotnet 6.8.0.4636",
- "S3063": "sonar-dotnet 8.53.0.62665",
- "S3168": "sonar-dotnet 6.6.0.3969",
- "S3169": "sonar-dotnet 6.6.0.3969",
- "S3172": "sonar-dotnet 6.6.0.3969",
- "S3215": "sonar-dotnet 6.6.0.3969",
- "S3216": "sonar-dotnet 6.6.0.3969",
- "S3217": "sonar-dotnet 6.6.0.3969",
- "S3218": "sonar-dotnet 6.6.0.3969",
- "S3220": "sonar-dotnet 6.6.0.3969",
- "S3234": "sonar-dotnet 6.6.0.3969",
- "S3235": "sonar-dotnet 6.6.0.3969",
- "S3236": "sonar-dotnet 6.6.0.3969",
- "S3237": "sonar-dotnet 6.6.0.3969",
- "S3240": "sonar-dotnet 6.6.0.3969",
- "S3241": "sonar-dotnet 6.6.0.3969",
- "S3242": "sonar-dotnet 6.6.0.3969",
- "S3244": "sonar-dotnet 6.6.0.3969",
- "S3246": "sonar-dotnet 6.6.0.3969",
- "S3247": "sonar-dotnet 6.6.0.3969",
- "S3249": "sonar-dotnet 6.6.0.3969",
- "S3251": "sonar-dotnet 6.6.0.3969",
- "S3253": "sonar-dotnet 6.6.0.3969",
- "S3254": "sonar-dotnet 6.6.0.3969",
- "S3256": "sonar-dotnet 6.6.0.3969",
- "S3257": "sonar-dotnet 6.6.0.3969",
- "S3260": "sonar-dotnet 8.30.0.37606",
- "S3261": "sonar-dotnet 6.6.0.3969",
- "S3262": "sonar-dotnet 6.6.0.3969",
- "S3263": "sonar-dotnet 6.6.0.3969",
- "S3264": "sonar-dotnet 6.6.0.3969",
- "S3265": "sonar-dotnet 6.6.0.3969",
- "S3267": "sonar-dotnet 8.30.0.37606",
- "S3329": "sonar-dotnet 8.16.0.25740",
- "S3330": "sonar-dotnet 7.1.0.5212",
- "S3343": "sonar-dotnet 6.8.0.4636",
- "S3346": "sonar-dotnet 6.6.0.3969",
- "S3353": "sonar-dotnet 6.8.0.4636",
- "S3358": "sonar-dotnet 6.8.0.4636",
- "S3363": "sonar-dotnet 9.5.0.73987",
- "S3366": "sonar-dotnet 6.8.0.4636",
- "S3376": "sonar-dotnet 6.6.0.3969",
- "S3397": "sonar-dotnet 6.6.0.3969",
- "S3398": "sonar-dotnet 8.54.0.64047",
- "S3400": "sonar-dotnet 7.1.0.5212",
- "S3415": "sonar-dotnet 6.6.0.3969",
- "S3416": "sonar-dotnet 9.22.0.87781",
- "S3427": "sonar-dotnet 6.6.0.3969",
- "S3431": "sonar-dotnet 6.6.0.3969",
- "S3433": "sonar-dotnet 6.6.0.3969",
- "S3440": "sonar-dotnet 6.6.0.3969",
- "S3441": "sonar-dotnet 6.6.0.3969",
- "S3442": "sonar-dotnet 6.6.0.3969",
- "S3443": "sonar-dotnet 6.6.0.3969",
- "S3444": "sonar-dotnet 6.6.0.3969",
- "S3445": "sonar-dotnet 6.6.0.3969",
- "S3447": "sonar-dotnet 6.6.0.3969",
- "S3449": "sonar-dotnet 6.6.0.3969",
- "S3450": "sonar-dotnet 6.6.0.3969",
- "S3451": "sonar-dotnet 6.6.0.3969",
- "S3453": "sonar-dotnet 6.6.0.3969",
- "S3456": "sonar-dotnet 6.6.0.3969",
- "S3457": "sonar-dotnet 6.6.0.3969",
- "S3458": "sonar-dotnet 6.6.0.3969",
- "S3459": "sonar-dotnet 6.6.0.3969",
- "S3464": "sonar-dotnet 6.8.0.4636",
- "S3466": "sonar-dotnet 6.6.0.3969",
- "S3532": "sonar-dotnet 6.6.0.3969",
- "S3597": "sonar-dotnet 6.6.0.3969",
- "S3598": "sonar-dotnet 6.6.0.3969",
- "S3600": "sonar-dotnet 6.6.0.3969",
- "S3603": "sonar-dotnet 6.6.0.3969",
- "S3604": "sonar-dotnet 6.6.0.3969",
- "S3610": "sonar-dotnet 6.6.0.3969",
- "S3626": "sonar-dotnet 6.6.0.3969",
- "S3649": "sonar-dotnet 6.6.0.3969",
- "S3655": "sonar-dotnet 6.6.0.3969",
- "S3693": {
- "since": "sonar-dotnet 6.6.0.3969",
- "until": "sonar-dotnet 8.25.0.33663"
- },
- "S3717": "sonar-dotnet 6.6.0.3969",
- "S3776": "sonar-dotnet 6.6.0.3969",
- "S3869": "sonar-dotnet 6.6.0.3969",
- "S3871": "sonar-dotnet 6.6.0.3969",
- "S3872": "sonar-dotnet 6.6.0.3969",
- "S3874": "sonar-dotnet 6.6.0.3969",
- "S3875": "sonar-dotnet 6.6.0.3969",
- "S3876": "sonar-dotnet 6.6.0.3969",
- "S3877": "sonar-dotnet 6.6.0.3969",
- "S3878": "sonar-dotnet 8.53.0.62665",
- "S3880": "sonar-dotnet 6.6.0.3969",
- "S3881": "sonar-dotnet 6.6.0.3969",
- "S3884": "sonar-dotnet 6.6.0.3969",
- "S3885": "sonar-dotnet 6.6.0.3969",
- "S3887": "sonar-dotnet 6.6.0.3969",
- "S3889": "sonar-dotnet 6.6.0.3969",
- "S3897": "sonar-dotnet 6.6.0.3969",
- "S3898": "sonar-dotnet 6.6.0.3969",
- "S3900": "sonar-dotnet 6.6.0.3969",
- "S3902": "sonar-dotnet 6.6.0.3969",
- "S3903": "sonar-dotnet 6.6.0.3969",
- "S3904": "sonar-dotnet 6.6.0.3969",
- "S3906": "sonar-dotnet 6.6.0.3969",
- "S3908": "sonar-dotnet 6.6.0.3969",
- "S3909": "sonar-dotnet 6.6.0.3969",
- "S3923": "sonar-dotnet 7.1.0.5212",
- "S3925": "sonar-dotnet 6.6.0.3969",
- "S3926": "sonar-dotnet 6.6.0.3969",
- "S3927": "sonar-dotnet 6.6.0.3969",
- "S3928": "sonar-dotnet 6.6.0.3969",
- "S3937": "sonar-dotnet 7.5.0.6605",
- "S3949": "sonar-dotnet 8.2.0.13747",
- "S3956": "sonar-dotnet 6.6.0.3969",
- "S3962": "sonar-dotnet 6.6.0.3969",
- "S3963": "sonar-dotnet 6.6.0.3969",
- "S3966": "sonar-dotnet 6.6.0.3969",
- "S3967": "sonar-dotnet 6.6.0.3969",
- "S3971": "sonar-dotnet 6.6.0.3969",
- "S3972": "sonar-dotnet 6.6.0.3969",
- "S3973": "sonar-dotnet 7.3.0.5690",
- "S3981": "sonar-dotnet 6.6.0.3969",
- "S3984": "sonar-dotnet 6.6.0.3969",
- "S3990": "sonar-dotnet 6.6.0.3969",
- "S3992": "sonar-dotnet 6.6.0.3969",
- "S3993": "sonar-dotnet 6.6.0.3969",
- "S3994": "sonar-dotnet 6.6.0.3969",
- "S3995": "sonar-dotnet 6.6.0.3969",
- "S3996": "sonar-dotnet 6.6.0.3969",
- "S3997": "sonar-dotnet 6.6.0.3969",
- "S3998": "sonar-dotnet 6.6.0.3969",
- "S4000": "sonar-dotnet 6.6.0.3969",
- "S4002": "sonar-dotnet 6.6.0.3969",
- "S4004": "sonar-dotnet 6.6.0.3969",
- "S4005": "sonar-dotnet 6.6.0.3969",
- "S4015": "sonar-dotnet 6.6.0.3969",
- "S4016": "sonar-dotnet 6.6.0.3969",
- "S4017": "sonar-dotnet 6.6.0.3969",
- "S4018": "sonar-dotnet 6.6.0.3969",
- "S4019": "sonar-dotnet 6.6.0.3969",
- "S4022": "sonar-dotnet 6.6.0.3969",
- "S4023": "sonar-dotnet 6.6.0.3969",
- "S4025": "sonar-dotnet 6.6.0.3969",
- "S4026": "sonar-dotnet 6.6.0.3969",
- "S4027": "sonar-dotnet 6.6.0.3969",
- "S4035": "sonar-dotnet 6.6.0.3969",
- "S4036": "sonar-dotnet 8.17.0.26580",
- "S4039": "sonar-dotnet 6.6.0.3969",
- "S4040": "sonar-dotnet 6.6.0.3969",
- "S4041": "sonar-dotnet 6.6.0.3969",
- "S4047": "sonar-dotnet 6.6.0.3969",
- "S4049": "sonar-dotnet 6.6.0.3969",
- "S4050": "sonar-dotnet 6.6.0.3969",
- "S4052": "sonar-dotnet 6.6.0.3969",
- "S4055": "sonar-dotnet 6.6.0.3969",
- "S4056": "sonar-dotnet 6.6.0.3969",
- "S4057": "sonar-dotnet 6.6.0.3969",
- "S4058": "sonar-dotnet 6.6.0.3969",
- "S4059": "sonar-dotnet 6.6.0.3969",
- "S4060": "sonar-dotnet 6.6.0.3969",
- "S4061": "sonar-dotnet 6.6.0.3969",
- "S4069": "sonar-dotnet 6.6.0.3969",
- "S4070": "sonar-dotnet 6.6.0.3969",
- "S4136": "sonar-dotnet 7.17.0.9346",
- "S4142": {
- "since": "sonar-dotnet 6.6.0.3969",
- "until": "sonar-dotnet 8.25.0.33663"
- },
- "S4143": "sonar-dotnet 7.3.0.5690",
- "S4144": "sonar-dotnet 6.6.0.3969",
- "S4158": "sonar-dotnet 6.6.0.3969",
- "S4159": "sonar-dotnet 6.8.0.4636",
- "S4200": "sonar-dotnet 6.8.0.4636",
- "S4201": "sonar-dotnet 7.17.0.9346",
- "S4210": "sonar-dotnet 6.8.0.4636",
- "S4211": "sonar-dotnet 7.1.0.5212",
- "S4212": "sonar-dotnet 6.8.0.4636",
- "S4214": "sonar-dotnet 6.6.0.3969",
- "S4220": "sonar-dotnet 6.6.0.3969",
- "S4225": "sonar-dotnet 6.6.0.3969",
- "S4226": "sonar-dotnet 6.6.0.3969",
- "S4260": "sonar-dotnet 6.6.0.3969",
- "S4261": "sonar-dotnet 7.0.0.4787",
- "S4275": "sonar-dotnet 7.3.0.5690",
- "S4277": "sonar-dotnet 6.8.0.4636",
- "S4347": "sonar-dotnet 9.26.0.92422",
- "S4423": "sonar-dotnet 8.16.0.25740",
- "S4426": "sonar-dotnet 7.1.0.5212",
- "S4428": "sonar-dotnet 7.0.0.4787",
- "S4432": {
- "since": "sonar-dotnet 7.1.0.5212",
- "until": "sonar-dotnet 8.25.0.33663"
- },
- "S4433": "sonar-dotnet 7.1.0.5212",
- "S4456": "sonar-dotnet 7.1.0.5212",
- "S4457": "sonar-dotnet 7.1.0.5212",
- "S4462": "sonar-dotnet 7.1.0.5212",
- "S4487": "sonar-dotnet 8.0.0.9566",
- "S4502": "sonar-dotnet 8.22.0.31243",
- "S4507": "sonar-dotnet 7.9.0.7583",
- "S4524": "sonar-dotnet 7.1.0.5212",
- "S4529": {
- "since": "sonar-dotnet 7.9.0.7583",
- "until": "sonar-dotnet 7.13.0.8313"
- },
- "S4545": "sonar-dotnet 8.54.0.64047",
- "S4564": {
- "since": "sonar-dotnet 7.1.0.5212",
- "until": "sonar-dotnet 9.10.0.77988"
- },
- "S4581": "sonar-dotnet 7.1.0.5212",
- "S4583": "sonar-dotnet 7.17.0.9346",
- "S4586": "sonar-dotnet 7.1.0.5212",
- "S4635": "sonar-dotnet 8.0.0.9566",
- "S4663": "sonar-dotnet 8.53.0.62665",
- "S4721": {
- "since": "sonar-dotnet 7.9.0.7583",
- "until": "sonar-dotnet 7.13.0.8313"
- },
- "S4784": {
- "since": "sonar-dotnet 7.9.0.7583",
- "until": "sonar-dotnet 9.10.0.77988"
- },
- "S4787": {
- "since": "sonar-dotnet 7.9.0.7583",
- "until": "sonar-dotnet 9.9.0.77355"
- },
- "S4790": "sonar-dotnet 7.9.0.7583",
- "S4792": "sonar-dotnet 7.9.0.7583",
- "S4797": {
- "since": "sonar-dotnet 7.9.0.7583",
- "until": "sonar-dotnet 7.13.0.8313"
- },
- "S4817": {
- "since": "sonar-dotnet 7.9.0.7583",
- "until": "sonar-dotnet 7.13.0.8313"
- },
- "S4818": {
- "since": "sonar-dotnet 7.9.0.7583",
- "until": "sonar-dotnet 9.9.0.77355"
- },
- "S4823": {
- "since": "sonar-dotnet 7.9.0.7583",
- "until": "sonar-dotnet 9.10.0.77988"
- },
- "S4825": {
- "since": "sonar-dotnet 7.9.0.7583",
- "until": "sonar-dotnet 7.13.0.8313"
- },
- "S4829": {
- "since": "sonar-dotnet 7.9.0.7583",
- "until": "sonar-dotnet 9.10.0.77988"
- },
- "S4830": "sonar-dotnet 8.1.0.13383",
- "S4834": {
- "since": "sonar-dotnet 7.9.0.7583",
- "until": "sonar-dotnet 9.10.0.77988"
- },
- "S5034": "sonar-dotnet 7.17.0.9346",
- "S5042": "sonar-dotnet 7.9.1.7622",
- "S5122": "sonar-dotnet 8.22.0.31243",
+ "S2674": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2681": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2688": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2692": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2696": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2699": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2701": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2737": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2743": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2755": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2757": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2760": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2761": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2857": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2925": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2930": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2931": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2933": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2934": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2952": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2953": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2955": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2970": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2971": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2995": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2996": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2997": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3005": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3010": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3011": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3052": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3059": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3060": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3063": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3168": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3169": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3172": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3215": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3216": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3217": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3218": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3220": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3234": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3235": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3236": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3237": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3240": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3241": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3242": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3244": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3246": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3247": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3249": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3251": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3253": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3254": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3256": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3257": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3260": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3261": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3262": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3263": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3264": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3265": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3267": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3329": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3330": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3343": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3346": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3353": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3358": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3363": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3366": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3376": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3397": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3398": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3400": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3415": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3416": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3427": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3431": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3433": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3440": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3441": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3442": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3443": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3444": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3445": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3447": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3449": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3450": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3451": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3453": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3456": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3457": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3458": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3459": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3464": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3466": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3532": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3597": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3598": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3600": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3603": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3604": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3610": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3626": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3649": "sonar-security 7.4.0.1949",
+ "S3655": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3717": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3776": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3869": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3871": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3872": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3874": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3875": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3876": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3877": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3878": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3880": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3881": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3884": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3885": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3887": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3889": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3897": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3898": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3900": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3902": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3903": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3904": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3906": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3908": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3909": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3923": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3925": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3926": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3927": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3928": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3937": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3949": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3956": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3962": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3963": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3966": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3967": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3971": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3972": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3973": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3981": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3984": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3990": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3992": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3993": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3994": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3995": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3996": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3997": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3998": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4000": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4002": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4004": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4005": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4015": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4016": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4017": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4018": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4019": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4022": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4023": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4025": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4026": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4027": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4035": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4036": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4039": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4040": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4041": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4047": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4049": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4050": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4052": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4055": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4056": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4057": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4058": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4059": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4060": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4061": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4069": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4070": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4136": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4143": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4144": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4158": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4159": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4200": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4201": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4210": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4211": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4212": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4214": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4220": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4225": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4226": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4260": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4261": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4275": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4277": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4347": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4423": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4426": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4428": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4433": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4456": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4457": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4462": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4487": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4502": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4507": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4524": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4545": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4581": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4583": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4586": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4635": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4663": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4790": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4792": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4830": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S5034": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S5042": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S5122": "sonar-dotnet-enterprise 10.0.0.102753",
"S5131": "sonar-security 7.7.0.4011",
"S5135": "sonar-security 8.4.0.2759",
"S5144": "sonar-security 7.7.0.4011",
@@ -1929,96 +1841,101 @@
"since": "sonar-security 7.7.0.4011",
"until": "sonar-security 10.7.0.32997"
},
- "S5332": "sonar-dotnet 8.16.0.25740",
+ "S5332": "sonar-dotnet-enterprise 10.0.0.102753",
"S5334": "sonar-security 8.7.0.7826",
- "S5344": "sonar-dotnet 9.26.0.92422",
- "S5443": "sonar-dotnet 8.19.0.28253",
- "S5445": "sonar-dotnet 8.19.0.28253",
- "S5542": "sonar-dotnet 8.1.0.13383",
- "S5547": "sonar-dotnet 8.1.0.13383",
- "S5659": "sonar-dotnet 8.5.0.15942",
- "S5693": "sonar-dotnet 8.19.0.28253",
- "S5753": "sonar-dotnet 8.17.0.26580",
- "S5766": "sonar-dotnet 8.9.0.19135",
- "S5773": "sonar-dotnet 8.9.0.19135",
- "S5856": "sonar-dotnet 8.56.0.67649",
+ "S5344": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S5443": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S5445": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S5542": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S5547": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S5659": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S5693": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S5753": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S5766": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S5773": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S5856": "sonar-dotnet-enterprise 10.0.0.102753",
"S5883": "sonar-security 9.2.0.14426",
"S6096": "sonar-security 8.7.0.7826",
"S6173": "sonar-security 10.2.0.22608",
"S6287": "sonar-security 9.2.0.14426",
"S6350": "sonar-security 9.2.0.14426",
- "S6354": "sonar-dotnet 8.35.0.42613",
- "S6377": "sonar-dotnet 9.26.0.92422",
+ "S6354": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S6377": "sonar-dotnet-enterprise 10.0.0.102753",
"S6399": "sonar-security 10.3.0.27281",
- "S6419": "sonar-dotnet 8.41.0.50478",
- "S6420": "sonar-dotnet 8.41.0.50478",
- "S6421": "sonar-dotnet 8.41.0.50478",
- "S6422": "sonar-dotnet 8.41.0.50478",
- "S6423": "sonar-dotnet 8.41.0.50478",
- "S6424": "sonar-dotnet 8.41.0.50478",
- "S6444": "sonar-dotnet 8.51.0.59060",
- "S6507": "sonar-dotnet 8.54.0.64047",
- "S6513": "sonar-dotnet 8.55.0.65544",
+ "S6418": "sonar-dotnet-enterprise 10.2.0.105762",
+ "S6419": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S6420": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S6421": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S6422": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S6423": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S6424": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S6444": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S6507": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S6513": "sonar-dotnet-enterprise 10.0.0.102753",
"S6547": "sonar-security 10.7.0.32997",
"S6549": "sonar-security 10.7.0.32997",
- "S6561": "sonar-dotnet 9.5.0.73987",
- "S6562": "sonar-dotnet 9.5.0.73987",
- "S6563": "sonar-dotnet 9.5.0.73987",
- "S6566": "sonar-dotnet 9.5.0.73987",
- "S6575": "sonar-dotnet 9.5.0.73987",
- "S6580": "sonar-dotnet 9.5.0.73987",
- "S6585": "sonar-dotnet 9.5.0.73987",
- "S6588": "sonar-dotnet 9.5.0.73987",
- "S6602": "sonar-dotnet 9.1.0.70676",
- "S6603": "sonar-dotnet 9.1.0.70676",
- "S6605": "sonar-dotnet 9.1.0.70676",
- "S6607": "sonar-dotnet 9.1.0.70676",
- "S6608": "sonar-dotnet 9.1.0.70676",
- "S6609": "sonar-dotnet 9.1.0.70676",
- "S6610": "sonar-dotnet 9.1.0.70676",
- "S6612": "sonar-dotnet 9.1.0.70676",
- "S6613": "sonar-dotnet 9.1.0.70676",
- "S6617": "sonar-dotnet 9.1.0.70676",
- "S6618": "sonar-dotnet 9.1.0.70676",
+ "S6561": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S6562": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S6563": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S6566": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S6575": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S6580": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S6585": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S6588": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S6602": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S6603": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S6605": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S6607": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S6608": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S6609": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S6610": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S6612": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S6613": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S6617": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S6618": "sonar-dotnet-enterprise 10.0.0.102753",
"S6639": "sonar-security 10.2.0.22608",
- "S6640": "sonar-dotnet 9.5.0.73987",
+ "S6640": "sonar-dotnet-enterprise 10.0.0.102753",
"S6641": "sonar-security 10.2.0.22608",
- "S6664": "sonar-dotnet 9.22.0.87781",
- "S6667": "sonar-dotnet 9.21.0.86780",
- "S6668": "sonar-dotnet 9.21.0.86780",
- "S6669": "sonar-dotnet 9.22.0.87781",
- "S6670": "sonar-dotnet 9.22.0.87781",
- "S6672": "sonar-dotnet 9.22.0.87781",
- "S6673": "sonar-dotnet 9.22.0.87781",
- "S6674": "sonar-dotnet 9.21.0.86780",
- "S6675": "sonar-dotnet 9.22.0.87781",
- "S6677": "sonar-dotnet 9.21.0.86780",
- "S6678": "sonar-dotnet 9.21.0.86780",
+ "S6664": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S6667": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S6668": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S6669": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S6670": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S6672": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S6673": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S6674": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S6675": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S6677": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S6678": "sonar-dotnet-enterprise 10.0.0.102753",
"S6680": "sonar-security 10.7.0.32997",
"S6776": "sonar-security 10.7.0.32997",
- "S6781": "sonar-dotnet 9.26.0.92422",
- "S6797": "sonar-dotnet 9.14.0.81108",
- "S6798": "sonar-dotnet 9.14.0.81108",
- "S6800": "sonar-dotnet 9.14.0.81108",
- "S6802": "sonar-dotnet 9.14.0.81108",
- "S6803": "sonar-dotnet 9.14.0.81108",
- "S6930": "sonar-dotnet 9.22.0.87781",
- "S6931": "sonar-dotnet 9.23.0.88079",
- "S6932": "sonar-dotnet 9.26.0.92422",
- "S6934": "sonar-dotnet 9.23.0.88079",
- "S6960": "sonar-dotnet 9.25.0.90414",
- "S6961": "sonar-dotnet 9.24.0.89429",
- "S6962": "sonar-dotnet 9.25.0.90414",
- "S6964": "sonar-dotnet 9.25.0.90414",
- "S6965": "sonar-dotnet 9.24.0.89429",
- "S6966": "sonar-dotnet 9.25.0.90414",
- "S6967": "sonar-dotnet 9.25.0.90414",
- "S6968": "sonar-dotnet 9.25.0.90414",
+ "S6781": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S6797": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S6798": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S6800": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S6802": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S6803": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S6930": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S6931": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S6932": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S6934": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S6960": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S6961": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S6962": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S6964": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S6965": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S6966": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S6967": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S6968": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S7039": "sonar-dotnet-enterprise 10.0.0.102753",
"S7044": "sonar-security 10.7.0.32997",
- "S818": "sonar-dotnet 6.6.0.3969",
- "S881": "sonar-dotnet 7.1.0.5212",
- "S907": "sonar-dotnet 6.6.0.3969",
- "S927": "sonar-dotnet 6.6.0.3969"
+ "S7130": "sonar-dotnet-enterprise 10.2.0.105762",
+ "S7131": "sonar-dotnet-enterprise 10.2.0.105762",
+ "S7133": "sonar-dotnet-enterprise 10.2.0.105762",
+ "S818": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S881": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S907": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S927": "sonar-dotnet-enterprise 10.0.0.102753"
},
"CSS": {
"S1116": "sonar-css 1.0.0.457",
@@ -3392,6 +3309,8 @@
"S7027": "sonar-architecture 1.0.0.1901",
"S7044": "sonar-security 10.7.0.32997",
"S7091": "sonar-architecture 1.0.0.1901",
+ "S7134": "sonar-architecture 1.1.0.2157",
+ "S7158": "sonar-java 8.7.0.37452",
"S818": "sonar-java 4.15.0.12310",
"S864": "sonar-java 4.15.0.12310",
"S881": "sonar-java 4.15.0.12310",
@@ -3456,6 +3375,7 @@
"S126": "SonarJS 3.3.0.5702",
"S1264": "SonarJS 3.3.0.5702",
"S128": "SonarJS 3.3.0.5702",
+ "S1291": "SonarJS 10.18.0.28572",
"S1301": "SonarJS 3.3.0.5702",
"S131": "SonarJS 3.3.0.5702",
"S1313": "SonarJS 7.1.0.14721",
@@ -3846,6 +3766,7 @@
"S6351": "SonarJS 8.4.0.16431",
"S6353": "SonarJS 8.4.0.16431",
"S6397": "SonarJS 9.4.0.18205",
+ "S6418": "SonarJS 10.18.0.28572",
"S6426": "SonarJS 9.3.0.18033",
"S6435": "SonarJS 9.5.0.18531",
"S6438": "SonarJS 9.5.0.18531",
@@ -4251,6 +4172,7 @@
"S2216": "sonar-cpp 5.1.0.10083",
"S2234": "sonar-cpp 5.1.0.10083",
"S2245": "sonar-cpp 6.15.0.25047",
+ "S2253": "sonar-cpp master",
"S2259": "sonar-cpp v0.0.6",
"S2260": "sonar-cpp 5.1.0.10083",
"S2275": "sonar-cpp 6.2.0.11201",
@@ -4330,6 +4252,7 @@
"S5271": "sonar-cpp 6.2.0.11201",
"S5273": "sonar-cpp 6.2.0.11201",
"S5276": "sonar-cpp 6.10.0.18490",
+ "S5277": "sonar-cpp master",
"S5278": "sonar-cpp 6.2.0.11201",
"S5279": "sonar-cpp 6.2.0.11201",
"S5280": "sonar-cpp 6.2.0.11201",
@@ -4374,12 +4297,12 @@
"S5982": "sonar-cpp 6.13.0.22261",
"S6069": "sonar-cpp 6.14.0.23970",
"S6200": "sonar-cpp 6.27.0.38122",
- "S6418": "sonar-cpp master",
+ "S6418": "sonar-cpp 6.61.0.77816",
"S6871": "sonar-cpp 6.53.0.67215",
"S6936": "sonar-cpp 6.54.0.69031",
"S6991": "sonar-cpp 6.57.0.73017",
"S6996": "sonar-cpp 6.57.0.73017",
- "S7116": "sonar-cpp master",
+ "S7116": "sonar-cpp 6.61.0.77816",
"S784": "sonar-cpp 5.1.0.10083",
"S787": "sonar-cpp 5.1.0.10083",
"S793": "sonar-cpp 5.1.0.10083",
@@ -4449,6 +4372,7 @@
"S959": "sonar-cpp 5.1.0.10083",
"S960": "sonar-cpp 5.1.0.10083",
"S961": "sonar-cpp 5.1.0.10083",
+ "S963": "sonar-cpp master",
"S966": "sonar-cpp 5.1.0.10083",
"S967": "sonar-cpp 6.3.0.11371",
"S968": "sonar-cpp 5.1.0.10083",
@@ -4764,7 +4688,7 @@
"S6395": "sonar-php 3.23.0.8726",
"S6396": "sonar-php 3.23.0.8726",
"S6397": "sonar-php 3.23.0.8726",
- "S6418": "sonar-php master",
+ "S6418": "sonar-php 3.39.0.12526",
"S6437": "sonar-php 3.29.0.9684",
"S6600": "sonar-php 3.29.0.9684",
"S7044": "sonar-security 10.7.0.32997",
@@ -5651,8 +5575,8 @@
"S6782": "sonar-text 2.4.0.2120",
"S6783": "sonar-text 2.4.0.2120",
"S6987": "sonar-secrets 1.1.0.36766",
- "S6995": "sonar-text master",
- "S7013": "sonar-text master"
+ "S6995": "sonar-text 2.18.0.4866",
+ "S7013": "sonar-text 2.18.0.4866"
},
"SWIFT": {
"S100": "sonar-swift 3.1.0.2067",
@@ -5959,6 +5883,7 @@
"S126": "SonarJS 6.2.0.12043",
"S1264": "SonarJS 6.0.0.9595",
"S128": "SonarJS 6.2.0.12043",
+ "S1291": "SonarJS 10.18.0.28572",
"S1301": "SonarJS 6.0.0.9595",
"S131": "SonarJS 6.5.0.13383",
"S1313": "SonarJS 7.1.0.14721",
@@ -6241,6 +6166,7 @@
"S6351": "SonarJS 8.4.0.16431",
"S6353": "SonarJS 8.4.0.16431",
"S6397": "SonarJS 9.4.0.18205",
+ "S6418": "SonarJS 10.18.0.28572",
"S6426": "SonarJS 9.3.0.18033",
"S6435": "SonarJS 9.5.0.18531",
"S6438": "SonarJS 9.5.0.18531",
@@ -6409,283 +6335,218 @@
"S907": "sonar-vb 2.4.0.1305"
},
"VBNET": {
- "S101": "sonar-dotnet 7.6.0.7024",
- "S103": "sonar-dotnet 7.6.0.7024",
- "S104": "sonar-dotnet 7.6.0.7024",
- "S1048": "sonar-dotnet 7.7.0.7192",
- "S105": "sonar-dotnet 7.6.0.7024",
- "S1066": "sonar-dotnet 7.11.0.8083",
- "S1067": "sonar-dotnet 7.6.0.7024",
- "S107": "sonar-dotnet 7.11.0.8083",
- "S1075": "sonar-dotnet 7.6.0.7024",
- "S108": "sonar-dotnet 7.11.0.8083",
- "S1110": "sonar-dotnet 7.11.0.8083",
- "S112": "sonar-dotnet 7.6.0.7024",
- "S1123": "sonar-dotnet 8.50.0.58025",
- "S1125": "sonar-dotnet 7.11.0.8083",
- "S1133": "sonar-dotnet 8.53.0.62665",
- "S1134": "sonar-dotnet 7.11.0.8083",
- "S1135": "sonar-dotnet 7.11.0.8083",
- "S114": "sonar-dotnet 7.6.0.7024",
- "S1145": {
- "since": "sonar-dotnet 7.11.0.8083",
- "until": "sonar-dotnet 8.25.0.33663"
- },
- "S1147": "sonar-dotnet 7.6.0.7024",
- "S1151": "sonar-dotnet 7.11.0.8083",
- "S1155": "sonar-dotnet 8.35.0.42613",
- "S1163": "sonar-dotnet 8.18.0.27296",
- "S117": "sonar-dotnet 7.6.0.7024",
- "S1172": "sonar-dotnet 7.11.0.8083",
- "S1186": "sonar-dotnet 7.7.0.7192",
- "S119": "sonar-dotnet 9.6.0.74858",
- "S1192": "sonar-dotnet 8.18.0.27296",
- "S1197": "sonar-dotnet 7.6.0.7024",
- "S122": "sonar-dotnet 7.6.0.7024",
- "S1226": "sonar-dotnet 7.6.0.7024",
- "S126": "sonar-dotnet 7.11.0.8083",
- "S1301": "sonar-dotnet 7.7.0.7192",
- "S131": "sonar-dotnet 7.6.0.7024",
- "S1313": "sonar-dotnet 7.7.0.7192",
- "S134": "sonar-dotnet 7.6.0.7024",
- "S138": "sonar-dotnet 7.11.0.8083",
- "S139": "sonar-dotnet 7.6.0.7024",
- "S1451": "sonar-dotnet 7.7.0.7192",
- "S1479": "sonar-dotnet 7.7.0.7192",
- "S1481": "sonar-dotnet 7.7.0.7192",
- "S1523": {
- "since": "sonar-dotnet 7.9.0.7583",
- "until": "sonar-dotnet 7.13.0.8313"
- },
- "S1541": "sonar-dotnet 7.6.0.7024",
- "S1542": "sonar-dotnet 7.6.0.7024",
- "S1643": "sonar-dotnet 7.6.0.7024",
- "S1645": "sonar-dotnet 7.6.0.7024",
- "S1654": "sonar-dotnet 7.6.0.7024",
- "S1656": "sonar-dotnet 7.6.0.7024",
- "S1659": "sonar-dotnet 7.6.0.7024",
- "S1751": "sonar-dotnet 7.6.0.7024",
- "S1764": "sonar-dotnet 7.6.0.7024",
- "S1821": "sonar-dotnet 7.7.0.7192",
- "S1862": "sonar-dotnet 7.6.0.7024",
- "S1871": "sonar-dotnet 7.6.0.7024",
- "S1940": "sonar-dotnet 7.7.0.7192",
- "S1944": "sonar-dotnet 9.4.0.72892",
- "S2053": "sonar-dotnet 9.6.0.74858",
- "S2068": "sonar-dotnet 7.7.0.7192",
- "S2077": "sonar-dotnet 7.9.0.7583",
- "S2094": "sonar-dotnet 8.54.0.64047",
- "S2166": "sonar-dotnet 8.53.0.62665",
- "S2178": "sonar-dotnet 7.6.0.7024",
- "S2222": "sonar-dotnet 8.36.0.43782",
- "S2225": "sonar-dotnet 8.47.0.55603",
- "S2234": "sonar-dotnet 7.11.0.8083",
- "S2255": {
- "since": "sonar-dotnet 7.9.0.7583",
- "until": "sonar-dotnet 9.8.0.76515"
- },
- "S2257": "sonar-dotnet 8.16.0.25740",
- "S2259": "sonar-dotnet 8.45.0.54064",
- "S2302": "sonar-dotnet 7.17.0.9346",
- "S2304": "sonar-dotnet 7.6.0.7024",
- "S2339": "sonar-dotnet 7.6.0.7024",
- "S2340": "sonar-dotnet 7.6.0.7024",
- "S2342": "sonar-dotnet 7.6.0.7024",
- "S2343": "sonar-dotnet 7.6.0.7024",
- "S2344": "sonar-dotnet 7.6.0.7024",
- "S2345": "sonar-dotnet 7.6.0.7024",
- "S2346": "sonar-dotnet 7.6.0.7024",
- "S2347": "sonar-dotnet 7.6.0.7024",
- "S2348": "sonar-dotnet 7.6.0.7024",
- "S2349": "sonar-dotnet 7.6.0.7024",
- "S2352": "sonar-dotnet 7.6.0.7024",
- "S2353": {
- "since": "sonar-dotnet 7.6.0.7024",
- "until": "sonar-dotnet 9.23.2.88755"
- },
- "S2354": "sonar-dotnet 7.6.0.7024",
- "S2355": "sonar-dotnet 7.6.0.7024",
- "S2357": "sonar-dotnet 7.6.0.7024",
- "S2358": "sonar-dotnet 7.6.0.7024",
- "S2359": "sonar-dotnet 7.6.0.7024",
- "S2360": "sonar-dotnet 7.6.0.7024",
- "S2362": "sonar-dotnet 7.6.0.7024",
- "S2363": "sonar-dotnet 7.6.0.7024",
- "S2364": "sonar-dotnet 7.6.0.7024",
- "S2365": "sonar-dotnet 7.6.0.7024",
- "S2366": "sonar-dotnet 7.6.0.7024",
- "S2367": "sonar-dotnet 7.6.0.7024",
- "S2368": "sonar-dotnet 7.6.0.7024",
- "S2369": "sonar-dotnet 7.6.0.7024",
- "S2370": "sonar-dotnet 7.6.0.7024",
- "S2372": "sonar-dotnet 7.6.0.7024",
- "S2373": "sonar-dotnet 7.6.0.7024",
- "S2374": "sonar-dotnet 7.6.0.7024",
- "S2375": "sonar-dotnet 7.6.0.7024",
- "S2376": "sonar-dotnet 7.6.0.7024",
- "S2387": "sonar-dotnet 8.18.0.27296",
- "S2429": "sonar-dotnet 7.6.0.7024",
- "S2437": "sonar-dotnet 8.18.0.27296",
- "S2551": "sonar-dotnet 7.7.0.7192",
- "S2583": "sonar-dotnet 9.8.0.76515",
- "S2589": "sonar-dotnet 9.8.0.76515",
- "S2612": "sonar-dotnet 8.19.0.28253",
- "S2692": "sonar-dotnet 8.18.0.27296",
- "S2737": "sonar-dotnet 7.7.0.7192",
- "S2757": "sonar-dotnet 7.7.0.7192",
- "S2761": "sonar-dotnet 7.7.0.7192",
- "S2925": "sonar-dotnet 9.4.0.72892",
- "S2951": "sonar-dotnet 7.6.0.7024",
- "S3011": "sonar-dotnet 7.9.0.7583",
- "S3063": "sonar-dotnet 8.53.0.62665",
- "S3329": "sonar-dotnet 9.6.0.74858",
- "S3358": "sonar-dotnet 7.7.0.7192",
- "S3363": "sonar-dotnet 9.5.0.73987",
- "S3385": "sonar-dotnet 7.6.0.7024",
- "S3431": "sonar-dotnet 8.28.0.36354",
- "S3449": "sonar-dotnet 7.7.0.7192",
- "S3453": "sonar-dotnet 7.7.0.7192",
- "S3464": "sonar-dotnet 7.7.0.7192",
- "S3466": "sonar-dotnet 7.7.0.7192",
- "S3598": "sonar-dotnet 7.7.0.7192",
- "S3603": "sonar-dotnet 7.7.0.7192",
- "S3655": "sonar-dotnet 8.56.0.67649",
- "S3693": {
- "since": "sonar-dotnet 7.7.0.7192",
- "until": "sonar-dotnet 8.25.0.33663"
- },
- "S3776": "sonar-dotnet 7.7.0.7192",
- "S3860": "sonar-dotnet 7.6.0.7024",
- "S3866": "sonar-dotnet 7.6.0.7024",
- "S3869": "sonar-dotnet 7.7.0.7192",
- "S3871": "sonar-dotnet 8.49.0.57237",
- "S3878": "sonar-dotnet 8.53.0.62665",
- "S3884": "sonar-dotnet 8.18.0.27296",
- "S3889": "sonar-dotnet 7.7.0.7192",
- "S3898": "sonar-dotnet 8.52.0.60940",
- "S3900": "sonar-dotnet 8.56.0.67649",
- "S3903": "sonar-dotnet 7.7.0.7192",
- "S3904": "sonar-dotnet 8.18.0.27296",
- "S3923": "sonar-dotnet 7.7.0.7192",
- "S3926": "sonar-dotnet 7.7.0.7192",
- "S3927": "sonar-dotnet 7.7.0.7192",
- "S3949": "sonar-dotnet 9.2.0.71021",
- "S3966": "sonar-dotnet 9.4.0.72892",
- "S3981": "sonar-dotnet 7.6.0.7024",
- "S3990": "sonar-dotnet 8.18.0.27296",
- "S3992": "sonar-dotnet 8.18.0.27296",
- "S3998": "sonar-dotnet 8.18.0.27296",
- "S4025": "sonar-dotnet 8.18.0.27296",
- "S4036": "sonar-dotnet 8.17.0.26580",
- "S4060": "sonar-dotnet 8.43.0.51858",
- "S4136": "sonar-dotnet 7.17.0.9346",
- "S4142": {
- "since": "sonar-dotnet 7.6.0.7024",
- "until": "sonar-dotnet 8.25.0.33663"
- },
- "S4143": "sonar-dotnet 7.7.0.7192",
- "S4144": "sonar-dotnet 7.6.0.7024",
- "S4158": "sonar-dotnet 9.4.0.72892",
- "S4159": "sonar-dotnet 7.7.0.7192",
- "S4201": "sonar-dotnet 7.17.0.9346",
- "S4210": "sonar-dotnet 7.7.0.7192",
- "S4225": "sonar-dotnet 8.43.0.51858",
- "S4260": "sonar-dotnet 7.7.0.7192",
- "S4275": "sonar-dotnet 7.7.0.7192",
- "S4277": "sonar-dotnet 7.7.0.7192",
- "S4423": "sonar-dotnet 8.16.0.25740",
- "S4428": "sonar-dotnet 7.7.0.7192",
- "S4507": "sonar-dotnet 7.9.0.7583",
- "S4529": {
- "since": "sonar-dotnet 7.9.0.7583",
- "until": "sonar-dotnet 7.13.0.8313"
- },
- "S4545": "sonar-dotnet 8.54.0.64047",
- "S4581": "sonar-dotnet 8.40.0.48530",
- "S4583": "sonar-dotnet 8.18.0.27296",
- "S4586": "sonar-dotnet 7.7.0.7192",
- "S4663": "sonar-dotnet 8.53.0.62665",
- "S4721": {
- "since": "sonar-dotnet 7.9.0.7583",
- "until": "sonar-dotnet 7.13.0.8313"
- },
- "S4784": {
- "since": "sonar-dotnet 7.9.0.7583",
- "until": "sonar-dotnet 9.10.0.77988"
- },
- "S4787": {
- "since": "sonar-dotnet 7.9.0.7583",
- "until": "sonar-dotnet 9.9.0.77355"
- },
- "S4790": "sonar-dotnet 7.9.0.7583",
- "S4792": "sonar-dotnet 7.9.0.7583",
- "S4797": {
- "since": "sonar-dotnet 7.9.0.7583",
- "until": "sonar-dotnet 7.13.0.8313"
- },
- "S4817": {
- "since": "sonar-dotnet 7.9.0.7583",
- "until": "sonar-dotnet 7.13.0.8313"
- },
- "S4818": {
- "since": "sonar-dotnet 7.9.0.7583",
- "until": "sonar-dotnet 9.9.0.77355"
- },
- "S4823": {
- "since": "sonar-dotnet 7.9.0.7583",
- "until": "sonar-dotnet 9.10.0.77988"
- },
- "S4825": {
- "since": "sonar-dotnet 7.9.0.7583",
- "until": "sonar-dotnet 7.13.0.8313"
- },
- "S4829": {
- "since": "sonar-dotnet 7.9.0.7583",
- "until": "sonar-dotnet 9.10.0.77988"
- },
- "S4830": "sonar-dotnet 8.1.0.13383",
- "S4834": {
- "since": "sonar-dotnet 7.9.0.7583",
- "until": "sonar-dotnet 9.10.0.77988"
- },
- "S5042": "sonar-dotnet 7.9.1.7622",
- "S5443": "sonar-dotnet 8.19.0.28253",
- "S5445": "sonar-dotnet 8.19.0.28253",
- "S5542": "sonar-dotnet 8.1.0.13383",
- "S5547": "sonar-dotnet 8.18.0.27296",
- "S5659": "sonar-dotnet 8.5.0.15942",
- "S5693": "sonar-dotnet 8.19.0.28253",
- "S5753": "sonar-dotnet 8.17.0.26580",
- "S5773": "sonar-dotnet 9.6.0.74858",
- "S5856": "sonar-dotnet 8.56.0.67649",
- "S5944": "sonar-dotnet 8.18.0.27296",
- "S6145": "sonar-dotnet 8.18.0.27296",
- "S6146": "sonar-dotnet 8.18.0.27296",
- "S6354": "sonar-dotnet 8.35.0.42613",
- "S6444": "sonar-dotnet 8.51.0.59060",
- "S6513": "sonar-dotnet 8.55.0.65544",
- "S6561": "sonar-dotnet 9.5.0.73987",
- "S6562": "sonar-dotnet 9.5.0.73987",
- "S6563": "sonar-dotnet 9.5.0.73987",
- "S6566": "sonar-dotnet 9.5.0.73987",
- "S6575": "sonar-dotnet 9.5.0.73987",
- "S6580": "sonar-dotnet 9.5.0.73987",
- "S6585": "sonar-dotnet 9.5.0.73987",
- "S6588": "sonar-dotnet 9.5.0.73987",
- "S6602": "sonar-dotnet 9.1.0.70676",
- "S6603": "sonar-dotnet 9.1.0.70676",
- "S6605": "sonar-dotnet 9.1.0.70676",
- "S6607": "sonar-dotnet 9.1.0.70676",
- "S6608": "sonar-dotnet 9.1.0.70676",
- "S6609": "sonar-dotnet 9.1.0.70676",
- "S6610": "sonar-dotnet 9.1.0.70676",
- "S6612": "sonar-dotnet 9.1.0.70676",
- "S6613": "sonar-dotnet 9.1.0.70676",
- "S6617": "sonar-dotnet 9.1.0.70676",
- "S6930": "sonar-dotnet 9.22.0.87781",
- "S6931": "sonar-dotnet 9.23.0.88079",
- "S907": "sonar-dotnet 8.11.0.20529",
- "S927": "sonar-dotnet 8.18.0.27296"
+ "S101": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S103": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S104": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1048": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S105": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1066": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1067": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S107": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1075": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S108": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1110": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S112": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1123": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1125": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1133": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1134": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1135": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S114": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1147": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1151": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1155": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1163": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S117": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1172": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1186": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S119": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1192": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1197": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S122": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1226": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S126": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1301": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S131": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1313": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S134": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S138": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S139": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1451": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1479": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1481": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1541": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1542": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1643": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1645": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1654": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1656": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1659": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1751": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1764": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1821": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1862": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1871": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1940": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S1944": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2053": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2068": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2077": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2094": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2166": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2178": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2222": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2225": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2234": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2257": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2259": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2302": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2304": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2339": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2340": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2342": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2343": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2344": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2345": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2346": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2347": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2348": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2349": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2352": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2354": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2355": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2357": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2358": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2359": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2360": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2362": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2363": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2364": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2365": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2366": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2367": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2368": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2369": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2370": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2372": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2373": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2374": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2375": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2376": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2387": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2429": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2437": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2551": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2583": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2589": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2612": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2692": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2737": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2757": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2761": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2925": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S2951": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3011": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3063": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3329": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3358": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3363": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3385": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3431": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3449": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3453": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3464": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3466": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3598": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3603": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3655": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3776": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3860": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3866": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3869": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3871": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3878": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3884": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3889": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3898": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3900": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3903": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3904": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3923": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3926": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3927": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3949": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3966": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3981": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3990": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3992": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S3998": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4025": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4036": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4060": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4136": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4143": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4144": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4158": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4159": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4201": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4210": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4225": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4260": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4275": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4277": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4423": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4428": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4507": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4545": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4581": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4583": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4586": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4663": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4790": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4792": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S4830": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S5042": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S5443": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S5445": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S5542": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S5547": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S5659": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S5693": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S5753": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S5773": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S5856": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S5944": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S6145": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S6146": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S6354": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S6444": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S6513": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S6561": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S6562": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S6563": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S6566": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S6575": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S6580": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S6585": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S6588": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S6602": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S6603": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S6605": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S6607": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S6608": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S6609": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S6610": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S6612": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S6613": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S6617": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S6930": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S6931": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S7130": "sonar-dotnet-enterprise 10.2.0.105762",
+ "S7131": "sonar-dotnet-enterprise 10.2.0.105762",
+ "S7133": "sonar-dotnet-enterprise 10.2.0.105762",
+ "S907": "sonar-dotnet-enterprise 10.0.0.102753",
+ "S927": "sonar-dotnet-enterprise 10.0.0.102753"
},
"XML": {
"S103": "sonar-xml 2.0.0.2003",
diff --git a/rspec-tools/rspec_tools/checklinks.py b/rspec-tools/rspec_tools/checklinks.py
index 24278911557..39a4da39f6f 100644
--- a/rspec-tools/rspec_tools/checklinks.py
+++ b/rspec-tools/rspec_tools/checklinks.py
@@ -1,12 +1,11 @@
-import os,io
-import re
-import requests
+import datetime
import json
+import pathlib
import random
-import datetime
+import socket
+
+import requests
from bs4 import BeautifulSoup
-from socket import timeout
-import pathlib
TOLERABLE_LINK_DOWNTIME = datetime.timedelta(days=7)
LINK_PROBES_HISTORY_FILE = './link_probes.history'
@@ -73,7 +72,7 @@ def live_url(url: str, timeout=5):
req = requests.Request('GET', url, headers = {'sec-ch-ua': '" Not A;Brand";v="99", "Chromium";v="90"',
'sec-ch-ua-mobile': '?0',
'Upgrade-Insecure-Requests': '1',
- 'User-Agent': 'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36',
+ 'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 GLS/100.10.9939.100',
'Accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9',
'Sec-Fetch-Site':'none',
'Sec-Fetch-Mode':'navigate',
@@ -102,13 +101,13 @@ def live_url(url: str, timeout=5):
print(f"ERROR: Too many redirects: {rr}")
return False
except requests.Timeout as t:
- print(f"ERROR: timeout ", t)
+ print(f"ERROR: Request timeout {t}")
return False
- except timeout as t:
- print(f"ERROR: timeout ", t)
+ except socket.timeout as t:
+ print(f"ERROR: Socket timeout {t}")
return False
except Exception as e:
- print(f"ERROR: ", e)
+ print(f"ERROR: {e}")
return False
def findurl_in_html(filename,urls):
diff --git a/rspec-tools/rspec_tools/coverage.py b/rspec-tools/rspec_tools/coverage.py
index 86b8561b841..38f2fc1f639 100644
--- a/rspec-tools/rspec_tools/coverage.py
+++ b/rspec-tools/rspec_tools/coverage.py
@@ -17,7 +17,7 @@
'sonar-css',
'sonar-dart',
'sonar-dataflow-bug-detection',
- 'sonar-dotnet',
+ 'sonar-dotnet-enterprise',
'sonar-flex',
'sonar-go',
'sonar-html',
diff --git a/rules/S100/flex/metadata.json b/rules/S100/flex/metadata.json
index ba46fb6f078..2c63c085104 100644
--- a/rules/S100/flex/metadata.json
+++ b/rules/S100/flex/metadata.json
@@ -1,5 +1,2 @@
{
- "tags": [],
- "status": "deprecated",
- "defaultQualityProfiles": []
-}
\ No newline at end of file
+}
diff --git a/rules/S1005/flex/metadata.json b/rules/S1005/flex/metadata.json
index ba46fb6f078..17971333806 100644
--- a/rules/S1005/flex/metadata.json
+++ b/rules/S1005/flex/metadata.json
@@ -1,5 +1,3 @@
{
- "tags": [],
- "status": "deprecated",
- "defaultQualityProfiles": []
-}
\ No newline at end of file
+
+}
diff --git a/rules/S101/flex/metadata.json b/rules/S101/flex/metadata.json
index ba46fb6f078..17971333806 100644
--- a/rules/S101/flex/metadata.json
+++ b/rules/S101/flex/metadata.json
@@ -1,5 +1,3 @@
{
- "tags": [],
- "status": "deprecated",
- "defaultQualityProfiles": []
-}
\ No newline at end of file
+
+}
diff --git a/rules/S103/flex/metadata.json b/rules/S103/flex/metadata.json
index ba46fb6f078..17971333806 100644
--- a/rules/S103/flex/metadata.json
+++ b/rules/S103/flex/metadata.json
@@ -1,5 +1,3 @@
{
- "tags": [],
- "status": "deprecated",
- "defaultQualityProfiles": []
-}
\ No newline at end of file
+
+}
diff --git a/rules/S1066/flex/metadata.json b/rules/S1066/flex/metadata.json
index ba46fb6f078..17971333806 100644
--- a/rules/S1066/flex/metadata.json
+++ b/rules/S1066/flex/metadata.json
@@ -1,5 +1,3 @@
{
- "tags": [],
- "status": "deprecated",
- "defaultQualityProfiles": []
-}
\ No newline at end of file
+
+}
diff --git a/rules/S1068/flex/metadata.json b/rules/S1068/flex/metadata.json
index ba46fb6f078..17971333806 100644
--- a/rules/S1068/flex/metadata.json
+++ b/rules/S1068/flex/metadata.json
@@ -1,5 +1,3 @@
{
- "tags": [],
- "status": "deprecated",
- "defaultQualityProfiles": []
-}
\ No newline at end of file
+
+}
diff --git a/rules/S107/flex/metadata.json b/rules/S107/flex/metadata.json
index ba46fb6f078..17971333806 100644
--- a/rules/S107/flex/metadata.json
+++ b/rules/S107/flex/metadata.json
@@ -1,5 +1,3 @@
{
- "tags": [],
- "status": "deprecated",
- "defaultQualityProfiles": []
-}
\ No newline at end of file
+
+}
diff --git a/rules/S108/flex/metadata.json b/rules/S108/flex/metadata.json
index ba46fb6f078..17971333806 100644
--- a/rules/S108/flex/metadata.json
+++ b/rules/S108/flex/metadata.json
@@ -1,5 +1,3 @@
{
- "tags": [],
- "status": "deprecated",
- "defaultQualityProfiles": []
-}
\ No newline at end of file
+
+}
diff --git a/rules/S1116/flex/metadata.json b/rules/S1116/flex/metadata.json
index ba46fb6f078..17971333806 100644
--- a/rules/S1116/flex/metadata.json
+++ b/rules/S1116/flex/metadata.json
@@ -1,5 +1,3 @@
{
- "tags": [],
- "status": "deprecated",
- "defaultQualityProfiles": []
-}
\ No newline at end of file
+
+}
diff --git a/rules/S1117/flex/metadata.json b/rules/S1117/flex/metadata.json
index 39aa0206ac3..08caf504cc9 100644
--- a/rules/S1117/flex/metadata.json
+++ b/rules/S1117/flex/metadata.json
@@ -1,6 +1,3 @@
{
- "title": "Local variables should not shadow class fields",
- "tags": [],
- "status": "deprecated",
- "defaultQualityProfiles": []
-}
\ No newline at end of file
+ "title": "Local variables should not shadow class fields"
+}
diff --git a/rules/S1125/flex/metadata.json b/rules/S1125/flex/metadata.json
index ba46fb6f078..17971333806 100644
--- a/rules/S1125/flex/metadata.json
+++ b/rules/S1125/flex/metadata.json
@@ -1,5 +1,3 @@
{
- "tags": [],
- "status": "deprecated",
- "defaultQualityProfiles": []
-}
\ No newline at end of file
+
+}
diff --git a/rules/S1135/flex/metadata.json b/rules/S1135/flex/metadata.json
index ba46fb6f078..17971333806 100644
--- a/rules/S1135/flex/metadata.json
+++ b/rules/S1135/flex/metadata.json
@@ -1,5 +1,3 @@
{
- "tags": [],
- "status": "deprecated",
- "defaultQualityProfiles": []
-}
\ No newline at end of file
+
+}
diff --git a/rules/S1142/flex/metadata.json b/rules/S1142/flex/metadata.json
index ba46fb6f078..17971333806 100644
--- a/rules/S1142/flex/metadata.json
+++ b/rules/S1142/flex/metadata.json
@@ -1,5 +1,3 @@
{
- "tags": [],
- "status": "deprecated",
- "defaultQualityProfiles": []
-}
\ No newline at end of file
+
+}
diff --git a/rules/S1144/flex/metadata.json b/rules/S1144/flex/metadata.json
index 3e488306635..ba2e0c60b9d 100644
--- a/rules/S1144/flex/metadata.json
+++ b/rules/S1144/flex/metadata.json
@@ -1,6 +1,3 @@
{
- "title": "Unused \"private\" functions should be removed",
- "tags": [],
- "status": "deprecated",
- "defaultQualityProfiles": []
-}
\ No newline at end of file
+ "title": "Unused \"private\" functions should be removed"
+}
diff --git a/rules/S1145/flex/metadata.json b/rules/S1145/flex/metadata.json
index ba46fb6f078..2c63c085104 100644
--- a/rules/S1145/flex/metadata.json
+++ b/rules/S1145/flex/metadata.json
@@ -1,5 +1,2 @@
{
- "tags": [],
- "status": "deprecated",
- "defaultQualityProfiles": []
-}
\ No newline at end of file
+}
diff --git a/rules/S115/flex/metadata.json b/rules/S115/flex/metadata.json
index ba46fb6f078..17971333806 100644
--- a/rules/S115/flex/metadata.json
+++ b/rules/S115/flex/metadata.json
@@ -1,5 +1,3 @@
{
- "tags": [],
- "status": "deprecated",
- "defaultQualityProfiles": []
-}
\ No newline at end of file
+
+}
diff --git a/rules/S115/java/rule.adoc b/rules/S115/java/rule.adoc
index 5da90f44be5..3245d887303 100644
--- a/rules/S115/java/rule.adoc
+++ b/rules/S115/java/rule.adoc
@@ -57,6 +57,23 @@ public enum MyEnum {
}
----
+=== Exceptions
+
+The rule applies to fields of primitive types (for example, ``float``), boxed primitives (``Float``), and Strings.
+We do not apply it to other types, which can be mutated, or have methods with side effects.
+
+[source,java]
+----
+public static final Logger log = getLogger(MyClass.class);
+public static final List myList = new ArrayList<>();
+
+// call with side-effects
+log.info("message")
+
+// mutating an object
+myList.add(28);
+----
+
== Resources
=== External coding guidelines
diff --git a/rules/S1151/flex/metadata.json b/rules/S1151/flex/metadata.json
index ba46fb6f078..17971333806 100644
--- a/rules/S1151/flex/metadata.json
+++ b/rules/S1151/flex/metadata.json
@@ -1,5 +1,3 @@
{
- "tags": [],
- "status": "deprecated",
- "defaultQualityProfiles": []
-}
\ No newline at end of file
+
+}
diff --git a/rules/S116/flex/metadata.json b/rules/S116/flex/metadata.json
index ba46fb6f078..17971333806 100644
--- a/rules/S116/flex/metadata.json
+++ b/rules/S116/flex/metadata.json
@@ -1,5 +1,3 @@
{
- "tags": [],
- "status": "deprecated",
- "defaultQualityProfiles": []
-}
\ No newline at end of file
+
+}
diff --git a/rules/S117/flex/metadata.json b/rules/S117/flex/metadata.json
index ba46fb6f078..17971333806 100644
--- a/rules/S117/flex/metadata.json
+++ b/rules/S117/flex/metadata.json
@@ -1,5 +1,3 @@
{
- "tags": [],
- "status": "deprecated",
- "defaultQualityProfiles": []
-}
\ No newline at end of file
+
+}
diff --git a/rules/S1170/flex/metadata.json b/rules/S1170/flex/metadata.json
index f8c76ae97f4..0e18242bb8f 100644
--- a/rules/S1170/flex/metadata.json
+++ b/rules/S1170/flex/metadata.json
@@ -1,6 +1,3 @@
{
- "title": "Public constants and fields initialized at declaration should be \"const static\" rather than merely \"const\"",
- "tags": [],
- "status": "deprecated",
- "defaultQualityProfiles": []
-}
\ No newline at end of file
+ "title": "Public constants and fields initialized at declaration should be \"const static\" rather than merely \"const\""
+}
diff --git a/rules/S1172/flex/metadata.json b/rules/S1172/flex/metadata.json
index ba46fb6f078..17971333806 100644
--- a/rules/S1172/flex/metadata.json
+++ b/rules/S1172/flex/metadata.json
@@ -1,5 +1,3 @@
{
- "tags": [],
- "status": "deprecated",
- "defaultQualityProfiles": []
-}
\ No newline at end of file
+
+}
diff --git a/rules/S1176/flex/metadata.json b/rules/S1176/flex/metadata.json
index 0e8a5dbac2d..f78770acbe9 100644
--- a/rules/S1176/flex/metadata.json
+++ b/rules/S1176/flex/metadata.json
@@ -1,6 +1,3 @@
{
- "title": "Public classes, methods, properties and metadata should be documented with ASDoc",
- "tags": [],
- "status": "deprecated",
- "defaultQualityProfiles": []
-}
\ No newline at end of file
+ "title": "Public classes, methods, properties and metadata should be documented with ASDoc"
+}
diff --git a/rules/S1185/flex/metadata.json b/rules/S1185/flex/metadata.json
index ba46fb6f078..17971333806 100644
--- a/rules/S1185/flex/metadata.json
+++ b/rules/S1185/flex/metadata.json
@@ -1,5 +1,3 @@
{
- "tags": [],
- "status": "deprecated",
- "defaultQualityProfiles": []
-}
\ No newline at end of file
+
+}
diff --git a/rules/S1186/flex/metadata.json b/rules/S1186/flex/metadata.json
index ba46fb6f078..17971333806 100644
--- a/rules/S1186/flex/metadata.json
+++ b/rules/S1186/flex/metadata.json
@@ -1,5 +1,3 @@
{
- "tags": [],
- "status": "deprecated",
- "defaultQualityProfiles": []
-}
\ No newline at end of file
+
+}
diff --git a/rules/S120/flex/metadata.json b/rules/S120/flex/metadata.json
index ba46fb6f078..17971333806 100644
--- a/rules/S120/flex/metadata.json
+++ b/rules/S120/flex/metadata.json
@@ -1,5 +1,3 @@
{
- "tags": [],
- "status": "deprecated",
- "defaultQualityProfiles": []
-}
\ No newline at end of file
+
+}
diff --git a/rules/S122/flex/metadata.json b/rules/S122/flex/metadata.json
index ba46fb6f078..17971333806 100644
--- a/rules/S122/flex/metadata.json
+++ b/rules/S122/flex/metadata.json
@@ -1,5 +1,3 @@
{
- "tags": [],
- "status": "deprecated",
- "defaultQualityProfiles": []
-}
\ No newline at end of file
+
+}
diff --git a/rules/S1224/flex/metadata.json b/rules/S1224/flex/metadata.json
index 72ef4ac9a33..17971333806 100644
--- a/rules/S1224/flex/metadata.json
+++ b/rules/S1224/flex/metadata.json
@@ -1,6 +1,3 @@
{
- "tags": [],
- "status": "deprecated",
- "defaultQualityProfiles": [],
- "quickfix": "unknown"
+
}
diff --git a/rules/S124/flex/metadata.json b/rules/S124/flex/metadata.json
index ba46fb6f078..17971333806 100644
--- a/rules/S124/flex/metadata.json
+++ b/rules/S124/flex/metadata.json
@@ -1,5 +1,3 @@
{
- "tags": [],
- "status": "deprecated",
- "defaultQualityProfiles": []
-}
\ No newline at end of file
+
+}
diff --git a/rules/S125/flex/metadata.json b/rules/S125/flex/metadata.json
index ba46fb6f078..17971333806 100644
--- a/rules/S125/flex/metadata.json
+++ b/rules/S125/flex/metadata.json
@@ -1,5 +1,3 @@
{
- "tags": [],
- "status": "deprecated",
- "defaultQualityProfiles": []
-}
\ No newline at end of file
+
+}
diff --git a/rules/S127/flex/metadata.json b/rules/S127/flex/metadata.json
index ba46fb6f078..17971333806 100644
--- a/rules/S127/flex/metadata.json
+++ b/rules/S127/flex/metadata.json
@@ -1,5 +1,3 @@
{
- "tags": [],
- "status": "deprecated",
- "defaultQualityProfiles": []
-}
\ No newline at end of file
+
+}
diff --git a/rules/S128/flex/metadata.json b/rules/S128/flex/metadata.json
index ba46fb6f078..17971333806 100644
--- a/rules/S128/flex/metadata.json
+++ b/rules/S128/flex/metadata.json
@@ -1,5 +1,3 @@
{
- "tags": [],
- "status": "deprecated",
- "defaultQualityProfiles": []
-}
\ No newline at end of file
+
+}
diff --git a/rules/S129/flex/metadata.json b/rules/S129/flex/metadata.json
index 8dbed37b98c..17971333806 100644
--- a/rules/S129/flex/metadata.json
+++ b/rules/S129/flex/metadata.json
@@ -1,10 +1,3 @@
{
- "tags": [],
- "status": "deprecated",
- "defaultQualityProfiles": [],
- "quickfix": "unknown",
- "remediation": {
- "func": "Constant\/Issue",
- "constantCost": "10min"
- }
+
}
diff --git a/rules/S1291/javascript/metadata.json b/rules/S1291/javascript/metadata.json
new file mode 100644
index 00000000000..7a73a41bfdf
--- /dev/null
+++ b/rules/S1291/javascript/metadata.json
@@ -0,0 +1,2 @@
+{
+}
\ No newline at end of file
diff --git a/rules/S1291/javascript/rule.adoc b/rules/S1291/javascript/rule.adoc
new file mode 100644
index 00000000000..fe598e7f71a
--- /dev/null
+++ b/rules/S1291/javascript/rule.adoc
@@ -0,0 +1,17 @@
+include::../rule.adoc[]
+
+ifdef::env-github,rspecator-view[]
+
+'''
+== Implementation Specification
+(visible only on this page)
+
+include::../message.adoc[]
+
+'''
+== Comments And Links
+(visible only on this page)
+
+include::../comments-and-links.adoc[]
+
+endif::env-github,rspecator-view[]
diff --git a/rules/S1301/flex/metadata.json b/rules/S1301/flex/metadata.json
index ba46fb6f078..17971333806 100644
--- a/rules/S1301/flex/metadata.json
+++ b/rules/S1301/flex/metadata.json
@@ -1,5 +1,3 @@
{
- "tags": [],
- "status": "deprecated",
- "defaultQualityProfiles": []
-}
\ No newline at end of file
+
+}
diff --git a/rules/S131/flex/metadata.json b/rules/S131/flex/metadata.json
index ba46fb6f078..17971333806 100644
--- a/rules/S131/flex/metadata.json
+++ b/rules/S131/flex/metadata.json
@@ -1,5 +1,3 @@
{
- "tags": [],
- "status": "deprecated",
- "defaultQualityProfiles": []
-}
\ No newline at end of file
+
+}
diff --git a/rules/S1311/flex/metadata.json b/rules/S1311/flex/metadata.json
index ba46fb6f078..17971333806 100644
--- a/rules/S1311/flex/metadata.json
+++ b/rules/S1311/flex/metadata.json
@@ -1,5 +1,3 @@
{
- "tags": [],
- "status": "deprecated",
- "defaultQualityProfiles": []
-}
\ No newline at end of file
+
+}
diff --git a/rules/S1312/flex/metadata.json b/rules/S1312/flex/metadata.json
index 9370c045903..0952bf4849b 100644
--- a/rules/S1312/flex/metadata.json
+++ b/rules/S1312/flex/metadata.json
@@ -1,6 +1,3 @@
{
- "title": "Loggers should be \"private static const\" and should share naming convention",
- "tags": [],
- "status": "deprecated",
- "defaultQualityProfiles": []
-}
\ No newline at end of file
+ "title": "Loggers should be \"private static const\" and should share naming convention"
+}
diff --git a/rules/S1314/flex/metadata.json b/rules/S1314/flex/metadata.json
index ba46fb6f078..17971333806 100644
--- a/rules/S1314/flex/metadata.json
+++ b/rules/S1314/flex/metadata.json
@@ -1,5 +1,3 @@
{
- "tags": [],
- "status": "deprecated",
- "defaultQualityProfiles": []
-}
\ No newline at end of file
+
+}
diff --git a/rules/S1320/flex/metadata.json b/rules/S1320/flex/metadata.json
index b5b511d2e4c..876a19421ce 100644
--- a/rules/S1320/flex/metadata.json
+++ b/rules/S1320/flex/metadata.json
@@ -7,14 +7,18 @@
},
"attribute": "CONVENTIONAL"
},
- "status": "deprecated",
+ "status": "ready",
"remediation": {
- "func": "Constant/Issue",
+ "func": "Constant\/Issue",
"constantCost": "2min"
},
- "tags": [],
+ "tags": [
+ "obsolete"
+ ],
"extra": {
- "replacementRules": [],
+ "replacementRules": [
+
+ ],
"legacyKeys": [
"ActionScript2"
]
@@ -23,6 +27,8 @@
"ruleSpecification": "RSPEC-1320",
"sqKey": "ActionScript2",
"scope": "Main",
- "defaultQualityProfiles": [],
+ "defaultQualityProfiles": [
+ "Sonar way"
+ ],
"quickfix": "unknown"
-}
\ No newline at end of file
+}
diff --git a/rules/S1321/flex/metadata.json b/rules/S1321/flex/metadata.json
index 3e1c0922cd7..6ae73f015ff 100644
--- a/rules/S1321/flex/metadata.json
+++ b/rules/S1321/flex/metadata.json
@@ -1,6 +1,6 @@
{
"remediation": {
- "func": "Constant/Issue",
+ "func": "Constant\/Issue",
"constantCost": "5min"
},
"code": {
@@ -10,7 +10,7 @@
"attribute": "CLEAR"
},
"defaultSeverity": "Major",
- "defaultQualityProfiles": [],
- "tags": [],
- "status": "deprecated"
-}
\ No newline at end of file
+ "defaultQualityProfiles": [
+ "Sonar way"
+ ]
+}
diff --git a/rules/S134/flex/metadata.json b/rules/S134/flex/metadata.json
index 85807aedad5..821cb431616 100644
--- a/rules/S134/flex/metadata.json
+++ b/rules/S134/flex/metadata.json
@@ -1,6 +1,3 @@
{
- "title": "Control flow statements \"if\", \"for\", \"while\" and \"switch\" should not be nested too deeply",
- "tags": [],
- "status": "deprecated",
- "defaultQualityProfiles": []
-}
\ No newline at end of file
+ "title": "Control flow statements \"if\", \"for\", \"while\" and \"switch\" should not be nested too deeply"
+}
diff --git a/rules/S138/flex/metadata.json b/rules/S138/flex/metadata.json
index ba46fb6f078..17971333806 100644
--- a/rules/S138/flex/metadata.json
+++ b/rules/S138/flex/metadata.json
@@ -1,5 +1,3 @@
{
- "tags": [],
- "status": "deprecated",
- "defaultQualityProfiles": []
-}
\ No newline at end of file
+
+}
diff --git a/rules/S140/flex/metadata.json b/rules/S140/flex/metadata.json
index ba46fb6f078..17971333806 100644
--- a/rules/S140/flex/metadata.json
+++ b/rules/S140/flex/metadata.json
@@ -1,5 +1,3 @@
{
- "tags": [],
- "status": "deprecated",
- "defaultQualityProfiles": []
-}
\ No newline at end of file
+
+}
diff --git a/rules/S1434/flex/metadata.json b/rules/S1434/flex/metadata.json
index dd0769375a7..0d733a57178 100644
--- a/rules/S1434/flex/metadata.json
+++ b/rules/S1434/flex/metadata.json
@@ -7,20 +7,28 @@
},
"attribute": "CLEAR"
},
- "status": "deprecated",
+ "status": "ready",
"remediation": {
- "func": "Constant/Issue",
+ "func": "Constant\/Issue",
"constantCost": "20min"
},
- "tags": [],
+ "tags": [
+ "suspicious"
+ ],
"extra": {
- "replacementRules": [],
- "legacyKeys": []
+ "replacementRules": [
+
+ ],
+ "legacyKeys": [
+
+ ]
},
"defaultSeverity": "Critical",
"ruleSpecification": "RSPEC-1434",
"sqKey": "S1434",
"scope": "Main",
- "defaultQualityProfiles": [],
+ "defaultQualityProfiles": [
+ "Sonar way"
+ ],
"quickfix": "unknown"
-}
\ No newline at end of file
+}
diff --git a/rules/S1435/flex/metadata.json b/rules/S1435/flex/metadata.json
index 8f26beb66a2..8b5b06e9f2c 100644
--- a/rules/S1435/flex/metadata.json
+++ b/rules/S1435/flex/metadata.json
@@ -7,20 +7,28 @@
},
"attribute": "CLEAR"
},
- "status": "deprecated",
+ "status": "ready",
"remediation": {
- "func": "Constant/Issue",
+ "func": "Constant\/Issue",
"constantCost": "10min"
},
- "tags": [],
+ "tags": [
+ "unpredictable"
+ ],
"extra": {
- "replacementRules": [],
- "legacyKeys": []
+ "replacementRules": [
+
+ ],
+ "legacyKeys": [
+
+ ]
},
"defaultSeverity": "Critical",
"ruleSpecification": "RSPEC-1435",
"sqKey": "S1435",
"scope": "Main",
- "defaultQualityProfiles": [],
+ "defaultQualityProfiles": [
+ "Sonar way"
+ ],
"quickfix": "unknown"
-}
\ No newline at end of file
+}
diff --git a/rules/S1438/flex/metadata.json b/rules/S1438/flex/metadata.json
index ba46fb6f078..17971333806 100644
--- a/rules/S1438/flex/metadata.json
+++ b/rules/S1438/flex/metadata.json
@@ -1,5 +1,3 @@
{
- "tags": [],
- "status": "deprecated",
- "defaultQualityProfiles": []
-}
\ No newline at end of file
+
+}
diff --git a/rules/S1439/flex/metadata.json b/rules/S1439/flex/metadata.json
index ba46fb6f078..17971333806 100644
--- a/rules/S1439/flex/metadata.json
+++ b/rules/S1439/flex/metadata.json
@@ -1,5 +1,3 @@
{
- "tags": [],
- "status": "deprecated",
- "defaultQualityProfiles": []
-}
\ No newline at end of file
+
+}
diff --git a/rules/S1440/flex/metadata.json b/rules/S1440/flex/metadata.json
index ba46fb6f078..17971333806 100644
--- a/rules/S1440/flex/metadata.json
+++ b/rules/S1440/flex/metadata.json
@@ -1,5 +1,3 @@
{
- "tags": [],
- "status": "deprecated",
- "defaultQualityProfiles": []
-}
\ No newline at end of file
+
+}
diff --git a/rules/S1441/javascript/metadata.json b/rules/S1441/javascript/metadata.json
index bba5a881001..d2f11a40997 100644
--- a/rules/S1441/javascript/metadata.json
+++ b/rules/S1441/javascript/metadata.json
@@ -13,7 +13,7 @@
"SingleQuote"
]
},
- "defaultSeverity": "Minor",
+ "defaultSeverity": "Major",
"ruleSpecification": "RSPEC-1441",
"sqKey": "S1441",
"scope": "Main",
diff --git a/rules/S1442/flex/metadata.json b/rules/S1442/flex/metadata.json
index 50993172b07..ea768325199 100644
--- a/rules/S1442/flex/metadata.json
+++ b/rules/S1442/flex/metadata.json
@@ -1,6 +1,3 @@
{
- "title": "\"Alert.show(...)\" should not be used",
- "tags": [],
- "status": "deprecated",
- "defaultQualityProfiles": []
-}
\ No newline at end of file
+ "title": "\"Alert.show(...)\" should not be used"
+}
diff --git a/rules/S1444/flex/metadata.json b/rules/S1444/flex/metadata.json
index ba46fb6f078..17971333806 100644
--- a/rules/S1444/flex/metadata.json
+++ b/rules/S1444/flex/metadata.json
@@ -1,5 +1,3 @@
{
- "tags": [],
- "status": "deprecated",
- "defaultQualityProfiles": []
-}
\ No newline at end of file
+
+}
diff --git a/rules/S1445/flex/metadata.json b/rules/S1445/flex/metadata.json
index b5a79fe3626..ba62c456635 100644
--- a/rules/S1445/flex/metadata.json
+++ b/rules/S1445/flex/metadata.json
@@ -7,20 +7,28 @@
},
"attribute": "CLEAR"
},
- "status": "deprecated",
+ "status": "ready",
"remediation": {
- "func": "Constant/Issue",
+ "func": "Constant\/Issue",
"constantCost": "5min"
},
- "tags": [],
+ "tags": [
+ "confusing"
+ ],
"extra": {
- "replacementRules": [],
- "legacyKeys": []
+ "replacementRules": [
+
+ ],
+ "legacyKeys": [
+
+ ]
},
"defaultSeverity": "Minor",
"ruleSpecification": "RSPEC-1445",
"sqKey": "S1445",
"scope": "Main",
- "defaultQualityProfiles": [],
+ "defaultQualityProfiles": [
+ "Sonar way"
+ ],
"quickfix": "unknown"
-}
\ No newline at end of file
+}
diff --git a/rules/S1446/flex/metadata.json b/rules/S1446/flex/metadata.json
index 72ca59c3686..1c403858faa 100644
--- a/rules/S1446/flex/metadata.json
+++ b/rules/S1446/flex/metadata.json
@@ -7,20 +7,28 @@
},
"attribute": "CLEAR"
},
- "status": "deprecated",
+ "status": "ready",
"remediation": {
"func": "Constant\/Issue",
"constantCost": "30min"
},
- "tags": [],
+ "tags": [
+ "pitfall"
+ ],
"extra": {
- "replacementRules": [],
- "legacyKeys": []
+ "replacementRules": [
+
+ ],
+ "legacyKeys": [
+
+ ]
},
"defaultSeverity": "Blocker",
"ruleSpecification": "RSPEC-1446",
"sqKey": "S1446",
"scope": "Main",
- "defaultQualityProfiles": [],
+ "defaultQualityProfiles": [
+ "Sonar way"
+ ],
"quickfix": "unknown"
}
diff --git a/rules/S1447/flex/metadata.json b/rules/S1447/flex/metadata.json
index 8fecc0e388f..9a726902b79 100644
--- a/rules/S1447/flex/metadata.json
+++ b/rules/S1447/flex/metadata.json
@@ -7,20 +7,28 @@
},
"attribute": "EFFICIENT"
},
- "status": "deprecated",
+ "status": "ready",
"remediation": {
- "func": "Constant/Issue",
+ "func": "Constant\/Issue",
"constantCost": "5min"
},
- "tags": [],
+ "tags": [
+ "performance"
+ ],
"extra": {
- "replacementRules": [],
- "legacyKeys": []
+ "replacementRules": [
+
+ ],
+ "legacyKeys": [
+
+ ]
},
"defaultSeverity": "Major",
"ruleSpecification": "RSPEC-1447",
"sqKey": "S1447",
"scope": "Main",
- "defaultQualityProfiles": [],
+ "defaultQualityProfiles": [
+ "Sonar way"
+ ],
"quickfix": "unknown"
-}
\ No newline at end of file
+}
diff --git a/rules/S1448/flex/metadata.json b/rules/S1448/flex/metadata.json
index ba46fb6f078..17971333806 100644
--- a/rules/S1448/flex/metadata.json
+++ b/rules/S1448/flex/metadata.json
@@ -1,5 +1,3 @@
{
- "tags": [],
- "status": "deprecated",
- "defaultQualityProfiles": []
-}
\ No newline at end of file
+
+}
diff --git a/rules/S1451/flex/metadata.json b/rules/S1451/flex/metadata.json
index ba46fb6f078..17971333806 100644
--- a/rules/S1451/flex/metadata.json
+++ b/rules/S1451/flex/metadata.json
@@ -1,5 +1,3 @@
{
- "tags": [],
- "status": "deprecated",
- "defaultQualityProfiles": []
-}
\ No newline at end of file
+
+}
diff --git a/rules/S1454/flex/metadata.json b/rules/S1454/flex/metadata.json
index 34e134145a6..853ee0ef614 100644
--- a/rules/S1454/flex/metadata.json
+++ b/rules/S1454/flex/metadata.json
@@ -3,20 +3,26 @@
"type": "BUG",
"status": "deprecated",
"remediation": {
- "func": "Constant/Issue",
+ "func": "Constant\/Issue",
"constantCost": "2min"
},
- "tags": [],
+ "tags": [
+
+ ],
"extra": {
"replacementRules": [
"RSPEC-881"
],
- "legacyKeys": []
+ "legacyKeys": [
+
+ ]
},
"defaultSeverity": "Major",
"ruleSpecification": "RSPEC-1454",
"sqKey": "S1454",
"scope": "Main",
- "defaultQualityProfiles": [],
+ "defaultQualityProfiles": [
+
+ ],
"quickfix": "unknown"
-}
\ No newline at end of file
+}
diff --git a/rules/S1455/flex/metadata.json b/rules/S1455/flex/metadata.json
index 6a3b5c59252..fea3d2bd18f 100644
--- a/rules/S1455/flex/metadata.json
+++ b/rules/S1455/flex/metadata.json
@@ -7,20 +7,28 @@
},
"attribute": "CONVENTIONAL"
},
- "status": "deprecated",
+ "status": "ready",
"remediation": {
- "func": "Constant/Issue",
+ "func": "Constant\/Issue",
"constantCost": "5min"
},
- "tags": [],
+ "tags": [
+ "obsolete"
+ ],
"extra": {
- "replacementRules": [],
- "legacyKeys": []
+ "replacementRules": [
+
+ ],
+ "legacyKeys": [
+
+ ]
},
"defaultSeverity": "Minor",
"ruleSpecification": "RSPEC-1455",
"sqKey": "S1455",
"scope": "Main",
- "defaultQualityProfiles": [],
+ "defaultQualityProfiles": [
+ "Sonar way"
+ ],
"quickfix": "unknown"
-}
\ No newline at end of file
+}
diff --git a/rules/S1462/flex/metadata.json b/rules/S1462/flex/metadata.json
index 195ad71cd84..8c2bccc202e 100644
--- a/rules/S1462/flex/metadata.json
+++ b/rules/S1462/flex/metadata.json
@@ -7,20 +7,28 @@
},
"attribute": "MODULAR"
},
- "status": "deprecated",
+ "status": "ready",
"remediation": {
- "func": "Constant/Issue",
+ "func": "Constant\/Issue",
"constantCost": "5min"
},
- "tags": [],
+ "tags": [
+ "design"
+ ],
"extra": {
- "replacementRules": [],
- "legacyKeys": []
+ "replacementRules": [
+
+ ],
+ "legacyKeys": [
+
+ ]
},
"defaultSeverity": "Critical",
"ruleSpecification": "RSPEC-1462",
"sqKey": "S1462",
"scope": "Main",
- "defaultQualityProfiles": [],
+ "defaultQualityProfiles": [
+ "Sonar way"
+ ],
"quickfix": "unknown"
-}
\ No newline at end of file
+}
diff --git a/rules/S1463/flex/metadata.json b/rules/S1463/flex/metadata.json
index e4a470935d0..58c73b75588 100644
--- a/rules/S1463/flex/metadata.json
+++ b/rules/S1463/flex/metadata.json
@@ -7,20 +7,28 @@
},
"attribute": "CONVENTIONAL"
},
- "status": "deprecated",
+ "status": "ready",
"remediation": {
- "func": "Constant/Issue",
+ "func": "Constant\/Issue",
"constantCost": "5min"
},
- "tags": [],
+ "tags": [
+ "design"
+ ],
"extra": {
- "replacementRules": [],
- "legacyKeys": []
+ "replacementRules": [
+
+ ],
+ "legacyKeys": [
+
+ ]
},
"defaultSeverity": "Critical",
"ruleSpecification": "RSPEC-1463",
"sqKey": "S1463",
"scope": "Main",
- "defaultQualityProfiles": [],
+ "defaultQualityProfiles": [
+ "Sonar way"
+ ],
"quickfix": "unknown"
-}
\ No newline at end of file
+}
diff --git a/rules/S1464/flex/metadata.json b/rules/S1464/flex/metadata.json
index 90b35ae05d4..d2553bfb1b4 100644
--- a/rules/S1464/flex/metadata.json
+++ b/rules/S1464/flex/metadata.json
@@ -7,20 +7,28 @@
},
"attribute": "CONVENTIONAL"
},
- "status": "deprecated",
+ "status": "ready",
"remediation": {
- "func": "Constant/Issue",
+ "func": "Constant\/Issue",
"constantCost": "5min"
},
- "tags": [],
+ "tags": [
+
+ ],
"extra": {
- "replacementRules": [],
- "legacyKeys": []
+ "replacementRules": [
+
+ ],
+ "legacyKeys": [
+
+ ]
},
"defaultSeverity": "Major",
"ruleSpecification": "RSPEC-1464",
"sqKey": "S1464",
"scope": "Main",
- "defaultQualityProfiles": [],
+ "defaultQualityProfiles": [
+ "Sonar way"
+ ],
"quickfix": "unknown"
-}
\ No newline at end of file
+}
diff --git a/rules/S1465/flex/metadata.json b/rules/S1465/flex/metadata.json
index b46717f6df9..68ddba4d1d8 100644
--- a/rules/S1465/flex/metadata.json
+++ b/rules/S1465/flex/metadata.json
@@ -7,20 +7,28 @@
},
"attribute": "COMPLETE"
},
- "status": "deprecated",
+ "status": "ready",
"remediation": {
- "func": "Constant/Issue",
+ "func": "Constant\/Issue",
"constantCost": "10min"
},
- "tags": [],
+ "tags": [
+
+ ],
"extra": {
- "replacementRules": [],
- "legacyKeys": []
+ "replacementRules": [
+
+ ],
+ "legacyKeys": [
+
+ ]
},
"defaultSeverity": "Critical",
"ruleSpecification": "RSPEC-1465",
"sqKey": "S1465",
"scope": "Main",
- "defaultQualityProfiles": [],
+ "defaultQualityProfiles": [
+ "Sonar way"
+ ],
"quickfix": "unknown"
-}
\ No newline at end of file
+}
diff --git a/rules/S1466/flex/metadata.json b/rules/S1466/flex/metadata.json
index dc5917a5e27..a2e57dca169 100644
--- a/rules/S1466/flex/metadata.json
+++ b/rules/S1466/flex/metadata.json
@@ -7,20 +7,28 @@
},
"attribute": "COMPLETE"
},
- "status": "deprecated",
+ "status": "ready",
"remediation": {
"func": "Constant\/Issue",
"constantCost": "10min"
},
- "tags": [],
+ "tags": [
+
+ ],
"extra": {
- "replacementRules": [],
- "legacyKeys": []
+ "replacementRules": [
+
+ ],
+ "legacyKeys": [
+
+ ]
},
"defaultSeverity": "Blocker",
"ruleSpecification": "RSPEC-1466",
"sqKey": "S1466",
"scope": "Main",
- "defaultQualityProfiles": [],
+ "defaultQualityProfiles": [
+ "Sonar way"
+ ],
"quickfix": "unknown"
}
diff --git a/rules/S1467/flex/metadata.json b/rules/S1467/flex/metadata.json
index 8a1fe3c207c..0b20068d286 100644
--- a/rules/S1467/flex/metadata.json
+++ b/rules/S1467/flex/metadata.json
@@ -7,20 +7,28 @@
},
"attribute": "LOGICAL"
},
- "status": "deprecated",
+ "status": "ready",
"remediation": {
- "func": "Constant/Issue",
+ "func": "Constant\/Issue",
"constantCost": "10min"
},
- "tags": [],
+ "tags": [
+
+ ],
"extra": {
- "replacementRules": [],
- "legacyKeys": []
+ "replacementRules": [
+
+ ],
+ "legacyKeys": [
+
+ ]
},
"defaultSeverity": "Major",
"ruleSpecification": "RSPEC-1467",
"sqKey": "S1467",
"scope": "Main",
- "defaultQualityProfiles": [],
+ "defaultQualityProfiles": [
+ "Sonar way"
+ ],
"quickfix": "unknown"
-}
\ No newline at end of file
+}
diff --git a/rules/S1468/flex/metadata.json b/rules/S1468/flex/metadata.json
index dccff6f0b6a..3e74ade2cfb 100644
--- a/rules/S1468/flex/metadata.json
+++ b/rules/S1468/flex/metadata.json
@@ -7,20 +7,28 @@
},
"attribute": "COMPLETE"
},
- "status": "deprecated",
+ "status": "ready",
"remediation": {
"func": "Constant\/Issue",
"constantCost": "10min"
},
- "tags": [],
+ "tags": [
+
+ ],
"extra": {
- "replacementRules": [],
- "legacyKeys": []
+ "replacementRules": [
+
+ ],
+ "legacyKeys": [
+
+ ]
},
"defaultSeverity": "Blocker",
"ruleSpecification": "RSPEC-1468",
"sqKey": "S1468",
"scope": "Main",
- "defaultQualityProfiles": [],
+ "defaultQualityProfiles": [
+ "Sonar way"
+ ],
"quickfix": "unknown"
}
diff --git a/rules/S1469/flex/metadata.json b/rules/S1469/flex/metadata.json
index 705baca0940..883881886fd 100644
--- a/rules/S1469/flex/metadata.json
+++ b/rules/S1469/flex/metadata.json
@@ -7,20 +7,28 @@
},
"attribute": "CONVENTIONAL"
},
- "status": "deprecated",
+ "status": "ready",
"remediation": {
"func": "Constant\/Issue",
"constantCost": "5min"
},
- "tags": [],
+ "tags": [
+ "pitfall"
+ ],
"extra": {
- "replacementRules": [],
- "legacyKeys": []
+ "replacementRules": [
+
+ ],
+ "legacyKeys": [
+
+ ]
},
"defaultSeverity": "Blocker",
"ruleSpecification": "RSPEC-1469",
"sqKey": "S1469",
"scope": "Main",
- "defaultQualityProfiles": [],
+ "defaultQualityProfiles": [
+
+ ],
"quickfix": "unknown"
}
diff --git a/rules/S1470/flex/metadata.json b/rules/S1470/flex/metadata.json
index 95b69c978d8..9b38d309a38 100644
--- a/rules/S1470/flex/metadata.json
+++ b/rules/S1470/flex/metadata.json
@@ -7,20 +7,28 @@
},
"attribute": "LOGICAL"
},
- "status": "deprecated",
+ "status": "ready",
"remediation": {
- "func": "Constant/Issue",
+ "func": "Constant\/Issue",
"constantCost": "5min"
},
- "tags": [],
+ "tags": [
+
+ ],
"extra": {
- "replacementRules": [],
- "legacyKeys": []
+ "replacementRules": [
+
+ ],
+ "legacyKeys": [
+
+ ]
},
"defaultSeverity": "Major",
"ruleSpecification": "RSPEC-1470",
"sqKey": "S1470",
"scope": "Main",
- "defaultQualityProfiles": [],
+ "defaultQualityProfiles": [
+ "Sonar way"
+ ],
"quickfix": "unknown"
-}
\ No newline at end of file
+}
diff --git a/rules/S1472/flex/metadata.json b/rules/S1472/flex/metadata.json
index ba46fb6f078..17971333806 100644
--- a/rules/S1472/flex/metadata.json
+++ b/rules/S1472/flex/metadata.json
@@ -1,5 +1,3 @@
{
- "tags": [],
- "status": "deprecated",
- "defaultQualityProfiles": []
-}
\ No newline at end of file
+
+}
diff --git a/rules/S1477/flex/metadata.json b/rules/S1477/flex/metadata.json
index ba46fb6f078..17971333806 100644
--- a/rules/S1477/flex/metadata.json
+++ b/rules/S1477/flex/metadata.json
@@ -1,5 +1,3 @@
{
- "tags": [],
- "status": "deprecated",
- "defaultQualityProfiles": []
-}
\ No newline at end of file
+
+}
diff --git a/rules/S1481/flex/metadata.json b/rules/S1481/flex/metadata.json
index ba46fb6f078..17971333806 100644
--- a/rules/S1481/flex/metadata.json
+++ b/rules/S1481/flex/metadata.json
@@ -1,5 +1,3 @@
{
- "tags": [],
- "status": "deprecated",
- "defaultQualityProfiles": []
-}
\ No newline at end of file
+
+}
diff --git a/rules/S1482/flex/metadata.json b/rules/S1482/flex/metadata.json
index ba46fb6f078..17971333806 100644
--- a/rules/S1482/flex/metadata.json
+++ b/rules/S1482/flex/metadata.json
@@ -1,5 +1,3 @@
{
- "tags": [],
- "status": "deprecated",
- "defaultQualityProfiles": []
-}
\ No newline at end of file
+
+}
diff --git a/rules/S1483/flex/metadata.json b/rules/S1483/flex/metadata.json
index ba46fb6f078..17971333806 100644
--- a/rules/S1483/flex/metadata.json
+++ b/rules/S1483/flex/metadata.json
@@ -1,5 +1,3 @@
{
- "tags": [],
- "status": "deprecated",
- "defaultQualityProfiles": []
-}
\ No newline at end of file
+
+}
diff --git a/rules/S1484/flex/metadata.json b/rules/S1484/flex/metadata.json
index ba46fb6f078..17971333806 100644
--- a/rules/S1484/flex/metadata.json
+++ b/rules/S1484/flex/metadata.json
@@ -1,5 +1,3 @@
{
- "tags": [],
- "status": "deprecated",
- "defaultQualityProfiles": []
-}
\ No newline at end of file
+
+}
diff --git a/rules/S1541/flex/metadata.json b/rules/S1541/flex/metadata.json
index ba46fb6f078..17971333806 100644
--- a/rules/S1541/flex/metadata.json
+++ b/rules/S1541/flex/metadata.json
@@ -1,5 +1,3 @@
{
- "tags": [],
- "status": "deprecated",
- "defaultQualityProfiles": []
-}
\ No newline at end of file
+
+}
diff --git a/rules/S1606/flex/metadata.json b/rules/S1606/flex/metadata.json
index ba46fb6f078..17971333806 100644
--- a/rules/S1606/flex/metadata.json
+++ b/rules/S1606/flex/metadata.json
@@ -1,5 +1,3 @@
{
- "tags": [],
- "status": "deprecated",
- "defaultQualityProfiles": []
-}
\ No newline at end of file
+
+}
diff --git a/rules/S1612/java/metadata.json b/rules/S1612/java/metadata.json
index 360d4dc1261..6582e86c89d 100644
--- a/rules/S1612/java/metadata.json
+++ b/rules/S1612/java/metadata.json
@@ -22,7 +22,7 @@
"defaultSeverity": "Minor",
"ruleSpecification": "RSPEC-1612",
"sqKey": "S1612",
- "scope": "Main",
+ "scope": "All",
"defaultQualityProfiles": [
"Sonar way"
],
diff --git a/rules/S1612/java/rule.adoc b/rules/S1612/java/rule.adoc
index 55e442fe390..e5c60ee2693 100644
--- a/rules/S1612/java/rule.adoc
+++ b/rules/S1612/java/rule.adoc
@@ -82,6 +82,9 @@ Replace this lambda with a method reference. [(sonar.java.source not set. Assumi
== Comments And Links
(visible only on this page)
+=== on 21 Nov 2024, 16:48:00 Alban Auzeill wrote:
+[test-code-support-investigation-for-java] Decision for scope: Main -> All.
+
=== is duplicated by: S2212
=== on 26 Feb 2014, 12:19:41 Freddy Mallet wrote:
diff --git a/rules/S1640/java/metadata.json b/rules/S1640/java/metadata.json
index 79f5708d63d..3e646b99df2 100644
--- a/rules/S1640/java/metadata.json
+++ b/rules/S1640/java/metadata.json
@@ -22,7 +22,7 @@
"defaultSeverity": "Minor",
"ruleSpecification": "RSPEC-1640",
"sqKey": "S1640",
- "scope": "Main",
+ "scope": "All",
"defaultQualityProfiles": [
"Sonar way"
],
diff --git a/rules/S1640/java/rule.adoc b/rules/S1640/java/rule.adoc
index 1c2d505d0e5..bfeecbb03b2 100644
--- a/rules/S1640/java/rule.adoc
+++ b/rules/S1640/java/rule.adoc
@@ -40,5 +40,11 @@ ifdef::env-github,rspecator-view[]
Convert this Map to an EnumMap.
+'''
+== Comments And Links
+(visible only on this page)
+
+=== on 21 Nov 2024, 16:48:00 Alban Auzeill wrote:
+[test-code-support-investigation-for-java] Decision for scope: Main -> All. Value is limited in test code as it is a performance rule, but the rule helps developers to learn about new cool trick
endif::env-github,rspecator-view[]
diff --git a/rules/S1643/java/metadata.json b/rules/S1643/java/metadata.json
index 17971333806..9dbbef5a6c0 100644
--- a/rules/S1643/java/metadata.json
+++ b/rules/S1643/java/metadata.json
@@ -1,3 +1,3 @@
{
-
+ "scope": "All"
}
diff --git a/rules/S1643/java/rule.adoc b/rules/S1643/java/rule.adoc
index 94e73b5b5db..8deafcba613 100644
--- a/rules/S1643/java/rule.adoc
+++ b/rules/S1643/java/rule.adoc
@@ -38,6 +38,9 @@ include::../message.adoc[]
== Comments And Links
(visible only on this page)
+=== on 21 Nov 2024, 16:48:00 Alban Auzeill wrote:
+[test-code-support-investigation-for-java] Decision for scope: Main -> All.
+
include::../comments-and-links.adoc[]
endif::env-github,rspecator-view[]
diff --git a/rules/S1656/java/metadata.json b/rules/S1656/java/metadata.json
index 527163274d7..f8901fc8149 100644
--- a/rules/S1656/java/metadata.json
+++ b/rules/S1656/java/metadata.json
@@ -8,5 +8,5 @@
]
},
"quickfix": "partial",
- "scope": "Main"
+ "scope": "All"
}
diff --git a/rules/S1656/java/rule.adoc b/rules/S1656/java/rule.adoc
index 3aebca73320..bb9aa0cfd0a 100644
--- a/rules/S1656/java/rule.adoc
+++ b/rules/S1656/java/rule.adoc
@@ -22,6 +22,9 @@ include::../message.adoc[]
== Comments And Links
(visible only on this page)
+=== on 21 Nov 2024, 16:48:00 Alban Auzeill wrote:
+[test-code-support-investigation-for-java] Decision for scope: Main -> All. FP does not seem to be related to test vs main.
+
include::../comments-and-links.adoc[]
endif::env-github,rspecator-view[]
diff --git a/rules/S1659/java/rule.adoc b/rules/S1659/java/rule.adoc
index c45aa2aaf53..654d97e9f99 100644
--- a/rules/S1659/java/rule.adoc
+++ b/rules/S1659/java/rule.adoc
@@ -49,6 +49,9 @@ include::../message.adoc[]
== Comments And Links
(visible only on this page)
+=== on 21 Nov 2024, 16:48:00 Alban Auzeill wrote:
+[test-code-support-investigation-for-java] Decision for scope: Keep 'Main'. Usage exists more on test code.
+
include::../comments-and-links.adoc[]
endif::env-github,rspecator-view[]
diff --git a/rules/S1677/flex/metadata.json b/rules/S1677/flex/metadata.json
index 72ef4ac9a33..17971333806 100644
--- a/rules/S1677/flex/metadata.json
+++ b/rules/S1677/flex/metadata.json
@@ -1,6 +1,3 @@
{
- "tags": [],
- "status": "deprecated",
- "defaultQualityProfiles": [],
- "quickfix": "unknown"
+
}
diff --git a/rules/S1700/java/rule.adoc b/rules/S1700/java/rule.adoc
index 0162e6c6cc5..26450a79305 100644
--- a/rules/S1700/java/rule.adoc
+++ b/rules/S1700/java/rule.adoc
@@ -32,4 +32,11 @@ ifdef::env-github,rspecator-view[]
include::../message.adoc[]
+'''
+== Comments And Links
+(visible only on this page)
+
+=== on 21 Nov 2024, 16:48:00 Alban Auzeill wrote:
+[test-code-support-investigation-for-java] Decision for scope: Keep 'Main'. This affects a lot code used as test source, like class Foo with method foo. It could be annoying for users.
+
endif::env-github,rspecator-view[]
diff --git a/rules/S1710/java/metadata.json b/rules/S1710/java/metadata.json
index 0e9fe453f9a..54a10ac2f48 100644
--- a/rules/S1710/java/metadata.json
+++ b/rules/S1710/java/metadata.json
@@ -22,7 +22,7 @@
"defaultSeverity": "Minor",
"ruleSpecification": "RSPEC-1710",
"sqKey": "S1710",
- "scope": "Main",
+ "scope": "All",
"defaultQualityProfiles": [
"Sonar way"
],
diff --git a/rules/S1710/java/rule.adoc b/rules/S1710/java/rule.adoc
index 472163be526..5aff845021e 100644
--- a/rules/S1710/java/rule.adoc
+++ b/rules/S1710/java/rule.adoc
@@ -48,5 +48,11 @@ ifdef::env-github,rspecator-view[]
Remove the XXX wrapper from this annotation group. [(sonar.java.source not set. Assuming 8 or greater.)]
+'''
+== Comments And Links
+(visible only on this page)
+
+=== on 21 Nov 2024, 16:48:00 Alban Auzeill wrote:
+[test-code-support-investigation-for-java] Decision for scope: Main -> All.
endif::env-github,rspecator-view[]
diff --git a/rules/S1751/java/metadata.json b/rules/S1751/java/metadata.json
index f4b27f0bb34..9dbbef5a6c0 100644
--- a/rules/S1751/java/metadata.json
+++ b/rules/S1751/java/metadata.json
@@ -1,3 +1,3 @@
{
- "scope": "Main"
+ "scope": "All"
}
diff --git a/rules/S1751/java/rule.adoc b/rules/S1751/java/rule.adoc
index 022eba5199d..f037166c4a6 100644
--- a/rules/S1751/java/rule.adoc
+++ b/rules/S1751/java/rule.adoc
@@ -84,11 +84,12 @@ include::../message.adoc[]
include::../highlighting.adoc[]
'''
-
== Comments And Links
-
(visible only on this page)
+=== on 21 Nov 2024, 16:48:00 Alban Auzeill wrote:
+[test-code-support-investigation-for-java] Decision for scope: Main -> All.
+
include::../comments-and-links.adoc[]
endif::env-github,rspecator-view[]
diff --git a/rules/S1764/java/rule.adoc b/rules/S1764/java/rule.adoc
index c50633964fa..0676fdadd9f 100644
--- a/rules/S1764/java/rule.adoc
+++ b/rules/S1764/java/rule.adoc
@@ -62,6 +62,9 @@ include::../highlighting.adoc[]
== Comments And Links
(visible only on this page)
+=== on 21 Nov 2024, 16:48:00 Alban Auzeill wrote:
+[test-code-support-investigation-for-java] Decision for scope: Keep 'Main'. Tests do this to validate `equals`.
+
=== on 1 Oct 2014, 11:39:51 Nicolas Peru wrote:
Sub task for RSPEC-1764 with updated description for Java, please review.
diff --git a/rules/S1784/flex/metadata.json b/rules/S1784/flex/metadata.json
index ba46fb6f078..17971333806 100644
--- a/rules/S1784/flex/metadata.json
+++ b/rules/S1784/flex/metadata.json
@@ -1,5 +1,3 @@
{
- "tags": [],
- "status": "deprecated",
- "defaultQualityProfiles": []
-}
\ No newline at end of file
+
+}
diff --git a/rules/S1820/cfamily/rule.adoc b/rules/S1820/cfamily/rule.adoc
index c40de3dafa9..61aefd1344f 100644
--- a/rules/S1820/cfamily/rule.adoc
+++ b/rules/S1820/cfamily/rule.adoc
@@ -5,6 +5,8 @@ A structure, such as a ``++struct++``, ``++union++`` or ``++class++`` that grows
Above a specific threshold, it is strongly advised to refactor the structure into smaller ones that focus on well defined topics.
+When computing the number of fields in a structure, consecutive bit-fields are counted as a single field: Bit-fields are commonly used to map external definitions, and the associated complexity only reflects this external system's intrinsic complexity.
+
ifdef::env-github,rspecator-view[]
'''
diff --git a/rules/S1820/flex/metadata.json b/rules/S1820/flex/metadata.json
index ba46fb6f078..17971333806 100644
--- a/rules/S1820/flex/metadata.json
+++ b/rules/S1820/flex/metadata.json
@@ -1,5 +1,3 @@
{
- "tags": [],
- "status": "deprecated",
- "defaultQualityProfiles": []
-}
\ No newline at end of file
+
+}
diff --git a/rules/S1821/flex/metadata.json b/rules/S1821/flex/metadata.json
index ba46fb6f078..17971333806 100644
--- a/rules/S1821/flex/metadata.json
+++ b/rules/S1821/flex/metadata.json
@@ -1,5 +1,3 @@
{
- "tags": [],
- "status": "deprecated",
- "defaultQualityProfiles": []
-}
\ No newline at end of file
+
+}
diff --git a/rules/S1845/java/rule.adoc b/rules/S1845/java/rule.adoc
index fe598e7f71a..33ddc07b283 100644
--- a/rules/S1845/java/rule.adoc
+++ b/rules/S1845/java/rule.adoc
@@ -12,6 +12,9 @@ include::../message.adoc[]
== Comments And Links
(visible only on this page)
+=== on 21 Nov 2024, 16:48:00 Alban Auzeill wrote:
+[test-code-support-investigation-for-java] Decision for scope: Keep 'Main'. Wwe should exclude the case where method and variable have same name and we return the name. if this is already the case we have an FP with method defined in interface and then implemented in the class. Other case instead of returning an atomicLong, we return a long (AtomicLong foo=...; long foo(){...}) also may have problem with project that use all capitalized and all lowecase as convention in their projects to mean something specific"
+
include::../comments-and-links.adoc[]
endif::env-github,rspecator-view[]
diff --git a/rules/S1849/java/metadata.json b/rules/S1849/java/metadata.json
index 1c1f73ffb32..2c6218f2909 100644
--- a/rules/S1849/java/metadata.json
+++ b/rules/S1849/java/metadata.json
@@ -20,7 +20,7 @@
"defaultSeverity": "Major",
"ruleSpecification": "RSPEC-1849",
"sqKey": "S1849",
- "scope": "Main",
+ "scope": "All",
"defaultQualityProfiles": [
"Sonar way"
],
diff --git a/rules/S1849/java/rule.adoc b/rules/S1849/java/rule.adoc
index ca30bc4f52e..b57441cddfc 100644
--- a/rules/S1849/java/rule.adoc
+++ b/rules/S1849/java/rule.adoc
@@ -75,6 +75,9 @@ Refactor the implementation of this "Iterator.hasNext()" method to not call "Ite
== Comments And Links
(visible only on this page)
+=== on 21 Nov 2024, 16:48:00 Alban Auzeill wrote:
+[test-code-support-investigation-for-java] Decision for scope: Main -> All.
+
=== is duplicated by: S2113
endif::env-github,rspecator-view[]
diff --git a/rules/S1858/java/metadata.json b/rules/S1858/java/metadata.json
index e8fd53c77a6..7b876a278f5 100644
--- a/rules/S1858/java/metadata.json
+++ b/rules/S1858/java/metadata.json
@@ -1,4 +1,4 @@
{
"quickfix": "covered",
- "scope": "Main"
+ "scope": "All"
}
diff --git a/rules/S1858/java/rule.adoc b/rules/S1858/java/rule.adoc
index fe598e7f71a..f2b45d5db41 100644
--- a/rules/S1858/java/rule.adoc
+++ b/rules/S1858/java/rule.adoc
@@ -12,6 +12,9 @@ include::../message.adoc[]
== Comments And Links
(visible only on this page)
+=== on 21 Nov 2024, 16:48:00 Alban Auzeill wrote:
+[test-code-support-investigation-for-java] Decision for scope: Main -> All.
+
include::../comments-and-links.adoc[]
endif::env-github,rspecator-view[]
diff --git a/rules/S1860/java/rule.adoc b/rules/S1860/java/rule.adoc
index b9cef865d20..67c324dc31a 100644
--- a/rules/S1860/java/rule.adoc
+++ b/rules/S1860/java/rule.adoc
@@ -122,5 +122,10 @@ Synchronize on a new "Object" instead.
'''
+== Comments And Links
+(visible only on this page)
+
+=== on 21 Nov 2024, 16:48:00 Alban Auzeill wrote:
+[test-code-support-investigation-for-java] Decision for scope: Keep 'Main'. Rule could be improved, FP new Integer(0)
endif::env-github,rspecator-view[]
diff --git a/rules/S1862/java/metadata.json b/rules/S1862/java/metadata.json
index 524eb1174a5..e7aeefe08e7 100644
--- a/rules/S1862/java/metadata.json
+++ b/rules/S1862/java/metadata.json
@@ -9,5 +9,5 @@
"MSC12-C."
]
},
- "scope": "Main"
+ "scope": "All"
}
diff --git a/rules/S1862/java/rule.adoc b/rules/S1862/java/rule.adoc
index 1eb85fb612d..d10cfc5b015 100644
--- a/rules/S1862/java/rule.adoc
+++ b/rules/S1862/java/rule.adoc
@@ -46,6 +46,9 @@ include::../highlighting.adoc[]
== Comments And Links
(visible only on this page)
+=== on 21 Nov 2024, 16:48:00 Alban Auzeill wrote:
+[test-code-support-investigation-for-java] Decision for scope: Main -> All.
+
include::../comments-and-links.adoc[]
endif::env-github,rspecator-view[]
diff --git a/rules/S1871/flex/metadata.json b/rules/S1871/flex/metadata.json
index ba46fb6f078..17971333806 100644
--- a/rules/S1871/flex/metadata.json
+++ b/rules/S1871/flex/metadata.json
@@ -1,5 +1,3 @@
{
- "tags": [],
- "status": "deprecated",
- "defaultQualityProfiles": []
-}
\ No newline at end of file
+
+}
diff --git a/rules/S1871/java/metadata.json b/rules/S1871/java/metadata.json
index 17971333806..9dbbef5a6c0 100644
--- a/rules/S1871/java/metadata.json
+++ b/rules/S1871/java/metadata.json
@@ -1,3 +1,3 @@
{
-
+ "scope": "All"
}
diff --git a/rules/S1871/java/rule.adoc b/rules/S1871/java/rule.adoc
index a158d4adbff..562cf7b1a16 100644
--- a/rules/S1871/java/rule.adoc
+++ b/rules/S1871/java/rule.adoc
@@ -20,6 +20,9 @@ include::../highlighting.adoc[]
== Comments And Links
(visible only on this page)
+=== on 21 Nov 2024, 16:48:00 Alban Auzeill wrote:
+[test-code-support-investigation-for-java] Decision for scope: Main -> All.
+
include::../comments-and-links.adoc[]
endif::env-github,rspecator-view[]
diff --git a/rules/S1872/java/metadata.json b/rules/S1872/java/metadata.json
index 1918aeedbc9..115edb87ac8 100644
--- a/rules/S1872/java/metadata.json
+++ b/rules/S1872/java/metadata.json
@@ -11,5 +11,5 @@
486
]
},
- "scope": "Main"
+ "scope": "All"
}
diff --git a/rules/S1872/java/rule.adoc b/rules/S1872/java/rule.adoc
index 6e052261892..08b90da8b85 100644
--- a/rules/S1872/java/rule.adoc
+++ b/rules/S1872/java/rule.adoc
@@ -74,6 +74,9 @@ Use an ["instanceof"|"isAssignableFrom()"] comparison instead.
== Comments And Links
(visible only on this page)
+=== on 21 Nov 2024, 16:48:00 Alban Auzeill wrote:
+[test-code-support-investigation-for-java] Decision for scope: Main -> All. May have users that want to test only the name.
+
=== on 30 Jul 2014, 21:14:24 Freddy Mallet wrote:
My feedback @Ann:
diff --git a/rules/S1940/java/metadata.json b/rules/S1940/java/metadata.json
index f4b27f0bb34..9dbbef5a6c0 100644
--- a/rules/S1940/java/metadata.json
+++ b/rules/S1940/java/metadata.json
@@ -1,3 +1,3 @@
{
- "scope": "Main"
+ "scope": "All"
}
diff --git a/rules/S1940/java/rule.adoc b/rules/S1940/java/rule.adoc
index fe598e7f71a..f2b45d5db41 100644
--- a/rules/S1940/java/rule.adoc
+++ b/rules/S1940/java/rule.adoc
@@ -12,6 +12,9 @@ include::../message.adoc[]
== Comments And Links
(visible only on this page)
+=== on 21 Nov 2024, 16:48:00 Alban Auzeill wrote:
+[test-code-support-investigation-for-java] Decision for scope: Main -> All.
+
include::../comments-and-links.adoc[]
endif::env-github,rspecator-view[]
diff --git a/rules/S1950/flex/metadata.json b/rules/S1950/flex/metadata.json
index fa08c0a1f43..f698631aa09 100644
--- a/rules/S1950/flex/metadata.json
+++ b/rules/S1950/flex/metadata.json
@@ -3,20 +3,26 @@
"type": "BUG",
"status": "deprecated",
"remediation": {
- "func": "Constant/Issue",
+ "func": "Constant\/Issue",
"constantCost": "15min"
},
- "tags": [],
+ "tags": [
+
+ ],
"extra": {
"replacementRules": [
"RSPEC-1862"
],
- "legacyKeys": []
+ "legacyKeys": [
+
+ ]
},
"defaultSeverity": "Minor",
"ruleSpecification": "RSPEC-1950",
"sqKey": "S1950",
"scope": "Main",
- "defaultQualityProfiles": [],
+ "defaultQualityProfiles": [
+
+ ],
"quickfix": "unknown"
-}
\ No newline at end of file
+}
diff --git a/rules/S1951/flex/metadata.json b/rules/S1951/flex/metadata.json
index 03473d4812c..68ab537a84b 100644
--- a/rules/S1951/flex/metadata.json
+++ b/rules/S1951/flex/metadata.json
@@ -3,20 +3,26 @@
"type": "VULNERABILITY",
"status": "deprecated",
"remediation": {
- "func": "Constant/Issue",
+ "func": "Constant\/Issue",
"constantCost": "2min"
},
- "tags": [],
+ "tags": [
+
+ ],
"extra": {
"replacementRules": [
"RSPEC-4507"
],
- "legacyKeys": []
+ "legacyKeys": [
+
+ ]
},
"defaultSeverity": "Minor",
"ruleSpecification": "RSPEC-1951",
"sqKey": "S1951",
"scope": "Main",
- "defaultQualityProfiles": [],
+ "defaultQualityProfiles": [
+
+ ],
"quickfix": "unknown"
-}
\ No newline at end of file
+}
diff --git a/rules/S1952/flex/metadata.json b/rules/S1952/flex/metadata.json
index ba46fb6f078..17971333806 100644
--- a/rules/S1952/flex/metadata.json
+++ b/rules/S1952/flex/metadata.json
@@ -1,5 +1,3 @@
{
- "tags": [],
- "status": "deprecated",
- "defaultQualityProfiles": []
-}
\ No newline at end of file
+
+}
diff --git a/rules/S1982/flex/metadata.json b/rules/S1982/flex/metadata.json
index c4cd57c6986..e2326f9365c 100644
--- a/rules/S1982/flex/metadata.json
+++ b/rules/S1982/flex/metadata.json
@@ -7,20 +7,28 @@
},
"attribute": "EFFICIENT"
},
- "status": "deprecated",
+ "status": "ready",
"remediation": {
- "func": "Constant/Issue",
+ "func": "Constant\/Issue",
"constantCost": "20min"
},
- "tags": [],
+ "tags": [
+ "performance"
+ ],
"extra": {
- "replacementRules": [],
- "legacyKeys": []
+ "replacementRules": [
+
+ ],
+ "legacyKeys": [
+
+ ]
},
"defaultSeverity": "Minor",
"ruleSpecification": "RSPEC-1982",
"sqKey": "S1982",
"scope": "Main",
- "defaultQualityProfiles": [],
+ "defaultQualityProfiles": [
+
+ ],
"quickfix": "unknown"
-}
\ No newline at end of file
+}
diff --git a/rules/S1994/java/metadata.json b/rules/S1994/java/metadata.json
index f4b27f0bb34..9dbbef5a6c0 100644
--- a/rules/S1994/java/metadata.json
+++ b/rules/S1994/java/metadata.json
@@ -1,3 +1,3 @@
{
- "scope": "Main"
+ "scope": "All"
}
diff --git a/rules/S1994/java/rule.adoc b/rules/S1994/java/rule.adoc
index 9124634b957..798f54e5709 100644
--- a/rules/S1994/java/rule.adoc
+++ b/rules/S1994/java/rule.adoc
@@ -92,6 +92,9 @@ include::../highlighting.adoc[]
== Comments And Links
(visible only on this page)
+=== on 21 Nov 2024, 16:48:00 Alban Auzeill wrote:
+[test-code-support-investigation-for-java] Decision for scope: Main -> All.
+
include::../comments-and-links.adoc[]
endif::env-github,rspecator-view[]
diff --git a/rules/S2068/javascript/metadata.json b/rules/S2068/javascript/metadata.json
index d860fd4691d..721c5ed7fae 100644
--- a/rules/S2068/javascript/metadata.json
+++ b/rules/S2068/javascript/metadata.json
@@ -1,4 +1,5 @@
{
+ "title": "Hard-coded passwords are security-sensitive",
"defaultQualityProfiles": [
"Sonar way"
]
diff --git a/rules/S2068/javascript/rule.adoc b/rules/S2068/javascript/rule.adoc
index 82e8821aa0f..a0e9ffa78e8 100644
--- a/rules/S2068/javascript/rule.adoc
+++ b/rules/S2068/javascript/rule.adoc
@@ -1,16 +1,37 @@
-include::../description.adoc[]
+Because it is easy to extract strings from an application source code or binary, passwords should not be hard-coded. This is particularly true for applications that are distributed or that are open-source.
-include::../ask-yourself.adoc[]
-include::../recommended.adoc[]
+In the past, it has led to the following vulnerabilities:
+
+* http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13466[CVE-2019-13466]
+* http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15389[CVE-2018-15389]
+
+Passwords should be stored outside of the code in a configuration file, a database, or a management service for passwords.
+
+
+This rule flags instances of hard-coded passwords used in database and LDAP connections. It looks for hard-coded passwords in connection strings, and for variable names that match any of the patterns from the provided list.
+
+== Ask Yourself Whether
+
+* Passwords allow access to a sensitive component like a database, a file storage, an API or a service.
+* Passwords are used in production environments.
+* Application re-distribution is required before updating the passwords.
+
+There is a risk if you answered yes to any of those questions.
+
+== Recommended Secure Coding Practices
+
+* Store the passwords in a configuration file that is not pushed to the code repository.
+* Store the passwords in a database.
+* Use your cloud provider's service for managing passwords.
+* If a password has been disclosed through the source code: change it.
== Sensitive Code Example
----
-var mysql = require('mysql');
+const mysql = require('mysql');
-var connection = mysql.createConnection(
-{
+const connection = mysql.createConnection({
host:'localhost',
user: "admin",
database: "project",
@@ -25,9 +46,9 @@ connection.connect();
[source,javascript]
----
-var mysql = require('mysql');
+const mysql = require('mysql');
-var connection = mysql.createConnection({
+const connection = mysql.createConnection({
host: process.env.MYSQL_URL,
user: process.env.MYSQL_USERNAME,
password: process.env.MYSQL_PASSWORD,
@@ -36,7 +57,13 @@ var connection = mysql.createConnection({
connection.connect();
----
-include::../see.adoc[]
+== See
+
+* OWASP - https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures/[Top 10 2021 Category A7 - Identification and Authentication Failures]
+* OWASP - https://owasp.org/www-project-top-ten/2017/A2_2017-Broken_Authentication[Top 10 2017 Category A2 - Broken Authentication]
+* CWE - https://cwe.mitre.org/data/definitions/259[CWE-259 - Use of Hard-coded Password]
+* Derived from FindSecBugs rule https://h3xstream.github.io/find-sec-bugs/bugs.htm#HARD_CODE_PASSWORD[Hard Coded Password]
+
ifdef::env-github,rspecator-view[]
@@ -44,9 +71,23 @@ ifdef::env-github,rspecator-view[]
== Implementation Specification
(visible only on this page)
-include::../message.adoc[]
+=== Message
+
+Review this potentially hard-coded password.
+
+
+=== Parameters
+
+.passwordWords
+****
+
+----
+password, passwd, pwd, passphrase
+----
+
+Comma separated list of words identifying potential password
+****
-include::../parameters.adoc[]
'''
== Comments And Links
diff --git a/rules/S2077/vbnet/rule.adoc b/rules/S2077/vbnet/rule.adoc
index da2cc278287..d0d15b7c961 100644
--- a/rules/S2077/vbnet/rule.adoc
+++ b/rules/S2077/vbnet/rule.adoc
@@ -1,4 +1,4 @@
-include::../description.adoc[]
+Formatted SQL queries can be difficult to maintain, debug and can increase the risk of SQL injection when concatenating untrusted values into the query. However, this rule doesn't detect SQL injections, the goal is only to highlight complex/formatted queries.
include::../ask-yourself.adoc[]
diff --git a/rules/S2093/java/metadata.json b/rules/S2093/java/metadata.json
index 57073693887..f291ebd08cd 100644
--- a/rules/S2093/java/metadata.json
+++ b/rules/S2093/java/metadata.json
@@ -20,7 +20,7 @@
"defaultSeverity": "Critical",
"ruleSpecification": "RSPEC-2093",
"sqKey": "S2093",
- "scope": "Main",
+ "scope": "All",
"securityStandards": {
"CERT": [
"ERR54-J."
diff --git a/rules/S2093/java/rule.adoc b/rules/S2093/java/rule.adoc
index 937f7c5cdcd..97596a5d823 100644
--- a/rules/S2093/java/rule.adoc
+++ b/rules/S2093/java/rule.adoc
@@ -101,6 +101,9 @@ Change this "try" to a try-with-resources.
== Comments And Links
(visible only on this page)
+=== on 21 Nov 2024, 16:48:00 Alban Auzeill wrote:
+[test-code-support-investigation-for-java] Decision for scope: Main -> All. It's important to close resources during tests.
+
=== on 12 Oct 2014, 18:26:26 Freddy Mallet wrote:
Minor point @Ann but I would associate the tag 'bug' to this rule.
diff --git a/rules/S2130/java/metadata.json b/rules/S2130/java/metadata.json
index 313b80d0718..092415f6336 100644
--- a/rules/S2130/java/metadata.json
+++ b/rules/S2130/java/metadata.json
@@ -22,7 +22,7 @@
"defaultSeverity": "Minor",
"ruleSpecification": "RSPEC-2130",
"sqKey": "S2130",
- "scope": "Main",
+ "scope": "All",
"defaultQualityProfiles": [
"Sonar way"
],
diff --git a/rules/S2130/java/rule.adoc b/rules/S2130/java/rule.adoc
index 842addc6f03..2efc72652b3 100644
--- a/rules/S2130/java/rule.adoc
+++ b/rules/S2130/java/rule.adoc
@@ -42,6 +42,9 @@ Use "XXX.parseYyy" for this string-to-yyy conversion.
== Comments And Links
(visible only on this page)
+=== on 21 Nov 2024, 16:48:00 Alban Auzeill wrote:
+[test-code-support-investigation-for-java] Decision for scope: Main -> All.
+
=== on 10 Oct 2014, 13:58:53 Freddy Mallet wrote:
@Ann, for me this RSPEC fully duplicates RSPEC-2131, what's the difference ? Thanks
diff --git a/rules/S2133/java/metadata.json b/rules/S2133/java/metadata.json
index e97acb57fc6..5f0ff5695fb 100644
--- a/rules/S2133/java/metadata.json
+++ b/rules/S2133/java/metadata.json
@@ -22,7 +22,7 @@
"defaultSeverity": "Major",
"ruleSpecification": "RSPEC-2133",
"sqKey": "S2133",
- "scope": "Main",
+ "scope": "All",
"defaultQualityProfiles": [
"Sonar way"
],
diff --git a/rules/S2133/java/rule.adoc b/rules/S2133/java/rule.adoc
index e29514043bf..766fbcdf5de 100644
--- a/rules/S2133/java/rule.adoc
+++ b/rules/S2133/java/rule.adoc
@@ -37,6 +37,9 @@ Remove this object instantiation and use "xxx.class" instead.
== Comments And Links
(visible only on this page)
+=== on 21 Nov 2024, 16:48:00 Alban Auzeill wrote:
+[test-code-support-investigation-for-java] Decision for scope: Main -> All.
+
=== on 10 Oct 2014, 11:40:44 Freddy Mallet wrote:
Sounds good to me !
diff --git a/rules/S2139/rspecator.adoc b/rules/S2139/rspecator.adoc
index b3d59e6a217..24db470ff55 100644
--- a/rules/S2139/rspecator.adoc
+++ b/rules/S2139/rspecator.adoc
@@ -20,7 +20,10 @@ Either log this exception and handle it, or rethrow it with some contextual info
== Comments And Links
(visible only on this page)
+=== on 21 Nov 2024, 16:48:00 Alban Auzeill wrote:
+[test-code-support-investigation-for-java] Decision for scope: Keep 'Main'. Test don't always want to capture the logs, throwing any "Boom!" exception is enough.
+
=== on 11 Oct 2014, 12:09:59 Freddy Mallet wrote:
Sounds good to me!
-endif::env-github,rspecator-view[]
\ No newline at end of file
+endif::env-github,rspecator-view[]
diff --git a/rules/S2140/java/metadata.json b/rules/S2140/java/metadata.json
index 120244a44c2..ad6cb231c78 100644
--- a/rules/S2140/java/metadata.json
+++ b/rules/S2140/java/metadata.json
@@ -23,7 +23,7 @@
"defaultSeverity": "Minor",
"ruleSpecification": "RSPEC-2140",
"sqKey": "S2140",
- "scope": "Main",
+ "scope": "All",
"defaultQualityProfiles": [
"Sonar way"
],
diff --git a/rules/S2140/java/rule.adoc b/rules/S2140/java/rule.adoc
index a2426e9aa03..03780f638b5 100644
--- a/rules/S2140/java/rule.adoc
+++ b/rules/S2140/java/rule.adoc
@@ -40,6 +40,9 @@ Use "java.util.Random.nextInt()" instead.
== Comments And Links
(visible only on this page)
+=== on 21 Nov 2024, 16:48:00 Alban Auzeill wrote:
+[test-code-support-investigation-for-java] Decision for scope: Main -> All.
+
=== on 11 Oct 2014, 11:58:06 Freddy Mallet wrote:
Sounds good for me !
diff --git a/rules/S2147/java/metadata.json b/rules/S2147/java/metadata.json
index e8fd53c77a6..7b876a278f5 100644
--- a/rules/S2147/java/metadata.json
+++ b/rules/S2147/java/metadata.json
@@ -1,4 +1,4 @@
{
"quickfix": "covered",
- "scope": "Main"
+ "scope": "All"
}
diff --git a/rules/S2147/java/rule.adoc b/rules/S2147/java/rule.adoc
index fe598e7f71a..f2b45d5db41 100644
--- a/rules/S2147/java/rule.adoc
+++ b/rules/S2147/java/rule.adoc
@@ -12,6 +12,9 @@ include::../message.adoc[]
== Comments And Links
(visible only on this page)
+=== on 21 Nov 2024, 16:48:00 Alban Auzeill wrote:
+[test-code-support-investigation-for-java] Decision for scope: Main -> All.
+
include::../comments-and-links.adoc[]
endif::env-github,rspecator-view[]
diff --git a/rules/S2153/java/metadata.json b/rules/S2153/java/metadata.json
index b2660f9d0f7..5a5ededcefd 100644
--- a/rules/S2153/java/metadata.json
+++ b/rules/S2153/java/metadata.json
@@ -22,7 +22,7 @@
"defaultSeverity": "Minor",
"ruleSpecification": "RSPEC-2153",
"sqKey": "S2153",
- "scope": "Main",
+ "scope": "All",
"defaultQualityProfiles": [
"Sonar way"
],
diff --git a/rules/S2153/java/rule.adoc b/rules/S2153/java/rule.adoc
index cde4e42daa1..6524880b1d5 100644
--- a/rules/S2153/java/rule.adoc
+++ b/rules/S2153/java/rule.adoc
@@ -74,11 +74,13 @@ ifdef::env-github,rspecator-view[]
Remove the [un]boxing of "xxx".
-
'''
== Comments And Links
(visible only on this page)
+=== on 21 Nov 2024, 16:48:00 Alban Auzeill wrote:
+[test-code-support-investigation-for-java] Decision for scope: Main -> All. May be problems with earlier versions of java.
+
=== on 15 Oct 2014, 22:14:41 Freddy Mallet wrote:
I would remove the tag 'bug' on this rule because this doesn't impact the behavior at execution time.
diff --git a/rules/S2154/java/metadata.json b/rules/S2154/java/metadata.json
index 52f2496bb75..1e2a7b9a9a9 100644
--- a/rules/S2154/java/metadata.json
+++ b/rules/S2154/java/metadata.json
@@ -20,7 +20,7 @@
"defaultSeverity": "Major",
"ruleSpecification": "RSPEC-2154",
"sqKey": "S2154",
- "scope": "Main",
+ "scope": "All",
"defaultQualityProfiles": [
"Sonar way"
],
diff --git a/rules/S2154/java/rule.adoc b/rules/S2154/java/rule.adoc
index 1465fa59c9e..93de783ecd6 100644
--- a/rules/S2154/java/rule.adoc
+++ b/rules/S2154/java/rule.adoc
@@ -78,6 +78,9 @@ Add an explicit cast to match types of operands.
== Comments And Links
(visible only on this page)
+=== on 21 Nov 2024, 16:48:00 Alban Auzeill wrote:
+[test-code-support-investigation-for-java] Decision for scope: Main -> All.
+
=== on 16 Feb 2015, 18:02:37 Michael Gumowski wrote:
Message changed, as the type of the ternary operation can not be resolved at the moment. Indicating the required cast is not yet possible.
diff --git a/rules/S2155/flex/metadata.json b/rules/S2155/flex/metadata.json
index 72ef4ac9a33..17971333806 100644
--- a/rules/S2155/flex/metadata.json
+++ b/rules/S2155/flex/metadata.json
@@ -1,6 +1,3 @@
{
- "tags": [],
- "status": "deprecated",
- "defaultQualityProfiles": [],
- "quickfix": "unknown"
+
}
diff --git a/rules/S2159/java/rule.adoc b/rules/S2159/java/rule.adoc
index c62c8104e2d..053015ff929 100644
--- a/rules/S2159/java/rule.adoc
+++ b/rules/S2159/java/rule.adoc
@@ -76,6 +76,9 @@ ifdef::env-github,rspecator-view[]
== Comments And Links
(visible only on this page)
+=== on 21 Nov 2024, 16:48:00 Alban Auzeill wrote:
+[test-code-support-investigation-for-java] Decision for scope: Keep 'Main'. Silly equality comparisons are useful to fully tests "equals"".
+
include::../comments-and-links.adoc[]
endif::env-github,rspecator-view[]
diff --git a/rules/S2160/java/rule.adoc b/rules/S2160/java/rule.adoc
index 62ff9c54c74..4366735b41e 100644
--- a/rules/S2160/java/rule.adoc
+++ b/rules/S2160/java/rule.adoc
@@ -88,5 +88,11 @@ ifdef::env-github,rspecator-view[]
Override the "equals" method in this class
+'''
+== Comments And Links
+(visible only on this page)
+
+=== on 21 Nov 2024, 16:48:00 Alban Auzeill wrote:
+[test-code-support-investigation-for-java] Decision for scope: Keep 'Main'. Too much FP and we can not fix them easily.
endif::env-github,rspecator-view[]
diff --git a/rules/S2166/java/rule.adoc b/rules/S2166/java/rule.adoc
index fe598e7f71a..731d4d9c592 100644
--- a/rules/S2166/java/rule.adoc
+++ b/rules/S2166/java/rule.adoc
@@ -12,6 +12,9 @@ include::../message.adoc[]
== Comments And Links
(visible only on this page)
+=== on 21 Nov 2024, 16:48:00 Alban Auzeill wrote:
+[test-code-support-investigation-for-java] Decision for scope: Keep 'Main'. A lot of test class contains Exception for a good reason.
+
include::../comments-and-links.adoc[]
endif::env-github,rspecator-view[]
diff --git a/rules/S2167/java/rule.adoc b/rules/S2167/java/rule.adoc
index 9f68e55bf32..e334b4a67a1 100644
--- a/rules/S2167/java/rule.adoc
+++ b/rules/S2167/java/rule.adoc
@@ -98,5 +98,11 @@ ifdef::env-github,rspecator-view[]
Simply return -1.
+'''
+== Comments And Links
+(visible only on this page)
+
+=== on 21 Nov 2024, 16:48:00 Alban Auzeill wrote:
+[test-code-support-investigation-for-java] Decision for scope: Keep 'Main'. FP if we want to test "compareTo" limits
endif::env-github,rspecator-view[]
diff --git a/rules/S2168/java/metadata.json b/rules/S2168/java/metadata.json
index ce07716a9dd..ef881767956 100644
--- a/rules/S2168/java/metadata.json
+++ b/rules/S2168/java/metadata.json
@@ -26,7 +26,7 @@
"defaultSeverity": "Blocker",
"ruleSpecification": "RSPEC-2168",
"sqKey": "S2168",
- "scope": "Main",
+ "scope": "All",
"securityStandards": {
"CWE": [
609
diff --git a/rules/S2168/java/rule.adoc b/rules/S2168/java/rule.adoc
index f7644f0e35d..73662e96d9e 100644
--- a/rules/S2168/java/rule.adoc
+++ b/rules/S2168/java/rule.adoc
@@ -95,6 +95,9 @@ Remove this dangerous instance of double-checked locking.
== Comments And Links
(visible only on this page)
+=== on 21 Nov 2024, 16:48:00 Alban Auzeill wrote:
+[test-code-support-investigation-for-java] Decision for scope: Main -> All.
+
=== on 20 Jul 2015, 07:45:24 Ann Campbell wrote:
Tagged java-top by Ann
diff --git a/rules/S2175/java/rule.adoc b/rules/S2175/java/rule.adoc
index f6da5c32aa7..9726a0c94a8 100644
--- a/rules/S2175/java/rule.adoc
+++ b/rules/S2175/java/rule.adoc
@@ -72,11 +72,16 @@ ifdef::env-github,rspecator-view[]
A "[class]<[type]>" cannot contain a "[ytype]".
-
'''
== Comments And Links
(visible only on this page)
+=== on 21 Nov 2024, 16:48:00 Erwan Serandour wrote:
+[test-code-support-investigation-for-java] Good candidate to move to 'All'. Custom implementation of collections is not the common case, I was not able to reproduce the other FPs.
+
+=== on 21 Nov 2024, 16:48:00 Alban Auzeill wrote:
+[test-code-support-investigation-for-java] Decision for scope: Keep 'Main'. FP on custom implementation of collections
+
=== on 5 Feb 2015, 17:44:14 Michael Gumowski wrote:
As I am currently encountering difficulties implementing the rule, I think that expressly mentioning the names of the variables in the issue message does not worth the effort.
diff --git a/rules/S2176/java/rule.adoc b/rules/S2176/java/rule.adoc
index f049cb781a1..7ae25a7a772 100644
--- a/rules/S2176/java/rule.adoc
+++ b/rules/S2176/java/rule.adoc
@@ -79,6 +79,9 @@ Rename this class.
== Comments And Links
(visible only on this page)
+=== on 21 Nov 2024, 16:48:00 Alban Auzeill wrote:
+[test-code-support-investigation-for-java] Decision for scope: Keep 'Main'. Not sure about the value/impact in test.
+
=== on 21 Oct 2014, 14:08:46 Nicolas Peru wrote:
LGTM
diff --git a/rules/S2177/java/rule.adoc b/rules/S2177/java/rule.adoc
index fe598e7f71a..95ccd9f8919 100644
--- a/rules/S2177/java/rule.adoc
+++ b/rules/S2177/java/rule.adoc
@@ -12,6 +12,9 @@ include::../message.adoc[]
== Comments And Links
(visible only on this page)
+=== on 21 Nov 2024, 16:48:00 Alban Auzeill wrote:
+[test-code-support-investigation-for-java] Decision for scope: Keep 'Main'. Not sure about the value in tests.
+
include::../comments-and-links.adoc[]
endif::env-github,rspecator-view[]
diff --git a/rules/S2178/java/metadata.json b/rules/S2178/java/metadata.json
index 0bebb3d3055..8fc9b4ad28c 100644
--- a/rules/S2178/java/metadata.json
+++ b/rules/S2178/java/metadata.json
@@ -6,5 +6,6 @@
"CERT": [
"EXP46-C."
]
- }
+ },
+ "scope": "All"
}
diff --git a/rules/S2178/java/rule.adoc b/rules/S2178/java/rule.adoc
index 2856b5b4a8a..d075c1b1192 100644
--- a/rules/S2178/java/rule.adoc
+++ b/rules/S2178/java/rule.adoc
@@ -22,6 +22,9 @@ include::../message.adoc[]
== Comments And Links
(visible only on this page)
+=== on 21 Nov 2024, 16:48:00 Alban Auzeill wrote:
+[test-code-support-investigation-for-java] Decision for scope: Main -> All. There might be cases in test code where users deliberately wanted to avoid short-circuited logic. But we considered that it is a bad practice.
+
include::../comments-and-links.adoc[]
endif::env-github,rspecator-view[]
diff --git a/rules/S2183/java/metadata.json b/rules/S2183/java/metadata.json
index f4b27f0bb34..9dbbef5a6c0 100644
--- a/rules/S2183/java/metadata.json
+++ b/rules/S2183/java/metadata.json
@@ -1,3 +1,3 @@
{
- "scope": "Main"
+ "scope": "All"
}
diff --git a/rules/S2183/rspecator.adoc b/rules/S2183/rspecator.adoc
index 6624690544f..b672894da7a 100644
--- a/rules/S2183/rspecator.adoc
+++ b/rules/S2183/rspecator.adoc
@@ -16,6 +16,9 @@ Remove this useless shift (multiple of 32/64).
== Comments And Links
(visible only on this page)
+=== on 21 Nov 2024, 16:48:00 Alban Auzeill wrote:
+[test-code-support-investigation-for-java] Decision for scope: Main -> All.
+
include::comments-and-links.adoc[]
endif::env-github,rspecator-view[]
diff --git a/rules/S2184/java/rule.adoc b/rules/S2184/java/rule.adoc
index 1c64fc450e1..cdf09bbf16a 100644
--- a/rules/S2184/java/rule.adoc
+++ b/rules/S2184/java/rule.adoc
@@ -82,6 +82,9 @@ include::../message.adoc[]
== Comments And Links
(visible only on this page)
+=== on 21 Nov 2024, 16:48:00 Alban Auzeill wrote:
+[test-code-support-investigation-for-java] Decision for scope: Keep 'Main'. FP because of assertEquals supporting (long,long) instead of (int,int).
+
include::../comments-and-links.adoc[]
endif::env-github,rspecator-view[]
diff --git a/rules/S2185/java/metadata.json b/rules/S2185/java/metadata.json
index 26a8859e97c..187dfe331ee 100644
--- a/rules/S2185/java/metadata.json
+++ b/rules/S2185/java/metadata.json
@@ -22,7 +22,7 @@
"defaultSeverity": "Major",
"ruleSpecification": "RSPEC-2185",
"sqKey": "S2185",
- "scope": "Main",
+ "scope": "All",
"defaultQualityProfiles": [
"Sonar way"
],
diff --git a/rules/S2185/java/rule.adoc b/rules/S2185/java/rule.adoc
index 72108307ac3..716fe464e7c 100644
--- a/rules/S2185/java/rule.adoc
+++ b/rules/S2185/java/rule.adoc
@@ -75,5 +75,11 @@ ifdef::env-github,rspecator-view[]
Remove this unnecessary call to "Math.xxx".
+'''
+== Comments And Links
+(visible only on this page)
+
+=== on 21 Nov 2024, 16:48:00 Alban Auzeill wrote:
+[test-code-support-investigation-for-java] Decision for scope: Main -> All.
endif::env-github,rspecator-view[]
diff --git a/rules/S2224/flex/metadata.json b/rules/S2224/flex/metadata.json
index 72ef4ac9a33..17971333806 100644
--- a/rules/S2224/flex/metadata.json
+++ b/rules/S2224/flex/metadata.json
@@ -1,6 +1,3 @@
{
- "tags": [],
- "status": "deprecated",
- "defaultQualityProfiles": [],
- "quickfix": "unknown"
+
}
diff --git a/rules/S2260/flex/metadata.json b/rules/S2260/flex/metadata.json
index 3aa89997c0c..a19b98fbbfc 100644
--- a/rules/S2260/flex/metadata.json
+++ b/rules/S2260/flex/metadata.json
@@ -1,6 +1,3 @@
{
- "title": "Flex parser failure",
- "tags": [],
- "status": "deprecated",
- "defaultQualityProfiles": []
-}
\ No newline at end of file
+ "title": "Flex parser failure"
+}
diff --git a/rules/S2310/javascript/metadata.json b/rules/S2310/javascript/metadata.json
index 47f6f7be86e..860ba7158f8 100644
--- a/rules/S2310/javascript/metadata.json
+++ b/rules/S2310/javascript/metadata.json
@@ -17,7 +17,7 @@
]
},
- "defaultSeverity": "Critical",
+ "defaultSeverity": "Major",
"ruleSpecification": "RSPEC-2310",
"sqKey": "S2310",
"scope": "Main",
diff --git a/rules/S2325/csharp/rule.adoc b/rules/S2325/csharp/rule.adoc
index dcc63257fe2..b6794fd558e 100644
--- a/rules/S2325/csharp/rule.adoc
+++ b/rules/S2325/csharp/rule.adoc
@@ -21,6 +21,8 @@ Methods with the following names are excluded because they can't be made `static
* https://learn.microsoft.com/en-us/dotnet/api/system.web.sessionstate.sessionstatemodule.end[Session_End]
* https://learn.microsoft.com/en-us/dotnet/api/system.web.sessionstate.sessionstatemodule.start[Session_Start]
+Event handler methods part of a https://learn.microsoft.com/en-us/dotnet/desktop/winforms[Windows Forms] or https://learn.microsoft.com/en-us/dotnet/desktop/wpf[Windows Presentation Foundation] class are excluded because they can't be made `static`.
+
== How to fix it
=== Code examples
diff --git a/rules/S2495/flex/metadata.json b/rules/S2495/flex/metadata.json
index 72ef4ac9a33..17971333806 100644
--- a/rules/S2495/flex/metadata.json
+++ b/rules/S2495/flex/metadata.json
@@ -1,6 +1,3 @@
{
- "tags": [],
- "status": "deprecated",
- "defaultQualityProfiles": [],
- "quickfix": "unknown"
+
}
diff --git a/rules/S2595/flex/metadata.json b/rules/S2595/flex/metadata.json
index 72ef4ac9a33..17971333806 100644
--- a/rules/S2595/flex/metadata.json
+++ b/rules/S2595/flex/metadata.json
@@ -1,6 +1,3 @@
{
- "tags": [],
- "status": "deprecated",
- "defaultQualityProfiles": [],
- "quickfix": "unknown"
+
}
diff --git a/rules/S2608/flex/metadata.json b/rules/S2608/flex/metadata.json
index ba46fb6f078..17971333806 100644
--- a/rules/S2608/flex/metadata.json
+++ b/rules/S2608/flex/metadata.json
@@ -1,5 +1,3 @@
{
- "tags": [],
- "status": "deprecated",
- "defaultQualityProfiles": []
-}
\ No newline at end of file
+
+}
diff --git a/rules/S2630/flex/metadata.json b/rules/S2630/flex/metadata.json
index 72ef4ac9a33..17971333806 100644
--- a/rules/S2630/flex/metadata.json
+++ b/rules/S2630/flex/metadata.json
@@ -1,6 +1,3 @@
{
- "tags": [],
- "status": "deprecated",
- "defaultQualityProfiles": [],
- "quickfix": "unknown"
+
}
diff --git a/rules/S2751/flex/metadata.json b/rules/S2751/flex/metadata.json
index 72ef4ac9a33..17971333806 100644
--- a/rules/S2751/flex/metadata.json
+++ b/rules/S2751/flex/metadata.json
@@ -1,6 +1,3 @@
{
- "tags": [],
- "status": "deprecated",
- "defaultQualityProfiles": [],
- "quickfix": "unknown"
+
}
diff --git a/rules/S3045/flex/metadata.json b/rules/S3045/flex/metadata.json
index 72ef4ac9a33..17971333806 100644
--- a/rules/S3045/flex/metadata.json
+++ b/rules/S3045/flex/metadata.json
@@ -1,6 +1,3 @@
{
- "tags": [],
- "status": "deprecated",
- "defaultQualityProfiles": [],
- "quickfix": "unknown"
+
}
diff --git a/rules/S3221/flex/metadata.json b/rules/S3221/flex/metadata.json
index 72ef4ac9a33..17971333806 100644
--- a/rules/S3221/flex/metadata.json
+++ b/rules/S3221/flex/metadata.json
@@ -1,6 +1,3 @@
{
- "tags": [],
- "status": "deprecated",
- "defaultQualityProfiles": [],
- "quickfix": "unknown"
+
}
diff --git a/rules/S3255/flex/metadata.json b/rules/S3255/flex/metadata.json
index 72ef4ac9a33..17971333806 100644
--- a/rules/S3255/flex/metadata.json
+++ b/rules/S3255/flex/metadata.json
@@ -1,6 +1,3 @@
{
- "tags": [],
- "status": "deprecated",
- "defaultQualityProfiles": [],
- "quickfix": "unknown"
+
}
diff --git a/rules/S3271/javascript/metadata.json b/rules/S3271/javascript/metadata.json
index 79d56ce2253..caad4ffe518 100644
--- a/rules/S3271/javascript/metadata.json
+++ b/rules/S3271/javascript/metadata.json
@@ -1,7 +1,7 @@
{
"title": "Local storage should not be used",
"type": "VULNERABILITY",
- "status": "deprecated",
+ "status": "closed",
"remediation": {
"func": "Linear with offset",
"linearDesc": "per additional use of the api",
diff --git a/rules/S3424/flex/metadata.json b/rules/S3424/flex/metadata.json
index ba46fb6f078..2c63c085104 100644
--- a/rules/S3424/flex/metadata.json
+++ b/rules/S3424/flex/metadata.json
@@ -1,5 +1,2 @@
{
- "tags": [],
- "status": "deprecated",
- "defaultQualityProfiles": []
-}
\ No newline at end of file
+}
diff --git a/rules/S3458/cfamily/metadata.json b/rules/S3458/cfamily/metadata.json
index 3878eb93d11..eeaaa16a428 100644
--- a/rules/S3458/cfamily/metadata.json
+++ b/rules/S3458/cfamily/metadata.json
@@ -1,6 +1,4 @@
{
- "defaultQualityProfiles": [
- "Sonar way"
- ],
- "quickfix": "targeted"
+ "status": "deprecated",
+ "defaultQualityProfiles": []
}
\ No newline at end of file
diff --git a/rules/S3490/cfamily/rule.adoc b/rules/S3490/cfamily/rule.adoc
index 08472317dcb..8358a1866b1 100644
--- a/rules/S3490/cfamily/rule.adoc
+++ b/rules/S3490/cfamily/rule.adoc
@@ -16,7 +16,10 @@ In most cases, you should just remove the code of the redundant function. In som
For default constructors, you can often use the default version if you use in-class initialization instead of the initializer list. You must make it explicitly defaulted if your class has any other constructor.
-For destructors, you may want to use the ``++=default++`` syntax to be able to declare it as virtual (see S1235).
+For destructors, you may want to use the ``++= default++`` syntax in the following cases:
+
+* When you want to declare the destructor as _virtual_ (see S1235).
+* When your class contains smart pointers to incomplete types, and you want to delay the destructor definition to the point where the types are complete. This commonly happens when using the PIMPL idiom. In that case, declare the destructor in the class and define it out-of-line with `= default` when the type is complete so that the smart pointer can properly delete them.
This rule raises an issue when any of the following is implemented in a way equivalent to the default implementation:
diff --git a/rules/S3502/flex/metadata.json b/rules/S3502/flex/metadata.json
index 72ef4ac9a33..17971333806 100644
--- a/rules/S3502/flex/metadata.json
+++ b/rules/S3502/flex/metadata.json
@@ -1,6 +1,3 @@
{
- "tags": [],
- "status": "deprecated",
- "defaultQualityProfiles": [],
- "quickfix": "unknown"
+
}
diff --git a/rules/S3523/javascript/metadata.json b/rules/S3523/javascript/metadata.json
index b112be380c5..ca6e2bd6ebb 100644
--- a/rules/S3523/javascript/metadata.json
+++ b/rules/S3523/javascript/metadata.json
@@ -17,7 +17,7 @@
]
},
- "defaultSeverity": "Critical",
+ "defaultSeverity": "Major",
"ruleSpecification": "RSPEC-3523",
"sqKey": "S3523",
"scope": "Main",
diff --git a/rules/S3554/flex/metadata.json b/rules/S3554/flex/metadata.json
index 72ef4ac9a33..17971333806 100644
--- a/rules/S3554/flex/metadata.json
+++ b/rules/S3554/flex/metadata.json
@@ -1,6 +1,3 @@
{
- "tags": [],
- "status": "deprecated",
- "defaultQualityProfiles": [],
- "quickfix": "unknown"
+
}
diff --git a/rules/S3618/plsql/rule.adoc b/rules/S3618/plsql/rule.adoc
index ab39b36bfe5..7fbc25b1f26 100644
--- a/rules/S3618/plsql/rule.adoc
+++ b/rules/S3618/plsql/rule.adoc
@@ -1,42 +1,54 @@
== Why is this an issue?
-Any insert which omits a value for a ``++NOT NULL++`` column in a database table will be automatically rejected by the database unless a default value has been specified for the column.
+Any insert which omits a value for a `NOT NULL` column in a database table will be automatically rejected by the database unless a default value has been specified for the column.
+include::../../../shared_content/plsql/data_dictionary.adoc[]
-*Noteworthy*
+== How to fix it
-This rule raises issues only when a *Data Dictionary* is provided during the analysis. See https://docs.sonarqube.org/latest/analysis/languages/plsql/
+Ensure that all `NOT NULL` columns have a value specified in the `INSERT` statement.
-=== Noncompliant code example
+=== Code examples
-With the table ``++MY_TABLE++`` having a ``++NOT NULL++`` column ``++N2++`` without default value and a ``++NOT NULL++`` column ``++N3++`` with default value:
+Given the following table:
[source,sql]
----
- INSERT INTO MY_TABLE -- Noncompliant; N2 value omitted
- (
- N1
- )
- VALUES
- (
- 1
- )
+CREATE TABLE MY_TABLE (
+ N1 NUMBER NOT NULL,
+ N2 VARCHAR2(50) NOT NULL,
+ N3 VARCHAR2(50) DEFAULT 'Default Value'
+);
+----
+
+==== Noncompliant code example
+
+[source,sql,diff-id=1,diff-type=noncompliant]
+----
+INSERT INTO MY_TABLE -- Noncompliant; N2 value omitted
+(
+ N1
+)
+VALUES
+(
+ 1
+)
----
=== Compliant solution
-[source,sql]
+[source,sql,diff-id=1,diff-type=compliant]
----
- INSERT INTO MY_TABLE -- Compliant even though N3 value not supplied
- (
- N1,
- N2
- )
- VALUES
- (
- 1,
- 'Paul'
- )
+INSERT INTO MY_TABLE -- Compliant; N3 has a default value
+(
+ N1,
+ N2
+)
+VALUES
+(
+ 1,
+ 'Paul'
+)
----
ifdef::env-github,rspecator-view[]
diff --git a/rules/S3630/cfamily/metadata.json b/rules/S3630/cfamily/metadata.json
index 20343b74141..7556d68978e 100644
--- a/rules/S3630/cfamily/metadata.json
+++ b/rules/S3630/cfamily/metadata.json
@@ -2,5 +2,6 @@
"tags": [
"cppcoreguidelines",
"pitfall"
- ]
-}
+ ],
+ "quickfix": "partial"
+}
\ No newline at end of file
diff --git a/rules/S3641/compliant.adoc b/rules/S3641/compliant.adoc
deleted file mode 100644
index 0a265a13177..00000000000
--- a/rules/S3641/compliant.adoc
+++ /dev/null
@@ -1,15 +0,0 @@
-=== Compliant solution
-
-[source,text]
-----
-SELECT *
-FROM my_table
-WHERE NOT EXISTS (SELECT 1 FROM another_table WHERE nullable_column = my_table.my_column)
-----
-
-[source,text]
-----
-SELECT *
-FROM my_table
-WHERE my_column NOT IN (SELECT nullable_column FROM another_table WHERE nullable_column IS NOT NULL)
-----
diff --git a/rules/S3641/how.adoc b/rules/S3641/how.adoc
new file mode 100644
index 00000000000..312705eac0d
--- /dev/null
+++ b/rules/S3641/how.adoc
@@ -0,0 +1,30 @@
+== How to fix it
+
+Use `NOT EXISTS` or `IS NOT NULL` instead of `NOT IN` when the subquery may return `NULL` values.
+
+=== Code examples
+
+==== Noncompliant code example
+
+[source,sql]
+----
+SELECT *
+FROM my_table
+WHERE my_column NOT IN (SELECT nullable_column FROM another_table) -- Noncompliant; "nullable_column" may contain 'NULL' value and the whole SELECT query will return nothing
+----
+
+==== Compliant solution
+
+[source,sql]
+----
+SELECT *
+FROM my_table
+WHERE NOT EXISTS (SELECT 1 FROM another_table WHERE nullable_column = my_table.my_column)
+----
+
+[source,sql]
+----
+SELECT *
+FROM my_table
+WHERE my_column NOT IN (SELECT nullable_column FROM another_table WHERE nullable_column IS NOT NULL)
+----
diff --git a/rules/S3641/noncompliant.adoc b/rules/S3641/noncompliant.adoc
deleted file mode 100644
index 076c91338cc..00000000000
--- a/rules/S3641/noncompliant.adoc
+++ /dev/null
@@ -1,8 +0,0 @@
-=== Noncompliant code example
-
-[source,text]
-----
-SELECT *
-FROM my_table
-WHERE my_column NOT IN (SELECT nullable_column FROM another_table) -- Noncompliant; "nullable_column" may contain 'NULL' value and the whole SELECT query will return nothing
-----
diff --git a/rules/S3641/plsql/rule.adoc b/rules/S3641/plsql/rule.adoc
index 842d96f01fa..6592876ee32 100644
--- a/rules/S3641/plsql/rule.adoc
+++ b/rules/S3641/plsql/rule.adoc
@@ -1,17 +1,12 @@
== Why is this an issue?
-A WHERE clause condition that uses NOT IN with a subquery will have unexpected results if that subquery returns NULL. On the other hand NOT EXISTS subqueries work reliably under the same conditions.
+A `WHERE` clause condition that uses `NOT IN` with a subquery will have unexpected results if that subquery returns `NULL`. On the other hand `NOT EXISTS` subqueries work reliably under the same conditions.
-This rule raises an issue when NOT IN is used with a subquery where the selected column is nullable.
+This rule raises an issue when `NOT IN` is used with a subquery where the selected column is nullable.
+include::../../../shared_content/plsql/data_dictionary.adoc[]
-*Noteworthy*
-
-This rule raises issues only when a *Data Dictionary* is provided during the analysis. See https://docs.sonarqube.org/latest/analysis/languages/plsql/
-
-include::../noncompliant.adoc[]
-
-include::../compliant.adoc[]
+include::../how.adoc[]
ifdef::env-github,rspecator-view[]
diff --git a/rules/S3641/tsql/rule.adoc b/rules/S3641/tsql/rule.adoc
index aa53b9d710f..2806952316c 100644
--- a/rules/S3641/tsql/rule.adoc
+++ b/rules/S3641/tsql/rule.adoc
@@ -5,9 +5,7 @@ A ``++WHERE++`` clause condition that uses ``++NOT IN++`` with a subquery will h
This rule raises an issue when ``++NOT IN++`` is used with a subquery. This rule doesn't check if the selected column is a nullable column because the rules engine has no information about the table definition. It's up to the developer to review manually if the column is nullable.
-include::../noncompliant.adoc[]
-
-include::../compliant.adoc[]
+include::../how.adoc[]
ifdef::env-github,rspecator-view[]
diff --git a/rules/S3651/plsql/rule.adoc b/rules/S3651/plsql/rule.adoc
index a9e9d3bb85a..fea874b9885 100644
--- a/rules/S3651/plsql/rule.adoc
+++ b/rules/S3651/plsql/rule.adoc
@@ -1,27 +1,45 @@
== Why is this an issue?
-``++WHERE++`` clause conditions that reinforce or contradict the definitions of their columns are useless; they are always either unconditionally true or unconditionally false. For instance, there's no point in including ``++AND column IS NOT NULL++`` if the column is defined as non-null.
+Conditions in the `WHERE` clause that either reinforce or contradict the definitions of their columns are redundant, as they are always either unconditionally true or unconditionally false. For example, including `AND column IS NOT NULL` is unnecessary if the column is already defined as non-null.
+include::../../../shared_content/plsql/data_dictionary.adoc[]
-*Noteworthy*
+== How to fix it
-This rule raises issues only when a *Data Dictionary* is provided during the analysis. See https://docs.sonarqube.org/latest/analysis/languages/plsql/
+Ensure that the conditions in the `WHERE` clause are not always true or false.
-=== Noncompliant code example
+=== Code examples
+
+Given the following table:
[source,sql]
----
-CREATE TABLE product
-(id INT,
- name VARCHAR(6) NOT NULL,
- mfg_name VARCHAR(6),
- mfg_id INT
- ...
-
-SELECT name, price
-FROM product
-WHERE name is not null -- Noncompliant; always true. This column is NOT NULL
- AND mfg_name = 'Too long name' -- Noncompliant; always false. This column can contain only 6 characters
+CREATE TABLE Product
+(
+ Id INT,
+ Name VARCHAR(6),
+ Price INT NOT NULL
+)
+----
+
+
+==== Noncompliant code example
+
+[source,sql,diff-id=1,diff-type=noncompliant]
+----
+SELECT Name, Price FROM Product
+WHERE
+ Name = 'Too long name' -- Noncompliant; always false. This column can contain only 6 characters
+ AND Price IS NOT NULL -- Noncompliant; always true. This column is NOT NULL
+----
+
+==== Compliant solution
+
+[source,sql,diff-id=1,diff-type=compliant]
+----
+SELECT Name, Price FROM Product
+WHERE
+ Name = 'Name'
----
ifdef::env-github,rspecator-view[]
diff --git a/rules/S3723/metadata.json b/rules/S3723/metadata.json
index e47b8d9ba70..ed41a9028b8 100644
--- a/rules/S3723/metadata.json
+++ b/rules/S3723/metadata.json
@@ -17,7 +17,7 @@
]
},
- "defaultSeverity": "Minor",
+ "defaultSeverity": "Major",
"ruleSpecification": "RSPEC-3723",
"sqKey": "S3723",
"scope": "All",
diff --git a/rules/S3921/plsql/rule.adoc b/rules/S3921/plsql/rule.adoc
index c9f93abadff..6b6f01f59d3 100644
--- a/rules/S3921/plsql/rule.adoc
+++ b/rules/S3921/plsql/rule.adoc
@@ -2,41 +2,61 @@
Trying to assign a large character value to a smaller variable or column will raise an error.
-=== Noncompliant code example
+include::../../../shared_content/plsql/data_dictionary.adoc[]
-[source,sql]
-----
-create table persons (id number, name varchar2(4));
+== How to fix it
-insert into persons (id, name) values (1, 'Alice'); -- Noncompliant, raises ORA-12899
+Ensure that the size of the variable or column is large enough to hold the value.
-create or replace procedure sp1
-is
- foo varchar2(2);
-begin
- select name into foo from persons where id = 1; -- Noncompliant, may raise ORA-06502
-end;
-----
+=== Code examples
-=== Compliant solution
+==== Noncompliant code example
-[source,sql]
+[source,sql,diff-id=1,diff-type=noncompliant]
+----
+CREATE TABLE Persons
+(
+ Id NUMBER,
+ Name VARCHAR2(4)
+);
+
+INSERT INTO Persons (Id, Name) VALUES (1, 'Alice'); -- Noncompliant, raises ORA-12899
+
+CREATE OR REPLACE PROCEDURE sp1
+IS
+ foo VARCHAR2(2);
+BEGIN
+ SELECT Name INTO foo FROM Persons WHERE Id = 1; -- Noncompliant, may raise ORA-06502
+END;
----
-create table persons (id number, name varchar2(8));
-insert into persons (id, name) values (1, 'Alice');
+==== Compliant solution
-create or replace procedure sp1
-is
- foo varchar2(8);
-begin
- select name into foo from persons where id = 1;
-end;
+[source,sql,diff-id=1,diff-type=compliant]
+----
+CREATE TABLE Persons
+(
+ Id NUMBER,
+ Name VARCHAR2(8)
+);
+
+INSERT INTO Persons (Id, Name) VALUES (1, 'Alice');
+
+CREATE OR REPLACE PROCEDURE sp1
+IS
+ foo VARCHAR2(8);
+BEGIN
+ SELECT Name INTO foo FROM Persons WHERE Id = 1;
+END;
----
== Resources
+=== Documentation
+
* CWE - https://cwe.mitre.org/data/definitions/704[CWE-704 - Incorrect Type Conversion or Cast]
+* Oracle Database - https://docs.oracle.com/en/error-help/db/ora-12899[ORA-12899]
+* Oracle Database - https://docs.oracle.com/en/error-help/db/ora-06502[ORA-06502]
ifdef::env-github,rspecator-view[]
diff --git a/rules/S3923/flex/metadata.json b/rules/S3923/flex/metadata.json
index ba46fb6f078..17971333806 100644
--- a/rules/S3923/flex/metadata.json
+++ b/rules/S3923/flex/metadata.json
@@ -1,5 +1,3 @@
{
- "tags": [],
- "status": "deprecated",
- "defaultQualityProfiles": []
-}
\ No newline at end of file
+
+}
diff --git a/rules/S4507/flex/metadata.json b/rules/S4507/flex/metadata.json
index ba46fb6f078..17971333806 100644
--- a/rules/S4507/flex/metadata.json
+++ b/rules/S4507/flex/metadata.json
@@ -1,5 +1,3 @@
{
- "tags": [],
- "status": "deprecated",
- "defaultQualityProfiles": []
-}
\ No newline at end of file
+
+}
diff --git a/rules/S4524/flex/metadata.json b/rules/S4524/flex/metadata.json
index ba46fb6f078..17971333806 100644
--- a/rules/S4524/flex/metadata.json
+++ b/rules/S4524/flex/metadata.json
@@ -1,5 +1,3 @@
{
- "tags": [],
- "status": "deprecated",
- "defaultQualityProfiles": []
-}
\ No newline at end of file
+
+}
diff --git a/rules/S5148/html/rule.adoc b/rules/S5148/html/rule.adoc
index c6579516d85..38bb447e1a6 100644
--- a/rules/S5148/html/rule.adoc
+++ b/rules/S5148/html/rule.adoc
@@ -2,24 +2,22 @@ include::../description.adoc[]
include::../ask-yourself.adoc[]
-include::../recommended.adoc[]
-
== Sensitive Code Example
[source,html]
----
-
+
-
+
----
== Compliant Solution
-To prevent pages from abusing ``++window.opener++``, use ``++rel=noopener++`` on ``++++`` to force its value to be ``++null++`` on the opened pages.
+In Chrome 88+, Firefox 79+ or Safari 12.1+ ``++target=_blank++`` on anchors implies ``++rel=noopener++`` which makes the protection enabled by default.
[source,html]
----
-
+
----
== Exceptions
@@ -28,7 +26,7 @@ No Issue will be raised when ``++href++`` contains a hardcoded relative url as t
[source,html]
----
-
+
----
include::../see.adoc[]
diff --git a/rules/S5148/recommended.adoc b/rules/S5148/recommended.adoc
index 86e6bfbae50..7592ab18cec 100644
--- a/rules/S5148/recommended.adoc
+++ b/rules/S5148/recommended.adoc
@@ -1,5 +1,3 @@
== Recommended Secure Coding Practices
Use ``++noopener++`` to prevent untrusted pages from abusing ``++window.opener++``.
-
-Note: In Chrome 88+, Firefox 79+ or Safari 12.1+ ``++target=_blank++`` on anchors implies ``++rel=noopener++`` which make the protection enabled by default.
diff --git a/rules/S5408/cfamily/rule.adoc b/rules/S5408/cfamily/rule.adoc
index 9263981a1bd..ccb41322be8 100644
--- a/rules/S5408/cfamily/rule.adoc
+++ b/rules/S5408/cfamily/rule.adoc
@@ -1,7 +1,6 @@
== Why is this an issue?
-Declaring a function or a static member variable ``++constexpr++`` makes it implicitly inline.
-
+Declaring a function ``++constexpr++`` makes it implicitly inline.
In that situation, explicitly using the ``++inline++`` keyword would be redundant, and might lead to confusion if it's used in some cases but not others. It's better to simply omit it.
@@ -11,22 +10,14 @@ In that situation, explicitly using the ``++inline++`` keyword would be redundan
[source,cpp]
----
inline constexpr int addOne(int n) { return n+1; } // Noncompliant
-struct A {
-inline constexpr static int secretNumber = 0; // Noncompliant
-};
----
-
=== Compliant solution
[source,cpp]
----
constexpr int addOne(int n) { return n+1; }
-struct A {
-constexpr static int secretNumber = 0;
-};
----
-
ifdef::env-github,rspecator-view[]
diff --git a/rules/S5411/java/rule.adoc b/rules/S5411/java/rule.adoc
index 0d0c77d192e..be32216d2f5 100644
--- a/rules/S5411/java/rule.adoc
+++ b/rules/S5411/java/rule.adoc
@@ -5,7 +5,7 @@ When boxed type `java.lang.Boolean` is used as an expression to determine the co
It is safer to avoid such conversion altogether and handle the `null` value explicitly.
-Note, however, that no issues will be raised for Booleans that have already been null-checked.
+Note, however, that no issues will be raised for Booleans that have already been null-checked or are marked `@NonNull/@NotNull`.
=== Noncompliant code example
@@ -38,6 +38,34 @@ if(b != null){
}
----
+=== Exceptions
+
+The issue is not raised if the expression is annotated `@NonNull` / `@NotNull`.
+This is useful if a boxed type is an instantiation of a generic type parameter and cannot be avoided.
+
+[source,java]
+----
+List list = new ArrayList<>();
+list.add(true);
+list.add(false);
+list.forEach((@NonNull Boolean value) -> {
+ // Compliant
+ if(value) {
+ System.out.println("yes");
+ }
+});
+
+@NonNull Boolean someMethod() { /* ... */ }
+
+// Compliant
+if(someMethod()) { /* ... */ }
+
+@NonNull Boolean boxedNonNull = Boolean.TRUE;
+
+// Compliant
+if(boxedNonNull) { /* ... */ }
+----
+
== Resources
* https://docs.oracle.com/javase/specs/jls/se8/html/jls-5.html#jls-5.1.8[Java Language Specification §5.1.8 Unboxing Conversion]
diff --git a/rules/S5594/xml/metadata.json b/rules/S5594/xml/metadata.json
index 4861b951297..ee467ccb58b 100644
--- a/rules/S5594/xml/metadata.json
+++ b/rules/S5594/xml/metadata.json
@@ -7,7 +7,7 @@
},
"attribute": "COMPLETE"
},
- "status": "ready",
+ "status": "deprecated",
"remediation": {
"func": "Constant\/Issue",
"constantCost": "10min"
@@ -44,7 +44,6 @@
]
},
"defaultQualityProfiles": [
- "Sonar way"
],
"quickfix": "unknown"
}
diff --git a/rules/S6194/rule.adoc b/rules/S6194/rule.adoc
index 460fc82f546..fdfab5331f8 100644
--- a/rules/S6194/rule.adoc
+++ b/rules/S6194/rule.adoc
@@ -1,6 +1,25 @@
== Why is this an issue?
-Cognitive Complexity is a measure of how hard the control flow of a function is to understand. Coroutines with high Cognitive Complexity will be difficult to maintain.
+"Cognitive complexity" is a measure of how hard the control flow of a function is to understand. Code with high cognitive complexity is hard to read, understand, test, and modify.
+
+This rule raises on coroutines with high cognitive complexity.
+
+As a rule of thumb, high cognitive complexity is a sign that the code should be refactored into smaller, easier-to-manage pieces.
+
+=== Which syntax in code does impact cognitive complexity score?
+
+Here are the core concepts:
+
+* **Cognitive complexity is incremented each time the code breaks the normal linear reading flow.** +
+This concerns, for example, loop structures, conditionals, catches, switches, jumps to labels, and conditions mixing multiple operators.
+* **Each nesting level increases complexity.** +
+During code reading, the deeper you go through nested layers, the harder it becomes to keep the context in mind.
+* **Method calls are free** +
+ A well-picked method name is a summary of multiple lines of code.
+ A reader can first explore a high-level view of what the code is performing then go deeper and deeper by looking at called functions content. +
+__Note:__ This does not apply to recursive calls, those will increment cognitive score.
+
+The method of computation is fully detailed in the pdf linked in the resources.
== Resources
diff --git a/rules/S6255/terraform/metadata.json b/rules/S6255/terraform/metadata.json
index cc3f9cab293..c15bdaa4879 100644
--- a/rules/S6255/terraform/metadata.json
+++ b/rules/S6255/terraform/metadata.json
@@ -38,7 +38,5 @@
"6.2.4"
]
},
- "defaultQualityProfiles": [
- "Sonar way"
- ]
+ "defaultQualityProfiles": []
}
diff --git a/rules/S6258/cloudformation/rule.adoc b/rules/S6258/cloudformation/rule.adoc
index 8dcb2325d46..15076aef67e 100644
--- a/rules/S6258/cloudformation/rule.adoc
+++ b/rules/S6258/cloudformation/rule.adoc
@@ -100,8 +100,8 @@ Resources:
Type: "AWS::Redshift::Cluster"
Properties:
DBName: "Redshift Warehouse Cluster"
-----
-
+----
+
For https://aws.amazon.com/opensearch-service/[Amazon OpenSearch] service or Amazon Elasticsearch service:
[source,yaml]
@@ -169,19 +169,41 @@ For https://aws.amazon.com/s3/[Amazon S3 access requests]:
----
AWSTemplateFormatVersion: 2010-09-09
Resources:
- S3BucketLogs:
- Type: 'AWS::S3::Bucket'
- Properties:
- BucketName: "mycompliantloggingbucket"
- AccessControl: LogDeliveryWrite
-
S3Bucket:
Type: 'AWS::S3::Bucket'
Properties:
BucketName: "mycompliantbucket"
LoggingConfiguration:
- DestinationBucketName: !Ref S3BucketLogs
+ DestinationBucketName: !Ref S3LoggingBucket
LogFilePrefix: testing-logs
+ S3LoggingBucket:
+ Type: 'AWS::S3::Bucket'
+ Properties:
+ BucketName: "mycompliantloggingbucket"
+ S3BucketPolicy:
+ Type: 'AWS::S3::BucketPolicy'
+ Properties:
+ Bucket: !Ref S3LoggingBucket
+ PolicyDocument:
+ Version: 2012-10-17
+ Statement:
+ - Action:
+ - 's3:PutObject'
+ Effect: Allow
+ Principal:
+ Service: logging.s3.amazonaws.com
+ Resource: !Join
+ - ''
+ - - 'arn:aws:s3:::'
+ - !Ref S3LoggingBucket
+ - /*
+ Condition:
+ ArnLike:
+ 'aws:SourceArn': !GetAtt
+ - S3Bucket
+ - Arn
+ StringEquals:
+ 'aws:SourceAccount': !Sub '${AWS::AccountId}'
----
For https://aws.amazon.com/api-gateway/[Amazon API Gateway] stages:
@@ -259,8 +281,8 @@ Resources:
Logs:
Audit: true
General: true
-----
-
+----
+
For https://aws.amazon.com/redshift/[Amazon Redshift]:
diff --git a/rules/S6258/terraform/rule.adoc b/rules/S6258/terraform/rule.adoc
index 5e377162f5b..fc73df26cbb 100644
--- a/rules/S6258/terraform/rule.adoc
+++ b/rules/S6258/terraform/rule.adoc
@@ -118,25 +118,43 @@ resource "google_container_cluster" "example" {
For Amazon https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket[S3 access requests]:
[source,terraform]
----
-resource "aws_s3_bucket" "example-logs" {
- bucket = "example_logstorage"
- acl = "log-delivery-write"
-}
-
resource "aws_s3_bucket" "example" {
bucket = "example"
-
- logging { # AWS provider <= 3
- target_bucket = aws_s3_bucket.example-logs.id
- target_prefix = "log/example"
- }
}
-resource "aws_s3_bucket_logging" "example" { # AWS provider >= 4
+resource "aws_s3_bucket_logging" "example" {
bucket = aws_s3_bucket.example.id
- target_bucket = aws_s3_bucket.example-logs.id
- target_prefix = "log/example"
+ target_bucket = aws_s3_bucket.logs.id
+ target_prefix = "testing-logs"
+}
+
+# Set up a logging bucket
+resource "aws_s3_bucket" "logs" {
+ bucket = "example_logstorage"
+}
+
+data "aws_iam_policy_document" "logs" {
+ statement {
+ sid = "s3-log-delivery"
+ effect = "Allow"
+
+ principals {
+ type = "Service"
+ identifiers = ["logging.s3.amazonaws.com"]
+ }
+
+ actions = ["s3:PutObject"]
+
+ resources = [
+ "${aws_s3_bucket.logs.arn}/*",
+ ]
+ }
+}
+
+resource "aws_s3_bucket_policy" "logs" {
+ bucket = aws_s3_bucket.example-logs.id
+ policy = data.aws_iam_policy_document.example.json
}
----
diff --git a/rules/S6294/cloudformation/rule.adoc b/rules/S6294/cloudformation/rule.adoc
index b92db579530..89454283804 100644
--- a/rules/S6294/cloudformation/rule.adoc
+++ b/rules/S6294/cloudformation/rule.adoc
@@ -57,7 +57,7 @@ Resources:
==== Compliant solution
-Example with a `!Ref`:
+Example with a `!Ref` in `LogGroup`:
[source,yaml]
----
@@ -76,6 +76,27 @@ Resources:
RetentionInDays: 30
----
+Example with a `!Ref` in `AWS::Lambda::Function` (it also works for `AWS::Serverless::Function`):
+
+[source,yaml]
+----
+AWSTemplateFormatVersion: 2010-09-09
+Resources:
+ ExampleFunction:
+ Type: AWS::Lambda::Function
+ Properties:
+ Runtime: nodejs12.x
+ Description: Example of Lambda Function
+ LoggingConfig:
+ LogGroup: !Ref ExampleLogGroup
+
+ ExampleLogGroup:
+ Type: AWS::Logs::LogGroup
+ Properties:
+ LogGroupName: "/aws/lambda/exampleFunction"
+ RetentionInDays: 30
+----
+
Example with `!Sub`:
[source,yaml]
@@ -95,6 +116,21 @@ Resources:
RetentionInDays: 30
----
+Example with `CloudWatchLogs` (it only works for `AWS::CodeBuild::Project`):
+
+[source,yaml]
+----
+AWSTemplateFormatVersion: 2010-09-09
+Resources:
+ CodeBuildProject:
+ Type: AWS::CodeBuild::Project
+ Properties:
+ LogsConfig:
+ CloudWatchLogs:
+ Status: "ENABLED"
+ GroupName: "aws/codeBuild/project"
+----
+
== Resources
* AWS Documentation https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-logs-loggroup.html[AWS::Logs::LogGroup]
diff --git a/rules/S6299/javascript/metadata.json b/rules/S6299/javascript/metadata.json
index 1f743c25815..b2600d04bef 100644
--- a/rules/S6299/javascript/metadata.json
+++ b/rules/S6299/javascript/metadata.json
@@ -7,7 +7,7 @@
},
"attribute": "CONVENTIONAL"
},
- "status": "ready",
+ "status": "deprecated",
"tags": [
"cwe"
],
@@ -39,6 +39,5 @@
]
},
"defaultQualityProfiles": [
- "Sonar way"
]
}
diff --git a/rules/S6327/metadata.json b/rules/S6327/metadata.json
index ecaa7bc329a..9942b2145a2 100644
--- a/rules/S6327/metadata.json
+++ b/rules/S6327/metadata.json
@@ -10,7 +10,7 @@
"status": "ready",
"remediation": {
"func": "Constant\/Issue",
- "constantCost": "10min"
+ "constantCost": "45min"
},
"tags": [
"aws",
diff --git a/rules/S6327/recommended.adoc b/rules/S6327/recommended.adoc
index 619707c6c6b..bde7a0a6055 100644
--- a/rules/S6327/recommended.adoc
+++ b/rules/S6327/recommended.adoc
@@ -1,3 +1,18 @@
== Recommended Secure Coding Practices
-It's recommended to encrypt SNS topics that contain sensitive information. Encryption and decryption are handled transparently by SNS, so no further modifications to the application are necessary.
+It is recommended to encrypt SNS topics that contain sensitive information.
+
+To do so, create a master key and assign the SNS topic to it. Note that this
+system does not encrypt the following:
+
+* Topic metadata (topic name and attributes)
+* Message metadata (subject, message ID, timestamp, and attributes)
+* Data protection policy
+* Per-topic metrics
+
+Then, make sure that any publishers have the ``++kms:GenerateDataKey*++`` and
+``++kms:Decrypt++`` permissions for the AWS KMS key.
+
+See https://docs.aws.amazon.com/sns/latest/dg/sns-key-management.html#sns-what-permissions-for-sse[AWS SNS Key Management Documentation]
+for more information.
+
diff --git a/rules/S6418/java/rule.adoc b/rules/S6418/java/rule.adoc
index b592ca548b6..886dddc613d 100644
--- a/rules/S6418/java/rule.adoc
+++ b/rules/S6418/java/rule.adoc
@@ -1,4 +1,4 @@
-:detectson: variables/fields
+:detections: variables/fields
:defaultsensibility: 5
include::../description.adoc[]
diff --git a/rules/S6418/javascript/metadata.json b/rules/S6418/javascript/metadata.json
new file mode 100644
index 00000000000..bb3d04f385c
--- /dev/null
+++ b/rules/S6418/javascript/metadata.json
@@ -0,0 +1,3 @@
+{
+ "quickfix": "infeasible"
+}
diff --git a/rules/S6418/javascript/rule.adoc b/rules/S6418/javascript/rule.adoc
new file mode 100644
index 00000000000..0488d7cfdc3
--- /dev/null
+++ b/rules/S6418/javascript/rule.adoc
@@ -0,0 +1,52 @@
+:detections: variables/fields
+:defaultsensibility: 5
+
+include::../description.adoc[]
+
+include::../ask-yourself.adoc[]
+
+include::../recommended.adoc[]
+
+== Sensitive Code Example
+
+[source,javascript]
+----
+const API_KEY = "1234567890abcdef" // Hard-coded secret (bad practice)
+
+const response = await fetch("https://api.my-service/v1/users", {
+ headers: {
+ Authorization: `Bearer ${API_KEY}`,
+ },
+});
+----
+
+== Compliant Solution
+
+[source,javascript]
+----
+const API_KEY = process.env.API_KEY;
+
+const response = await fetch("https://api.my-service/v1/users", {
+ headers: {
+ Authorization: `Bearer ${API_KEY}`,
+ },
+});
+----
+
+include::../see.adoc[]
+
+* MSC - https://wiki.sei.cmu.edu/confluence/x/OjdGBQ[MSC03-J - Never hard code sensitive information]
+
+
+ifdef::env-github,rspecator-view[]
+'''
+== Implementation Specification
+(visible only on this page)
+
+include::../message.adoc[]
+
+
+include::../parameters.adoc[]
+
+'''
+endif::env-github,rspecator-view[]
diff --git a/rules/S6433/kubernetes/metadata.json b/rules/S6433/kubernetes/metadata.json
index 2c63c085104..1ce5d975729 100644
--- a/rules/S6433/kubernetes/metadata.json
+++ b/rules/S6433/kubernetes/metadata.json
@@ -1,2 +1,3 @@
{
-}
+ "defaultQualityProfiles": []
+}
\ No newline at end of file
diff --git a/rules/S6463/python/rule.adoc b/rules/S6463/python/rule.adoc
index da6688a43c1..82d48106d0c 100644
--- a/rules/S6463/python/rule.adoc
+++ b/rules/S6463/python/rule.adoc
@@ -1,8 +1,6 @@
Allowing unrestricted outbound communications can lead to data leaks.
-A restrictive security group is an additional layer of protection that might
-prevent the abuse or exploitation of a resource. For example, it complicates the
-exfiltration of data in the case of a successfully exploited vulnerability.
+When a security group allows all outbound communications, applications or services within the security group can send data to any external IP address or port without restriction. If a resource within the security group becomes compromised, attackers could send malicious traffic or exfiltrate data to external servers. This could happen even if the resource is not directly exposed to the internet, such as in case of a supply chain attack.
When deciding if outgoing connections should be limited, consider that limiting
the connections results in additional administration and maintenance work.
@@ -18,9 +16,9 @@ There is a risk if you answered yes to any of those questions.
== Recommended Secure Coding Practices
-It is recommended to restrict outgoing connections to a set of trusted
-destinations.
+The principles of defence-in-depth and least privilege suggest that outbound connections should be restricted to a set of trusted destinations.
+Consider restricting the security group egress rules so that it can only contact specific locations, such as trusted IP address ranges or other security groups. If any resources require unrestricted outbound access, place them in their own security group.
== Sensitive Code Example
diff --git a/rules/S6584/docker/rule.adoc b/rules/S6584/docker/rule.adoc
index b4bbfb1d7eb..0c022546cd6 100644
--- a/rules/S6584/docker/rule.adoc
+++ b/rules/S6584/docker/rule.adoc
@@ -8,6 +8,7 @@ Suppose a package manager invocation is part of a script that is executed automa
Then, execution is aborted because there is no confirming manual input.
As a result, instructions, such as installation or update of packages, cannot be performed in an automated way.
This applies, among others, to the package manager used in Debian-based systems, Advanced Package Tool (APT).
+This also apply to `gdebi` package manager, which is used to install packages from a file.
== How can I fix it?
@@ -20,6 +21,7 @@ This applies, among others, to the package manager used in Debian-based systems,
RUN apt-get install ca-certificates
RUN aptitude install ca-certificates
RUN apt install ca-certificates
+RUN gdebi /tmp/package.deb
----
Here each line represents a package installation command command for the most popular package managers.
@@ -32,6 +34,7 @@ Each of them is trying to perform an installation in interactive mode, it will w
RUN apt-get -y install ca-certificates
RUN aptitude -y install ca-certificates
RUN apt -y install ca-certificates
+RUN gdebi --n /tmp/package.deb
----
Here in each line we added the option `-y`, it will assume yes to all prompts and continue execution.
diff --git a/rules/S6587/docker/rule.adoc b/rules/S6587/docker/rule.adoc
index 781945f6912..67b13a3b18a 100644
--- a/rules/S6587/docker/rule.adoc
+++ b/rules/S6587/docker/rule.adoc
@@ -8,6 +8,10 @@ The package index is redundant for the correct operation of the installed softwa
Storing an index also increases the size of the Docker image.
It should be reduced to speed up deployments and reduce storage and bandwidth.
+=== Exceptions
+
+In multi-stage builds, the rule only checks instructions that are part of the final image.
+
== How to fix it
=== Code examples
diff --git a/rules/S6595/docker/rule.adoc b/rules/S6595/docker/rule.adoc
index 4922ea2a079..0b0cf86c591 100644
--- a/rules/S6595/docker/rule.adoc
+++ b/rules/S6595/docker/rule.adoc
@@ -7,6 +7,10 @@ Leaving unnecessary files in Docker image increases its size.
The Docker images should be small and only contain necessary data.
The cache index is obsolete after installation.
+=== Exceptions
+
+The rule does not raise when the update is followed by a `gdebi` package installation, as it can still install required dependencies when installing from a file, which would require the `apt` cache to be updated.
+
== How to fix it
=== Code examples
@@ -29,6 +33,7 @@ Each of them stores the cache index in the newly created layer.
----
RUN apk update && apk add ...
RUN apt-get update && apt-get install ...
+RUN apt-get update && gdebi
RUN aptitude update && aptitude install ...
----
diff --git a/rules/S6639/common/resources/documentation.adoc b/rules/S6639/common/resources/documentation.adoc
index 4bf21e10bb3..fb7402ddcc3 100644
--- a/rules/S6639/common/resources/documentation.adoc
+++ b/rules/S6639/common/resources/documentation.adoc
@@ -1,3 +1,3 @@
* https://owasp.org/www-community/attacks/Denial_of_Service[OWASP] - Denial of Service
-* https://www.linux.org/docs/man8/pam_limits.html[Linux.org] - pam_limits - PAM module to limit resources
-* https://access.redhat.com/solutions/1257953[RedHat] - How to set limits for services in RHEL and systemd
\ No newline at end of file
+* https://man.archlinux.org/man/core/pam/pam_limits.8.en[archlinux.org] - pam_limits - PAM module to limit resources
+* https://access.redhat.com/solutions/1257953[RedHat] - How to set limits for services in RHEL and systemd
diff --git a/rules/S6661/javascript/metadata.json b/rules/S6661/javascript/metadata.json
index b76f8bef6c3..30c79978b82 100644
--- a/rules/S6661/javascript/metadata.json
+++ b/rules/S6661/javascript/metadata.json
@@ -9,7 +9,7 @@
"tags": [
"es2018"
],
- "defaultSeverity": "Minor",
+ "defaultSeverity": "Major",
"ruleSpecification": "RSPEC-6661",
"sqKey": "S6661",
"scope": "All",
diff --git a/rules/S6666/javascript/metadata.json b/rules/S6666/javascript/metadata.json
index b9fb97634bb..98450ac6ffc 100644
--- a/rules/S6666/javascript/metadata.json
+++ b/rules/S6666/javascript/metadata.json
@@ -8,7 +8,7 @@
},
"tags": [
],
- "defaultSeverity": "Minor",
+ "defaultSeverity": "Major",
"ruleSpecification": "RSPEC-6666",
"sqKey": "S6666",
"scope": "All",
diff --git a/rules/S6671/javascript/metadata.json b/rules/S6671/javascript/metadata.json
index 6042a90492e..3e9d52e860c 100644
--- a/rules/S6671/javascript/metadata.json
+++ b/rules/S6671/javascript/metadata.json
@@ -8,7 +8,7 @@
},
"tags": [
],
- "defaultSeverity": "Minor",
+ "defaultSeverity": "Major",
"ruleSpecification": "RSPEC-6671",
"sqKey": "S6671",
"scope": "All",
diff --git a/rules/S6676/javascript/metadata.json b/rules/S6676/javascript/metadata.json
index 2a28cdfdfb9..9d732590578 100644
--- a/rules/S6676/javascript/metadata.json
+++ b/rules/S6676/javascript/metadata.json
@@ -8,7 +8,7 @@
},
"tags": [
],
- "defaultSeverity": "Minor",
+ "defaultSeverity": "Major",
"ruleSpecification": "RSPEC-6676",
"sqKey": "S6676",
"scope": "All",
diff --git a/rules/S6679/javascript/metadata.json b/rules/S6679/javascript/metadata.json
index 5b3db685da2..b997ae23b70 100644
--- a/rules/S6679/javascript/metadata.json
+++ b/rules/S6679/javascript/metadata.json
@@ -8,7 +8,7 @@
},
"tags": [
],
- "defaultSeverity": "Minor",
+ "defaultSeverity": "Major",
"ruleSpecification": "RSPEC-6679",
"sqKey": "S6679",
"scope": "All",
diff --git a/rules/S6721/secrets/rule.adoc b/rules/S6721/secrets/rule.adoc
index 78bb15fbcbd..3d4571ccb52 100644
--- a/rules/S6721/secrets/rule.adoc
+++ b/rules/S6721/secrets/rule.adoc
@@ -6,12 +6,9 @@ include::../../../shared_content/secrets/rationale.adoc[]
=== What is the potential impact?
-Teams Workflow webhook URLs have different effects depending on their
-permissions: They can be used only to write Teams posts or to trigger other
-workflows.
+Below are some real-world scenarios that illustrate the potential impact of an attacker exploiting this secret.
-Below are some real-world scenarios that illustrate some impacts of an attacker
-exploiting the secret.
+:secret_type: webhook
include::../../../shared_content/secrets/impact/phishing.adoc[]
diff --git a/rules/S6749/javascript/metadata.json b/rules/S6749/javascript/metadata.json
index 4dc1b5235a0..006e4ec4329 100644
--- a/rules/S6749/javascript/metadata.json
+++ b/rules/S6749/javascript/metadata.json
@@ -9,7 +9,7 @@
"tags": [
"react"
],
- "defaultSeverity": "Major",
+ "defaultSeverity": "Minor",
"ruleSpecification": "RSPEC-6749",
"sqKey": "S6749",
"scope": "All",
diff --git a/rules/S6754/javascript/metadata.json b/rules/S6754/javascript/metadata.json
index 5a5db9f9ddf..5edcb13229b 100644
--- a/rules/S6754/javascript/metadata.json
+++ b/rules/S6754/javascript/metadata.json
@@ -8,7 +8,7 @@
},
"tags": [
],
- "defaultSeverity": "Major",
+ "defaultSeverity": "Minor",
"ruleSpecification": "RSPEC-6754",
"sqKey": "S6754",
"scope": "All",
diff --git a/rules/S6759/javascript/metadata.json b/rules/S6759/javascript/metadata.json
index 0e4f40df309..61c6fd74ad5 100644
--- a/rules/S6759/javascript/metadata.json
+++ b/rules/S6759/javascript/metadata.json
@@ -10,7 +10,7 @@
"react",
"type-dependent"
],
- "defaultSeverity": "Major",
+ "defaultSeverity": "Minor",
"ruleSpecification": "RSPEC-6759",
"sqKey": "S6759",
"scope": "All",
diff --git a/rules/S6762/secrets/rule.adoc b/rules/S6762/secrets/rule.adoc
index eace6babd21..f19db1d306e 100644
--- a/rules/S6762/secrets/rule.adoc
+++ b/rules/S6762/secrets/rule.adoc
@@ -10,13 +10,11 @@ If an attacker gains access to a Grafana personal access token or Granafa Cloud
Depending on the permissions given to the secret, the impact might range from the compromise of the data of some dashboards to a full takeover of the Grafana environment.
-include::../../../shared_content/secrets/impact/data_compromise.adoc[]
-
-==== Application takeover
+:service_name: Grafana
-With control over the Grafana application, the attacker can modify dashboards, alter data sources, or inject malicious code. This can result in the manipulation of displayed data, misleading visualizations, or even the introduction of backdoors for further exploitation.
+include::../../../shared_content/secrets/impact/data_compromise.adoc[]
-The attacker may even attempt to escalate their privileges within the Grafana environment. By gaining administrative access or higher-level permissions, they can perform more significant actions, such as modifying access controls, adding or deleting users, or changing system configurations.
+include::../../../shared_content/secrets/impact/dataviz_takeover.adoc[]
== How to fix it
diff --git a/rules/S6767/javascript/metadata.json b/rules/S6767/javascript/metadata.json
index d98c2561bdd..d9abd67c033 100644
--- a/rules/S6767/javascript/metadata.json
+++ b/rules/S6767/javascript/metadata.json
@@ -9,7 +9,7 @@
"tags": [
"react"
],
- "defaultSeverity": "Major",
+ "defaultSeverity": "Minor",
"ruleSpecification": "RSPEC-6767",
"sqKey": "S6767",
"scope": "All",
diff --git a/rules/S6770/javascript/metadata.json b/rules/S6770/javascript/metadata.json
index 4a79740f6af..888c18c5430 100644
--- a/rules/S6770/javascript/metadata.json
+++ b/rules/S6770/javascript/metadata.json
@@ -9,7 +9,7 @@
"tags": [
"react"
],
- "defaultSeverity": "Major",
+ "defaultSeverity": "Minor",
"ruleSpecification": "RSPEC-6770",
"sqKey": "S6770",
"scope": "All",
diff --git a/rules/S6775/javascript/metadata.json b/rules/S6775/javascript/metadata.json
index dda8e387ca9..c4c7e768c94 100644
--- a/rules/S6775/javascript/metadata.json
+++ b/rules/S6775/javascript/metadata.json
@@ -9,7 +9,7 @@
"tags": [
"react"
],
- "defaultSeverity": "Major",
+ "defaultSeverity": "Minor",
"ruleSpecification": "RSPEC-6775",
"sqKey": "S6775",
"scope": "All",
diff --git a/rules/S6836/javascript/metadata.json b/rules/S6836/javascript/metadata.json
index 2b6860eb574..5fbdcab7362 100644
--- a/rules/S6836/javascript/metadata.json
+++ b/rules/S6836/javascript/metadata.json
@@ -8,7 +8,7 @@
},
"tags": [
],
- "defaultSeverity": "Minor",
+ "defaultSeverity": "Major",
"ruleSpecification": "RSPEC-6836",
"sqKey": "S6836",
"scope": "All",
diff --git a/rules/S6849/javascript/metadata.json b/rules/S6849/javascript/metadata.json
index 5addc8ff6f7..704a90b4728 100644
--- a/rules/S6849/javascript/metadata.json
+++ b/rules/S6849/javascript/metadata.json
@@ -18,7 +18,7 @@
]
},
- "defaultSeverity": "Minor",
+ "defaultSeverity": "Major",
"ruleSpecification": "RSPEC-6849",
"sqKey": "S6849",
"scope": "All",
diff --git a/rules/S7091/java/metadata.json b/rules/S7091/java/metadata.json
new file mode 100644
index 00000000000..f216db94ad0
--- /dev/null
+++ b/rules/S7091/java/metadata.json
@@ -0,0 +1,25 @@
+{
+ "title": "Circular dependencies between classes across packages should be resolved",
+ "type": "CODE_SMELL",
+ "status": "ready",
+ "remediation": {
+ "func": "Constant\/Issue",
+ "constantCost": "0min"
+ },
+ "tags": [
+ "architecture",
+ "design"
+ ],
+ "defaultSeverity": "Major",
+ "ruleSpecification": "RSPEC-7091",
+ "sqKey": "S7091",
+ "scope": "All",
+ "defaultQualityProfiles": ["Sonar way"],
+ "quickfix": "infeasible",
+ "code": {
+ "impacts": {
+ "MAINTAINABILITY": "HIGH"
+ },
+ "attribute": "MODULAR"
+ }
+}
diff --git a/rules/S7091/java/rule.adoc b/rules/S7091/java/rule.adoc
new file mode 100644
index 00000000000..dce84a3acc0
--- /dev/null
+++ b/rules/S7091/java/rule.adoc
@@ -0,0 +1,71 @@
+This rule reports circular dependencies between classes across different packages.
+
+== Why is this an issue?
+
+Circular dependencies occur when two classes reference each other, either directly or indirectly.
+This means that the classes' dependency structure does not represent an intuitive hierarchy, which makes it harder to understand and maintain.
+
+Compared to S7027, this issue is even more significant when a cycle crosses package boundaries because:
+
+1. It disrupts the dependency hierarchy or layer structure even between packages.
+2. It spreads the problem across more distant locations in the source code.
+
+=== What is the potential impact?
+
+Circular dependencies increase the architectural complexity of the code, reducing its readability, extensibility, and maintainability.
+As the project grows, circular dependencies often lead to more circular dependencies, further complication of the architecture and increasing technical debt.
+Over time, untangling these dependencies becomes increasingly difficult.
+
+== How to fix it
+
+1. **Extract an interface**: If two classes share similar functionality, move that functionality to an interface that both can implement. This allows each class to depend on the interface rather than on each other.
+
+2. **Use dependency injection**: Replace direct references between classes with dependency injection. By passing necessary objects as parameters through constructors or setters, you break the circular reference, making your code more flexible and easier to test.
+
+3. **Split responsibilities**: Evaluate whether each class is handling too many responsibilities. If so, break them down into smaller, more focused classes. This eliminates circular dependencies and makes sure your code has fewer reasons to change, making it easier to manage and extend.
+
+4. **Rethink the package structure**
+
+=== Code examples
+
+==== Noncompliant code example
+
+The following code contains two cycles: Order → Customer → Order, and Order → Product → Order. Furthermore, both cycles are connected to each other via class Order. This is called _a tangle consisting of two cycles_.
+
+[source,java,diff-id=1,diff-type=noncompliant]
+----
+class Order {
+ public Customer customer;
+ public List products;
+}
+class Customer {
+ public List orders;
+}
+class Product {
+ public List orders;
+}
+----
+
+==== Compliant solution
+
+The issue can be resolved by changing the structure. Two service functions can replace the dependencies Customer → Order and Product → Order.
+
+[source,java,diff-id=1,diff-type=compliant]
+----
+class Order {
+ public Customer customer;
+ public List products;
+}
+class Customer { }
+class Product { }
+interface OrderService {
+ List getOrdersByCustomer(Customer customer);
+ List getOrdersByProduct(Product product);
+}
+----
+
+== Resources
+
+- Wikipedia - https://en.wikipedia.org/wiki/Acyclic_dependencies_principle[Acyclic dependencies principle]
+- STAN - https://stan4j.com/advanced/adp/[Acyclic dependencies principle]
+- RSPEC - https://sonarsource.github.io/rspec/#/rspec/S7027/java[S7027: Circular dependencies between classes in the same package should be resolved]
diff --git a/rules/S7091/metadata.json b/rules/S7091/metadata.json
new file mode 100644
index 00000000000..2c63c085104
--- /dev/null
+++ b/rules/S7091/metadata.json
@@ -0,0 +1,2 @@
+{
+}
diff --git a/rules/S7131/csharp/metadata.json b/rules/S7131/csharp/metadata.json
new file mode 100644
index 00000000000..2c63c085104
--- /dev/null
+++ b/rules/S7131/csharp/metadata.json
@@ -0,0 +1,2 @@
+{
+}
diff --git a/rules/S7131/csharp/rule.adoc b/rules/S7131/csharp/rule.adoc
new file mode 100644
index 00000000000..ca89ed5537e
--- /dev/null
+++ b/rules/S7131/csharp/rule.adoc
@@ -0,0 +1,80 @@
+
+include::../description-dotnet.adoc[]
+
+=== Code examples
+
+==== Noncompliant code example
+
+[source,csharp,diff-id=1,diff-type=noncompliant]
+----
+public class Example
+{
+ private static ReaderWriterLock rwLock = new();
+
+ public void Writer()
+ {
+ rwLock.AcquireWriterLock(2000);
+ try
+ {
+ // ...
+ }
+ finally
+ {
+ rwLock.ReleaseReaderLock(); // Noncompliant, will throw runtime exception
+ }
+ }
+
+ public void Reader()
+ {
+ rwLock.AcquireReaderLock(2000);
+ try
+ {
+ // ...
+ }
+ finally
+ {
+ rwLock.ReleaseWriterLock(); // Noncompliant, will throw runtime exception
+ }
+ }
+}
+----
+
+==== Compliant solution
+
+[source,csharp,diff-id=1,diff-type=compliant]
+----
+public class Example
+{
+ private static ReaderWriterLock rwLock = new();
+
+ public static void Writer()
+ {
+ rwLock.AcquireWriterLock(2000);
+ try
+ {
+ // ...
+ }
+ finally
+ {
+ rwLock.ReleaseWriterLock();
+ }
+ }
+
+ public static void Reader()
+ {
+ rwLock.AcquireReaderLock(2000);
+ try
+ {
+ // ...
+ }
+ finally
+ {
+ rwLock.ReleaseReaderLock();
+ }
+ }
+}
+----
+
+include::../resources-dotnet.adoc[]
+
+include::../rspecator.adoc[]
\ No newline at end of file
diff --git a/rules/S7131/description-dotnet.adoc b/rules/S7131/description-dotnet.adoc
new file mode 100644
index 00000000000..f63e0a3c890
--- /dev/null
+++ b/rules/S7131/description-dotnet.adoc
@@ -0,0 +1,15 @@
+When using https://learn.microsoft.com/en-us/dotnet/api/system.threading.readerwriterlock[ReaderWriterLock] and https://learn.microsoft.com/en-us/dotnet/api/system.threading.readerwriterlockslim[ReaderWriterLockSlim] for managing read and write locks, you should not release a read lock while holding a write lock and vice versa, otherwise you might have runtime exceptions.
+The locks should be always correctly paired so that the shared resource is accessed safely.
+
+This rule raises if:
+
+* you call https://learn.microsoft.com/en-us/dotnet/api/system.threading.readerwriterlock.acquirewriterlock[ReaderWriterLock.AcquireWriterLock] or https://learn.microsoft.com/en-us/dotnet/api/system.threading.readerwriterlock.upgradetowriterlock[ReaderWriterLock.UpgradeToWriterLock] and then use https://learn.microsoft.com/en-us/dotnet/api/system.threading.readerwriterlock.releasereaderlock[ReaderWriterLock.ReleaseReaderLock]
+* you call https://learn.microsoft.com/en-us/dotnet/api/system.threading.readerwriterlockslim.enterwritelock[ReaderWriterLockSlim.EnterWriteLock] or https://learn.microsoft.com/en-us/dotnet/api/system.threading.readerwriterlockslim.tryenterwritelock[ReaderWriterLockSlim.TryEnterWriteLock] and then use https://learn.microsoft.com/en-us/dotnet/api/system.threading.readerwriterlockslim.exitreadlock[ReaderWriterLockSlim.ExitReadLock]
+* you call https://learn.microsoft.com/en-us/dotnet/api/system.threading.readerwriterlock.acquirereaderlock[ReaderWriterLock.AcquireReaderLock] or https://learn.microsoft.com/en-us/dotnet/api/system.threading.readerwriterlock.downgradefromwriterlock[ReaderWriterLock.DowngradeFromWriterLock] and then use https://learn.microsoft.com/en-us/dotnet/api/system.threading.readerwriterlock.releasewriterlock[ReaderWriterLock.ReleaseWriterLock]
+* or you call https://learn.microsoft.com/en-us/dotnet/api/system.threading.readerwriterlockslim.enterreadlock[ReaderWriterLockSlim.EnterReadLock], https://learn.microsoft.com/en-us/dotnet/api/system.threading.readerwriterlockslim.tryenterreadlock[ReaderWriterLockSlim.TryEnterReadLock], https://learn.microsoft.com/en-us/dotnet/api/system.threading.readerwriterlockslim.enterupgradeablereadlock[ReaderWriterLockSlim.EnterUpgradeableReadLock] or https://learn.microsoft.com/en-us/dotnet/api/system.threading.readerwriterlockslim.tryenterupgradeablereadlock[ReaderWriterLockSlim.TryEnterUpgradeableReadLock] and then use https://learn.microsoft.com/en-us/dotnet/api/system.threading.readerwriterlockslim.exitwritelock[ReaderWriterLockSlim.ExitWriteLock]
+
+
+== Why is this an issue?
+
+If you use the `ReaderWriterLockSlim` class, you will get a https://learn.microsoft.com/en-us/dotnet/api/system.threading.lockrecursionexception[LockRecursionException].
+In the case of `ReaderWriterLock`, you'll get a runtime exception for trying to release a lock that is not owned by the calling thread.
diff --git a/rules/S7131/message.adoc b/rules/S7131/message.adoc
new file mode 100644
index 00000000000..d6364cd3472
--- /dev/null
+++ b/rules/S7131/message.adoc
@@ -0,0 +1,3 @@
+=== Message
+
+You should not release this [reader/writer] lock when [reader/writer] lock was acquired
diff --git a/rules/S7131/metadata.json b/rules/S7131/metadata.json
new file mode 100644
index 00000000000..6746948bd61
--- /dev/null
+++ b/rules/S7131/metadata.json
@@ -0,0 +1,23 @@
+{
+ "title": "A write lock should not be released when a read lock has been acquired and vice versa",
+ "type": "BUG",
+ "status": "ready",
+ "remediation": {
+ "func": "Constant\/Issue",
+ "constantCost": "30min"
+ },
+ "tags": [
+ ],
+ "defaultSeverity": "Major",
+ "ruleSpecification": "RSPEC-7131",
+ "sqKey": "S7131",
+ "scope": "All",
+ "defaultQualityProfiles": ["Sonar way"],
+ "quickfix": "infeasible",
+ "code": {
+ "impacts": {
+ "RELIABILITY": "HIGH"
+ },
+ "attribute": "LOGICAL"
+ }
+}
diff --git a/rules/S7131/resources-dotnet.adoc b/rules/S7131/resources-dotnet.adoc
new file mode 100644
index 00000000000..c12a3ab7ff7
--- /dev/null
+++ b/rules/S7131/resources-dotnet.adoc
@@ -0,0 +1,6 @@
+== Resources
+
+=== Documentation
+
+* Microsoft Learn - https://learn.microsoft.com/en-us/dotnet/api/system.threading.readerwriterlock[ReaderWriterLock Class]
+* Microsoft Learn - https://learn.microsoft.com/en-us/dotnet/api/system.threading.readerwriterlockslim[ReaderWriterLockSlim]
\ No newline at end of file
diff --git a/rules/S7131/rspecator.adoc b/rules/S7131/rspecator.adoc
new file mode 100644
index 00000000000..38bc5e559c4
--- /dev/null
+++ b/rules/S7131/rspecator.adoc
@@ -0,0 +1,9 @@
+ifdef::env-github,rspecator-view[]
+
+'''
+== Implementation Specification
+(visible only on this page)
+
+include::message.adoc[]
+
+endif::env-github,rspecator-view[]
\ No newline at end of file
diff --git a/rules/S7131/vbnet/metadata.json b/rules/S7131/vbnet/metadata.json
new file mode 100644
index 00000000000..7a73a41bfdf
--- /dev/null
+++ b/rules/S7131/vbnet/metadata.json
@@ -0,0 +1,2 @@
+{
+}
\ No newline at end of file
diff --git a/rules/S7131/vbnet/rule.adoc b/rules/S7131/vbnet/rule.adoc
new file mode 100644
index 00000000000..a69d9592acb
--- /dev/null
+++ b/rules/S7131/vbnet/rule.adoc
@@ -0,0 +1,65 @@
+include::../description-dotnet.adoc[]
+
+=== Code examples
+
+==== Noncompliant code example
+
+[source,vbnet,diff-id=1,diff-type=noncompliant]
+----
+Public Class Example
+
+ Private Shared rwLock As New ReaderWriterLock()
+
+ Public Sub Writer()
+ rwLock.AcquireWriterLock(2000)
+ Try
+ ' ...
+ Finally
+ rwLock.ReleaseReaderLock() ' Noncompliant, will throw runtime exception
+ End Try
+ End Sub
+
+ Public Sub Reader()
+ rwLock.AcquireReaderLock(2000)
+ Try
+ ' ...
+ Finally
+ rwLock.ReleaseWriterLock() ' Noncompliant, will throw runtime exception
+ End Try
+ End Sub
+
+End Class
+----
+
+==== Compliant solution
+
+[source,vbnet,diff-id=1,diff-type=compliant]
+----
+Public Class Example
+
+ Private Shared rwLock As New ReaderWriterLock()
+
+ Public Shared Sub Writer()
+ rwLock.AcquireWriterLock(2000)
+ Try
+ ' ...
+ Finally
+ rwLock.ReleaseWriterLock()
+ End Try
+ End Sub
+
+ Public Shared Sub Reader()
+ rwLock.AcquireReaderLock(2000)
+ Try
+ ' ...
+ Finally
+ rwLock.ReleaseReaderLock()
+ End Try
+ End Sub
+
+End Class
+----
+
+include::../resources-dotnet.adoc[]
+
+include::../rspecator.adoc[]
\ No newline at end of file
diff --git a/rules/S7133/csharp/metadata.json b/rules/S7133/csharp/metadata.json
new file mode 100644
index 00000000000..2c63c085104
--- /dev/null
+++ b/rules/S7133/csharp/metadata.json
@@ -0,0 +1,2 @@
+{
+}
diff --git a/rules/S7133/csharp/rule.adoc b/rules/S7133/csharp/rule.adoc
new file mode 100644
index 00000000000..fc9723ecab5
--- /dev/null
+++ b/rules/S7133/csharp/rule.adoc
@@ -0,0 +1,51 @@
+include::../description-dotnet.adoc[]
+
+=== Code examples
+
+==== Noncompliant code example
+
+[source,csharp,diff-id=1,diff-type=noncompliant]
+----
+public class Example
+{
+ private static ReaderWriterLock rwLock = new();
+
+ public void AcquireWriterLock() =>
+ rwLock.AcquireWriterLock(2000); // Noncompliant, as the lock release is on the callers responsibility
+
+ public void DoSomething()
+ {
+ // ...
+ }
+
+ public void ReleaseWriterLock() =>
+ rwLock.ReleaseWriterLock();
+}
+----
+
+==== Compliant solution
+
+[source,csharp,diff-id=1,diff-type=compliant]
+----
+public class Example
+{
+ private static ReaderWriterLock rwLock = new();
+
+ public void DoSomething()
+ {
+ rwLock.AcquireWriterLock(2000); // Compliant, locks are released in the same method
+ try
+ {
+ // ...
+ }
+ finally
+ {
+ rwLock.ReleaseWriterLock();
+ }
+ }
+}
+----
+
+include::../resources-dotnet.adoc[]
+
+include::../rspecator.adoc[]
\ No newline at end of file
diff --git a/rules/S7133/description-dotnet.adoc b/rules/S7133/description-dotnet.adoc
new file mode 100644
index 00000000000..a67b1e67612
--- /dev/null
+++ b/rules/S7133/description-dotnet.adoc
@@ -0,0 +1,19 @@
+This rule raises if you acquire a lock with one of the following methods, and do not release it within the same method.
+
+* https://learn.microsoft.com/en-us/dotnet/api/system.threading.readerwriterlock.acquirereaderlock[ReaderWriterLock.AcquireReaderLock]
+* https://learn.microsoft.com/en-us/dotnet/api/system.threading.readerwriterlock.acquirewriterlock[ReaderWriterLock.AcquireWriterLock]
+* https://learn.microsoft.com/en-us/dotnet/api/system.threading.readerwriterlockslim.enterreadlock[ReaderWriterLockSlim.EnterReadLock]
+* https://learn.microsoft.com/en-us/dotnet/api/system.threading.readerwriterlockslim.enterupgradeablereadlock[ReaderWriterLockSlim.EnterUpgradeableReadLock]
+* https://learn.microsoft.com/en-us/dotnet/api/system.threading.readerwriterlockslim.tryenterreadlock[ReaderWriterLockSlim.TryEnterReadLock]
+* https://learn.microsoft.com/en-us/dotnet/api/system.threading.readerwriterlockslim.tryenterupgradeablereadlock[ReaderWriterLockSlim.TryEnterUpgradeableReadLock]
+* https://learn.microsoft.com/en-us/dotnet/api/system.threading.readerwriterlockslim.enterwritelock[ReaderWriterLockSlim.EnterWriteLock]
+* https://learn.microsoft.com/en-us/dotnet/api/system.threading.readerwriterlockslim.tryenterwritelock[ReaderWriterLockSlim.TryEnterWriteLock]
+* https://learn.microsoft.com/en-us/dotnet/api/system.threading.spinlock.enter[SpinLock.Enter]
+* https://learn.microsoft.com/en-us/dotnet/api/system.threading.spinlock.tryenter[SpinLock.TryEnter]
+
+This rule will raise an issue when the code uses the https://learn.microsoft.com/en-us/dotnet/standard/garbage-collection/implementing-dispose[disposable pattern]. This pattern makes locking easy to use and delegates the responsibility to the caller. Users should accept issues in such cases, as they should appear only once for each synchronization type.
+
+== Why is this an issue?
+
+Not releasing a lock in the same method where you acquire it, and releasing in another one, makes the code less clear and harder to maintain. You are also introducing the risk of not releasing a lock at all which can lead to deadlocks or exceptions.
+
diff --git a/rules/S7133/message.adoc b/rules/S7133/message.adoc
new file mode 100644
index 00000000000..1433517ee78
--- /dev/null
+++ b/rules/S7133/message.adoc
@@ -0,0 +1,4 @@
+=== Message
+
+You should release this lock in the same method.
+
diff --git a/rules/S7133/metadata.json b/rules/S7133/metadata.json
new file mode 100644
index 00000000000..857ac7be582
--- /dev/null
+++ b/rules/S7133/metadata.json
@@ -0,0 +1,23 @@
+{
+ "title": "Locks should be released within the same method",
+ "type": "BUG",
+ "status": "ready",
+ "remediation": {
+ "func": "Constant\/Issue",
+ "constantCost": "5min"
+ },
+ "tags": [
+ ],
+ "defaultSeverity": "Major",
+ "ruleSpecification": "RSPEC-7133",
+ "sqKey": "S7133",
+ "scope": "All",
+ "defaultQualityProfiles": [ "Sonar way" ],
+ "quickfix": "targeted",
+ "code": {
+ "impacts": {
+ "RELIABILITY": "HIGH"
+ },
+ "attribute": "CONVENTIONAL"
+ }
+}
diff --git a/rules/S7133/resources-dotnet.adoc b/rules/S7133/resources-dotnet.adoc
new file mode 100644
index 00000000000..62024b2f37f
--- /dev/null
+++ b/rules/S7133/resources-dotnet.adoc
@@ -0,0 +1,7 @@
+== Resources
+
+=== Documentation
+
+* Microsoft Learn - https://learn.microsoft.com/en-us/dotnet/api/system.threading.readerwriterlock[ReaderWriterLock Class]
+* Microsoft Learn - https://learn.microsoft.com/en-us/dotnet/api/system.threading.readerwriterlockslim[ReaderWriterLockSlim Classs]
+* Microsoft Learn - https://learn.microsoft.com/en-us/dotnet/api/system.threading.spinlock[SpinLock Struct]
diff --git a/rules/S7133/rspecator.adoc b/rules/S7133/rspecator.adoc
new file mode 100644
index 00000000000..a791a6b354e
--- /dev/null
+++ b/rules/S7133/rspecator.adoc
@@ -0,0 +1,9 @@
+ifdef::env-github,rspecator-view[]
+
+'''
+== Implementation Specification
+(visible only on this page)
+
+include::message.adoc[]
+
+endif::env-github,rspecator-view[]
diff --git a/rules/S7133/vbnet/metadata.json b/rules/S7133/vbnet/metadata.json
new file mode 100644
index 00000000000..2c63c085104
--- /dev/null
+++ b/rules/S7133/vbnet/metadata.json
@@ -0,0 +1,2 @@
+{
+}
diff --git a/rules/S7133/vbnet/rule.adoc b/rules/S7133/vbnet/rule.adoc
new file mode 100644
index 00000000000..fda2c15b988
--- /dev/null
+++ b/rules/S7133/vbnet/rule.adoc
@@ -0,0 +1,50 @@
+include::../description-dotnet.adoc[]
+
+=== Code examples
+
+==== Noncompliant code example
+
+[source,vbnet,diff-id=1,diff-type=noncompliant]
+----
+Public Class Example
+
+ Private Shared rwLock As New ReaderWriterLock
+
+ Public Sub AcquireWriterLock()
+ rwLock.AcquireWriterLock(2000) ' Noncompliant, as the lock release is on the callers responsibility
+ End Sub
+
+ Public Sub DoSomething()
+ ' ...
+ End Sub
+
+ Public Sub ReleaseWriterLock()
+ rwLock.ReleaseWriterLock()
+ End Sub
+
+End Class
+----
+
+==== Compliant solution
+
+[source,vbnet,diff-id=1,diff-type=compliant]
+----
+Public Class Example
+
+ Private Shared rwLock As New ReaderWriterLock
+
+ Public Sub DoSomething()
+ rwLock.AcquireWriterLock(2000) ' Compliant, locks are released in the same method
+ Try
+ ' ...
+ Finally
+ rwLock.ReleaseWriterLock()
+ End Try
+ End Sub
+
+End Class
+----
+
+include::../resources-dotnet.adoc[]
+
+include::../rspecator.adoc[]
\ No newline at end of file
diff --git a/rules/S7134/java/metadata.json b/rules/S7134/java/metadata.json
new file mode 100644
index 00000000000..7bba98d3341
--- /dev/null
+++ b/rules/S7134/java/metadata.json
@@ -0,0 +1,25 @@
+{
+ "title": "Architectural constraints should not be violated",
+ "type": "CODE_SMELL",
+ "status": "ready",
+ "remediation": {
+ "func": "Constant\/Issue",
+ "constantCost": "0min"
+ },
+ "tags": [
+ "architecture",
+ "design"
+ ],
+ "defaultSeverity": "Major",
+ "ruleSpecification": "RSPEC-7134",
+ "sqKey": "S7134",
+ "scope": "All",
+ "defaultQualityProfiles": ["Sonar way"],
+ "quickfix": "infeasible",
+ "code": {
+ "impacts": {
+ "MAINTAINABILITY": "HIGH"
+ },
+ "attribute": "MODULAR"
+ }
+}
diff --git a/rules/S7134/java/rule.adoc b/rules/S7134/java/rule.adoc
new file mode 100644
index 00000000000..fb867ec3eeb
--- /dev/null
+++ b/rules/S7134/java/rule.adoc
@@ -0,0 +1,62 @@
+This rule reports when a class, package or other source code component violates the architectural constraints defined for a project.
+
+== Why is this an issue?
+
+There is a reference from one source code component to another that is prohibited by the architectural constraints defined for the project.
+These definitions are made by the maintainers of the project in the architecture configuration file.
+
+=== What is the potential impact?
+
+Over time, codebases often drift from the intended project architecture,
+gradually degrading the code structure and misaligning it with the original design.
+
+This misalignment reduces visibility and control over daily decisions affecting the architecture.
+As these small decisions accumulate, the codebase becomes harder to understand, and the architecture grows increasingly complex and unstructured.
+
+== How to fix it
+
+Refactor your source code to adhere to the architectural constraints.
+The specific approach will depend on your project architecture and the code violating the constraints.
+For example, you might replace a function call with an alternative function call from another software layer
+or create a new function in that layer to maintain a clean architecture.
+
+=== Code examples
+
+Assuming that for source code components in directory `./src/main/com/example/panels`, access to
+components in directory `./src/main/com/example/repos` is constrained:
+
+==== Noncompliant code example
+
+[source,java,diff-id=1,diff-type=noncompliant]
+----
+package com.example.panels;
+
+import com.example.repos.CustomerRepo;
+
+class ShowCustomersPanel extends Panel {
+
+ CustomerRepo customerRepo = ...;
+
+ List customers = customerRepo.findAll();
+}
+----
+
+==== Compliant solution
+
+[source,java,diff-id=1,diff-type=compliant]
+----
+package com.example.panels;
+
+import com.example.services.CustomerService;
+
+class ShowCustomersPanel extends Panel {
+
+ CustomerService customerService = ...;
+
+ List customers = customerService.getAllCustomers();
+}
+----
+
+=== Documentation
+
+- Defining architectural constraints for SonarQube
diff --git a/rules/S7134/metadata.json b/rules/S7134/metadata.json
new file mode 100644
index 00000000000..2c63c085104
--- /dev/null
+++ b/rules/S7134/metadata.json
@@ -0,0 +1,2 @@
+{
+}
diff --git a/rules/S7158/java/metadata.json b/rules/S7158/java/metadata.json
new file mode 100644
index 00000000000..7142ff20cfb
--- /dev/null
+++ b/rules/S7158/java/metadata.json
@@ -0,0 +1,24 @@
+{
+ "title": "\"String.isEmpty()\" should be used to test for emptiness",
+ "type": "CODE_SMELL",
+ "status": "ready",
+ "remediation": {
+ "func": "Constant\/Issue",
+ "constantCost": "2min"
+ },
+ "tags": [],
+ "defaultSeverity": "Minor",
+ "ruleSpecification": "RSPEC-7158",
+ "sqKey": "S7158",
+ "scope": "All",
+ "defaultQualityProfiles": [
+ "Sonar way"
+ ],
+ "quickfix": "targeted",
+ "code": {
+ "impacts": {
+ "MAINTAINABILITY": "LOW"
+ },
+ "attribute": "CLEAR"
+ }
+}
diff --git a/rules/S7158/java/rule.adoc b/rules/S7158/java/rule.adoc
new file mode 100644
index 00000000000..7eb6bab3efe
--- /dev/null
+++ b/rules/S7158/java/rule.adoc
@@ -0,0 +1,28 @@
+== Why is this an issue?
+
+Calling `String.isEmpty()` clearly communicates the code's intention, which is to test if the string is empty. Using `String.length() == 0` is less direct and makes the code less readable.
+
+== How to fix it
+
+=== Code examples
+
+==== Noncompliant code example
+[source,java,diff-id=1,diff-type=noncompliant]
+----
+if ("string".length() == 0) { /* … */ } // Noncompliant
+
+if ("string".length() > 0) { /* … */ } // Noncompliant
+----
+
+==== Compliant solution
+[source,java,diff-id=1,diff-type=compliant]
+----
+if ("string".isEmpty()){ /* … */ }
+
+if (!"string".isEmpty()){ /* … */ }
+----
+
+== Resources
+=== Documentation
+
+* Java Documentation - https://docs.oracle.com/javase/7/docs/api/java/lang/String.html#isEmpty()[java.lang.String.isEmpty() method]
diff --git a/rules/S7158/metadata.json b/rules/S7158/metadata.json
new file mode 100644
index 00000000000..2c63c085104
--- /dev/null
+++ b/rules/S7158/metadata.json
@@ -0,0 +1,2 @@
+{
+}
diff --git a/rules/S7161/metadata.json b/rules/S7161/metadata.json
new file mode 100644
index 00000000000..2c63c085104
--- /dev/null
+++ b/rules/S7161/metadata.json
@@ -0,0 +1,2 @@
+{
+}
diff --git a/rules/S7161/secrets/metadata.json b/rules/S7161/secrets/metadata.json
new file mode 100644
index 00000000000..3b6e609727c
--- /dev/null
+++ b/rules/S7161/secrets/metadata.json
@@ -0,0 +1,56 @@
+{
+ "title": "Tableau secrets should not be disclosed",
+ "type": "VULNERABILITY",
+ "code": {
+ "impacts": {
+ "SECURITY": "HIGH"
+ },
+ "attribute": "TRUSTWORTHY"
+ },
+ "status": "ready",
+ "remediation": {
+ "func": "Constant\/Issue",
+ "constantCost": "30min"
+ },
+ "tags": [
+ "cwe",
+ "cert"
+ ],
+ "defaultSeverity": "Blocker",
+ "ruleSpecification": "RSPEC-7161",
+ "sqKey": "S7161",
+ "scope": "All",
+ "securityStandards": {
+ "CWE": [
+ 798,
+ 259
+ ],
+ "OWASP": [
+ "A3"
+ ],
+ "CERT": [
+ "MSC03-J."
+ ],
+ "OWASP Top 10 2021": [
+ "A7"
+ ],
+ "PCI DSS 3.2": [
+ "6.5.10"
+ ],
+ "PCI DSS 4.0": [
+ "6.2.4"
+ ],
+ "ASVS 4.0": [
+ "2.10.4",
+ "3.5.2",
+ "6.4.1"
+ ],
+ "STIG ASD_V5R3": [
+ "V-222642"
+ ]
+ },
+ "defaultQualityProfiles": [
+ "Sonar way"
+ ],
+ "quickfix": "unknown"
+}
diff --git a/rules/S7161/secrets/rule.adoc b/rules/S7161/secrets/rule.adoc
new file mode 100644
index 00000000000..f525725c372
--- /dev/null
+++ b/rules/S7161/secrets/rule.adoc
@@ -0,0 +1,46 @@
+
+include::../../../shared_content/secrets/description.adoc[]
+
+== Why is this an issue?
+
+include::../../../shared_content/secrets/rationale.adoc[]
+
+=== What is the potential impact?
+
+Tableau secrets scopes depend on the type of secret. From the most impactful to
+the least:
+
+1. Account passwords
+2. Personal access tokens (PAT)
+3. "Credentials token", received after a SignIn request
+
+Their scopes vary in terms of lifetime, access, and privileges.
+
+Below are some real-world scenarios that illustrate some impacts of an attacker
+exploiting the secret.
+
+:secret_type: secret
+:service_name: Tableau
+
+include::../../../shared_content/secrets/impact/data_compromise.adoc[]
+
+include::../../../shared_content/secrets/impact/dataviz_takeover.adoc[]
+
+== How to fix it
+
+include::../../../shared_content/secrets/fix/revoke.adoc[]
+
+include::../../../shared_content/secrets/fix/vault.adoc[]
+
+=== Code examples
+
+:example_secret: FMWBZfscS96flnAPXVY06w|QQsOzThG6hqNvZcd6OPIpZs88lgcYTcb|77bfee95-c689-4fd1-a7e0-2cf050adbbb2
+:example_name: tableau-auth
+:example_env: TABLEAU_AUTH
+
+include::../../../shared_content/secrets/examples.adoc[]
+
+== Resources
+
+include::../../../shared_content/secrets/resources/standards.adoc[]
+
diff --git a/rules/S7162/metadata.json b/rules/S7162/metadata.json
new file mode 100644
index 00000000000..2c63c085104
--- /dev/null
+++ b/rules/S7162/metadata.json
@@ -0,0 +1,2 @@
+{
+}
diff --git a/rules/S7162/secrets/metadata.json b/rules/S7162/secrets/metadata.json
new file mode 100644
index 00000000000..e72f008ac93
--- /dev/null
+++ b/rules/S7162/secrets/metadata.json
@@ -0,0 +1,56 @@
+{
+ "title": "Dropbox OAuth tokens should not be disclosed",
+ "type": "VULNERABILITY",
+ "code": {
+ "impacts": {
+ "SECURITY": "HIGH"
+ },
+ "attribute": "TRUSTWORTHY"
+ },
+ "status": "ready",
+ "remediation": {
+ "func": "Constant\/Issue",
+ "constantCost": "30min"
+ },
+ "tags": [
+ "cwe",
+ "cert"
+ ],
+ "defaultSeverity": "Blocker",
+ "ruleSpecification": "RSPEC-7162",
+ "sqKey": "S7162",
+ "scope": "All",
+ "securityStandards": {
+ "CWE": [
+ 798,
+ 259
+ ],
+ "OWASP": [
+ "A3"
+ ],
+ "CERT": [
+ "MSC03-J."
+ ],
+ "OWASP Top 10 2021": [
+ "A7"
+ ],
+ "PCI DSS 3.2": [
+ "6.5.10"
+ ],
+ "PCI DSS 4.0": [
+ "6.2.4"
+ ],
+ "ASVS 4.0": [
+ "2.10.4",
+ "3.5.2",
+ "6.4.1"
+ ],
+ "STIG ASD_V5R3": [
+ "V-222642"
+ ]
+ },
+ "defaultQualityProfiles": [
+ "Sonar way"
+ ],
+ "quickfix": "unknown"
+}
diff --git a/rules/S7162/secrets/rule.adoc b/rules/S7162/secrets/rule.adoc
new file mode 100644
index 00000000000..b412d5e4d2a
--- /dev/null
+++ b/rules/S7162/secrets/rule.adoc
@@ -0,0 +1,66 @@
+include::../../../shared_content/secrets/description.adoc[]
+
+== Why is this an issue?
+
+include::../../../shared_content/secrets/rationale.adoc[]
+
+=== What is the potential impact?
+
+// Optional: Give a general description of the secret and what it's used for.
+
+Below are some real-world scenarios that illustrate some impacts of an attacker
+exploiting the secret.
+
+// Set value that can be used to refer to the type of secret in, for example:
+// "An attacker can use this {secret_type} to ..."
+:secret_type: OAuth token
+
+// Where possible, use predefined content for common impacts. This content can
+// be found in the folder "shared_content/secrets/impact".
+// When using predefined content, search for any required variables to be set and include them in this file.
+// Not adding them will not trigger warnings.
+
+include::../../../shared_content/secrets/impact/data_compromise.adoc[]
+
+include::../../../shared_content/secrets/impact/disclosure_of_financial_data.adoc[]
+
+include::../../../shared_content/secrets/impact/malware_distribution.adoc[]
+
+== How to fix it
+
+include::../../../shared_content/secrets/fix/revoke.adoc[]
+
+include::../../../shared_content/secrets/fix/vault.adoc[]
+
+=== Code examples
+
+==== Noncompliant code example
+
+[source,java,diff-id=1,diff-type=noncompliant,subs="attributes"]
+----
+props.set("dropbox.oauth_token", "sl.B9Ew3GkQCY7vxNhzdGa6bjKf8lggUegupTReFL-dstIjsW8wsjb_7YOM2iZeMCINYAo0JSYIEN9z7MLonvtgSEed2RkTvJDLK1o90tAnsIjxbe3ePcBpXij_FsGQVip8eJ7mlgrQPqfe") // Noncompliant
+----
+
+[source,java,subs="attributes"]
+----
+props.set("dropbox.oauth_token", "rd3FHBwSz3DAAAAAAAAelHp8NrtNkXyIBTk6c-nNqWldG7Ro0fItdawO7ATguBmB") // Noncompliant
+----
+
+==== Compliant solution
+
+[source,java,diff-id=1,diff-type=compliant,subs="attributes"]
+----
+props.set("dropbox.oauth_token", userSettings.get("dropbox_oauth_token"))
+----
+
+//=== How does this work?
+
+//=== Pitfalls
+
+//=== Going the extra mile
+
+== Resources
+
+include::../../../shared_content/secrets/resources/standards.adoc[]
+
+//=== Benchmarks
diff --git a/rules/S7163/metadata.json b/rules/S7163/metadata.json
new file mode 100644
index 00000000000..2c63c085104
--- /dev/null
+++ b/rules/S7163/metadata.json
@@ -0,0 +1,2 @@
+{
+}
diff --git a/rules/S7163/secrets/metadata.json b/rules/S7163/secrets/metadata.json
new file mode 100644
index 00000000000..6a4fec8d0cc
--- /dev/null
+++ b/rules/S7163/secrets/metadata.json
@@ -0,0 +1,56 @@
+{
+ "title": "Mandrill API keys should not be disclosed",
+ "type": "VULNERABILITY",
+ "code": {
+ "impacts": {
+ "SECURITY": "HIGH"
+ },
+ "attribute": "TRUSTWORTHY"
+ },
+ "status": "ready",
+ "remediation": {
+ "func": "Constant\/Issue",
+ "constantCost": "30min"
+ },
+ "tags": [
+ "cwe",
+ "cert"
+ ],
+ "defaultSeverity": "Blocker",
+ "ruleSpecification": "RSPEC-7163",
+ "sqKey": "S7163",
+ "scope": "All",
+ "securityStandards": {
+ "CWE": [
+ 798,
+ 259
+ ],
+ "OWASP": [
+ "A3"
+ ],
+ "CERT": [
+ "MSC03-J."
+ ],
+ "OWASP Top 10 2021": [
+ "A7"
+ ],
+ "PCI DSS 3.2": [
+ "6.5.10"
+ ],
+ "PCI DSS 4.0": [
+ "6.2.4"
+ ],
+ "ASVS 4.0": [
+ "2.10.4",
+ "3.5.2",
+ "6.4.1"
+ ],
+ "STIG ASD_V5R3": [
+ "V-222642"
+ ]
+ },
+ "defaultQualityProfiles": [
+ "Sonar way"
+ ],
+ "quickfix": "unknown"
+}
diff --git a/rules/S7163/secrets/rule.adoc b/rules/S7163/secrets/rule.adoc
new file mode 100644
index 00000000000..8bc2b0d9dc4
--- /dev/null
+++ b/rules/S7163/secrets/rule.adoc
@@ -0,0 +1,35 @@
+
+include::../../../shared_content/secrets/description.adoc[]
+
+== Why is this an issue?
+
+include::../../../shared_content/secrets/rationale.adoc[]
+
+=== What is the potential impact?
+
+Below are some real-world scenarios that illustrate some impacts of an attacker
+exploiting the secret.
+
+:secret_type: API key
+
+include::../../../shared_content/secrets/impact/phishing.adoc[]
+
+include::../../../shared_content/secrets/impact/financial_loss.adoc[]
+
+== How to fix it
+
+include::../../../shared_content/secrets/fix/revoke.adoc[]
+
+include::../../../shared_content/secrets/fix/vault.adoc[]
+
+=== Code examples
+
+:example_secret: md-tYmfLurJdDlP4wDdOqEzZA
+:example_name: mandrill-api-key
+:example_env: MANDRILL_API_KEY
+
+include::../../../shared_content/secrets/examples.adoc[]
+
+== Resources
+
+include::../../../shared_content/secrets/resources/standards.adoc[]
\ No newline at end of file
diff --git a/rules/S7164/metadata.json b/rules/S7164/metadata.json
new file mode 100644
index 00000000000..2c63c085104
--- /dev/null
+++ b/rules/S7164/metadata.json
@@ -0,0 +1,2 @@
+{
+}
diff --git a/rules/S7164/secrets/metadata.json b/rules/S7164/secrets/metadata.json
new file mode 100644
index 00000000000..f157715be21
--- /dev/null
+++ b/rules/S7164/secrets/metadata.json
@@ -0,0 +1,56 @@
+{
+ "title": "Dropbox app credentials should not be disclosed",
+ "type": "VULNERABILITY",
+ "code": {
+ "impacts": {
+ "SECURITY": "HIGH"
+ },
+ "attribute": "TRUSTWORTHY"
+ },
+ "status": "ready",
+ "remediation": {
+ "func": "Constant\/Issue",
+ "constantCost": "30min"
+ },
+ "tags": [
+ "cwe",
+ "cert"
+ ],
+ "defaultSeverity": "Blocker",
+ "ruleSpecification": "RSPEC-7164",
+ "sqKey": "S7164",
+ "scope": "All",
+ "securityStandards": {
+ "CWE": [
+ 798,
+ 259
+ ],
+ "OWASP": [
+ "A3"
+ ],
+ "CERT": [
+ "MSC03-J."
+ ],
+ "OWASP Top 10 2021": [
+ "A7"
+ ],
+ "PCI DSS 3.2": [
+ "6.5.10"
+ ],
+ "PCI DSS 4.0": [
+ "6.2.4"
+ ],
+ "ASVS 4.0": [
+ "2.10.4",
+ "3.5.2",
+ "6.4.1"
+ ],
+ "STIG ASD_V5R3": [
+ "V-222642"
+ ]
+ },
+ "defaultQualityProfiles": [
+ "Sonar way"
+ ],
+ "quickfix": "unknown"
+}
diff --git a/rules/S7164/secrets/rule.adoc b/rules/S7164/secrets/rule.adoc
new file mode 100644
index 00000000000..728d81c8ca2
--- /dev/null
+++ b/rules/S7164/secrets/rule.adoc
@@ -0,0 +1,81 @@
+
+include::../../../shared_content/secrets/description.adoc[]
+
+== Why is this an issue?
+
+include::../../../shared_content/secrets/rationale.adoc[]
+
+=== What is the potential impact?
+
+// Set value that can be used to refer to the type of secret in, for example:
+// "An attacker can use this {secret_type} to ..."
+:secret_type: credentials
+
+// Where possible, use predefined content for common impacts. This content can
+// be found in the folder "shared_content/secrets/impact".
+// When using predefined content, search for any required variables to be set and include them in this file.
+// Not adding them will not trigger warnings.
+
+include::../../../shared_content/secrets/impact/oauth_token_compromise.adoc[]
+
+=== Secret storage best practice
+
+It is best practice to avoid hard-coding secrets into an application. This is
+true even in situations where the secret cannot be kept completely safe, such as
+where is must be distributed as part of a client application.
+
+Storing the secret outside of the application code makes it easier to manage
+which secret is being used. For example, it can help to ensure that a production
+secret is not accidentally used during development.
+
+== How to fix it
+
+include::../../../shared_content/secrets/fix/revoke.adoc[]
+
+include::../../../shared_content/secrets/fix/vault.adoc[]
+
+include::../../../shared_content/secrets/fix/oauth_pkce.adoc[]
+
+**Disable the implicit grant flow**
+
+Prior to the introduction of PKCE, the implicit grant flow was the recommended
+solution for applications which cannot secure a `client_secret`. Dropbox allows
+the implicit flow to be used for legacy compatibility purposes but PKCE should
+be used for all new applications. The ability to use the implicit grant flow can
+be disabled in the Dropbox App Console.
+
+=== Code examples
+
+==== Noncompliant code example
+
+[source,java,diff-id=1,diff-type=noncompliant,subs="attributes"]
+----
+props.set("dropbox.app_key", "vqg7x6qd2pviu4r")
+props.set("dropbox.app_secret", "d5r2k2le2ixosna") // Noncompliant
+----
+
+==== Compliant solution
+
+[source,java,diff-id=1,diff-type=compliant,subs="attributes"]
+----
+props.set("dropbox.app_key", System.getenv("DROPBOX_APP_KEY"))
+props.set("dropbox.app_secret", System.getenv("DROPBOX_APP_SECRET"))
+----
+
+//=== How does this work?
+
+//=== Pitfalls
+
+//=== Going the extra mile
+
+== Resources
+
+=== Documentation
+
+* Dropbox - https://www.dropbox.com/lp/developers/reference/oauth-guide[OAuth Guide]
+* IETF Datatracker - https://datatracker.ietf.org/doc/html/rfc7636[RFC 7636: Proof Key for Code Exchange]
+* IETF Datatracker - https://datatracker.ietf.org/doc/html/rfc6749#section-4.2[RFC 6749: The OAuth 2.0 Authorization Framework] - Implicit Grant
+
+include::../../../shared_content/secrets/resources/standards.adoc[]
+
+//=== Benchmarks
diff --git a/rules/S7165/metadata.json b/rules/S7165/metadata.json
new file mode 100644
index 00000000000..2c63c085104
--- /dev/null
+++ b/rules/S7165/metadata.json
@@ -0,0 +1,2 @@
+{
+}
diff --git a/rules/S7165/secrets/metadata.json b/rules/S7165/secrets/metadata.json
new file mode 100644
index 00000000000..91de70c84b4
--- /dev/null
+++ b/rules/S7165/secrets/metadata.json
@@ -0,0 +1,56 @@
+{
+ "title": "New Relic API keys should not be disclosed",
+ "type": "VULNERABILITY",
+ "code": {
+ "impacts": {
+ "SECURITY": "HIGH"
+ },
+ "attribute": "TRUSTWORTHY"
+ },
+ "status": "ready",
+ "remediation": {
+ "func": "Constant\/Issue",
+ "constantCost": "30min"
+ },
+ "tags": [
+ "cwe",
+ "cert"
+ ],
+ "defaultSeverity": "Blocker",
+ "ruleSpecification": "RSPEC-7165",
+ "sqKey": "S7165",
+ "scope": "All",
+ "securityStandards": {
+ "CWE": [
+ 798,
+ 259
+ ],
+ "OWASP": [
+ "A3"
+ ],
+ "CERT": [
+ "MSC03-J."
+ ],
+ "OWASP Top 10 2021": [
+ "A7"
+ ],
+ "PCI DSS 3.2": [
+ "6.5.10"
+ ],
+ "PCI DSS 4.0": [
+ "6.2.4"
+ ],
+ "ASVS 4.0": [
+ "2.10.4",
+ "3.5.2",
+ "6.4.1"
+ ],
+ "STIG ASD_V5R3": [
+ "V-222642"
+ ]
+ },
+ "defaultQualityProfiles": [
+ "Sonar way"
+ ],
+ "quickfix": "unknown"
+}
diff --git a/rules/S7165/secrets/rule.adoc b/rules/S7165/secrets/rule.adoc
new file mode 100644
index 00000000000..f7b9e10c7d7
--- /dev/null
+++ b/rules/S7165/secrets/rule.adoc
@@ -0,0 +1,50 @@
+
+include::../../../shared_content/secrets/description.adoc[]
+
+== Why is this an issue?
+
+include::../../../shared_content/secrets/rationale.adoc[]
+
+=== What is the potential impact?
+
+If attackers gain access to a New Relic API key, they could potentially inject forged data, retrieve sensitive information, or configure features within New Relic monitoring solutions.
+
+Below are some real-world scenarios that illustrate some impacts of an attacker
+exploiting the secret.
+
+include::../../../shared_content/secrets/impact/data_compromise.adoc[]
+
+include::../../../shared_content/secrets/impact/data_modification.adoc[]
+
+== How to fix it
+
+include::../../../shared_content/secrets/fix/revoke.adoc[]
+
+include::../../../shared_content/secrets/fix/recent_use.adoc[]
+
+include::../../../shared_content/secrets/fix/vault.adoc[]
+
+=== Code examples
+
+:example_secret: NRAK-S6Z8F90IQDWRILXAKBBESCDIY99
+:example_name: newrelic.api_key
+:example_env: NEWRELIC_API_KEY
+
+include::../../../shared_content/secrets/examples.adoc[]
+
+//=== How does this work?
+
+//=== Pitfalls
+
+//=== Going the extra mile
+
+== Resources
+
+=== Documentation
+
+* new relic Docs - https://docs.newrelic.com/docs/apis/intro-apis/new-relic-api-keys/[New Relic API keys]
+* new relic Docs - https://docs.newrelic.com/docs/synthetics/synthetic-monitoring/private-locations/private-locations-overview-monitor-internal-sites-add-new-locations/[Private locations overview: Monitor internal sites and add new locations]
+
+include::../../../shared_content/secrets/resources/standards.adoc[]
+
+//=== Benchmarks
diff --git a/rules/S7167/metadata.json b/rules/S7167/metadata.json
new file mode 100644
index 00000000000..2c63c085104
--- /dev/null
+++ b/rules/S7167/metadata.json
@@ -0,0 +1,2 @@
+{
+}
diff --git a/rules/S7167/secrets/metadata.json b/rules/S7167/secrets/metadata.json
new file mode 100644
index 00000000000..780d2093215
--- /dev/null
+++ b/rules/S7167/secrets/metadata.json
@@ -0,0 +1,56 @@
+{
+ "title": "Mergify application keys should not be disclosed",
+ "type": "VULNERABILITY",
+ "code": {
+ "impacts": {
+ "SECURITY": "HIGH"
+ },
+ "attribute": "TRUSTWORTHY"
+ },
+ "status": "ready",
+ "remediation": {
+ "func": "Constant\/Issue",
+ "constantCost": "30min"
+ },
+ "tags": [
+ "cwe",
+ "cert"
+ ],
+ "defaultSeverity": "Blocker",
+ "ruleSpecification": "RSPEC-7167",
+ "sqKey": "S7167",
+ "scope": "All",
+ "securityStandards": {
+ "CWE": [
+ 798,
+ 259
+ ],
+ "OWASP": [
+ "A3"
+ ],
+ "CERT": [
+ "MSC03-J."
+ ],
+ "OWASP Top 10 2021": [
+ "A7"
+ ],
+ "PCI DSS 3.2": [
+ "6.5.10"
+ ],
+ "PCI DSS 4.0": [
+ "6.2.4"
+ ],
+ "ASVS 4.0": [
+ "2.10.4",
+ "3.5.2",
+ "6.4.1"
+ ],
+ "STIG ASD_V5R3": [
+ "V-222642"
+ ]
+ },
+ "defaultQualityProfiles": [
+ "Sonar way"
+ ],
+ "quickfix": "unknown"
+}
diff --git a/rules/S7167/secrets/rule.adoc b/rules/S7167/secrets/rule.adoc
new file mode 100644
index 00000000000..bf5cb2e6f98
--- /dev/null
+++ b/rules/S7167/secrets/rule.adoc
@@ -0,0 +1,33 @@
+
+include::../../../shared_content/secrets/description.adoc[]
+
+== Why is this an issue?
+
+include::../../../shared_content/secrets/rationale.adoc[]
+
+=== What is the potential impact?
+
+Below are some real-world scenarios that illustrate some impacts of an attacker
+exploiting the secret.
+
+include::../../../shared_content/secrets/impact/source_code_compromise.adoc[]
+
+include::../../../shared_content/secrets/impact/supply_chain_attack.adoc[]
+
+== How to fix it
+
+include::../../../shared_content/secrets/fix/revoke.adoc[]
+
+include::../../../shared_content/secrets/fix/vault.adoc[]
+
+=== Code examples
+
+:example_secret: mergify_application_key_cm9vdDp4OjA6MDpyb290Oi9yb290
+:example_name: mergify-app-key
+:example_env: MERGIFY_APP_KEY
+
+include::../../../shared_content/secrets/examples.adoc[]
+
+== Resources
+
+include::../../../shared_content/secrets/resources/standards.adoc[]
diff --git a/rules/S7169/metadata.json b/rules/S7169/metadata.json
new file mode 100644
index 00000000000..2c63c085104
--- /dev/null
+++ b/rules/S7169/metadata.json
@@ -0,0 +1,2 @@
+{
+}
diff --git a/rules/S7169/secrets/metadata.json b/rules/S7169/secrets/metadata.json
new file mode 100644
index 00000000000..6383c626dfc
--- /dev/null
+++ b/rules/S7169/secrets/metadata.json
@@ -0,0 +1,56 @@
+{
+ "title": "Coveo API keys should not be disclosed",
+ "type": "VULNERABILITY",
+ "code": {
+ "impacts": {
+ "SECURITY": "HIGH"
+ },
+ "attribute": "TRUSTWORTHY"
+ },
+ "status": "ready",
+ "remediation": {
+ "func": "Constant\/Issue",
+ "constantCost": "30min"
+ },
+ "tags": [
+ "cwe",
+ "cert"
+ ],
+ "defaultSeverity": "Blocker",
+ "ruleSpecification": "RSPEC-7169",
+ "sqKey": "S7169",
+ "scope": "All",
+ "securityStandards": {
+ "CWE": [
+ 798,
+ 259
+ ],
+ "OWASP": [
+ "A3"
+ ],
+ "CERT": [
+ "MSC03-J."
+ ],
+ "OWASP Top 10 2021": [
+ "A7"
+ ],
+ "PCI DSS 3.2": [
+ "6.5.10"
+ ],
+ "PCI DSS 4.0": [
+ "6.2.4"
+ ],
+ "ASVS 4.0": [
+ "2.10.4",
+ "3.5.2",
+ "6.4.1"
+ ],
+ "STIG ASD_V5R3": [
+ "V-222642"
+ ]
+ },
+ "defaultQualityProfiles": [
+ "Sonar way"
+ ],
+ "quickfix": "unknown"
+}
diff --git a/rules/S7169/secrets/rule.adoc b/rules/S7169/secrets/rule.adoc
new file mode 100644
index 00000000000..3b0185b7464
--- /dev/null
+++ b/rules/S7169/secrets/rule.adoc
@@ -0,0 +1,33 @@
+
+include::../../../shared_content/secrets/description.adoc[]
+
+== Why is this an issue?
+
+include::../../../shared_content/secrets/rationale.adoc[]
+
+=== What is the potential impact?
+
+Below are some real-world scenarios that illustrate some impacts of an attacker
+exploiting the secret.
+
+include::../../../shared_content/secrets/impact/data_compromise.adoc[]
+
+include::../../../shared_content/secrets/impact/financial_loss.adoc[]
+
+== How to fix it
+
+include::../../../shared_content/secrets/fix/revoke.adoc[]
+
+include::../../../shared_content/secrets/fix/vault.adoc[]
+
+=== Code examples
+
+:example_secret: xx31c5e664-c410-42f2-832f-1864e233de28
+:example_name: coveo-api-key
+:example_env: COVEO_API_KEY
+
+include::../../../shared_content/secrets/examples.adoc[]
+
+== Resources
+
+include::../../../shared_content/secrets/resources/standards.adoc[]
diff --git a/rules/S7170/metadata.json b/rules/S7170/metadata.json
new file mode 100644
index 00000000000..2c63c085104
--- /dev/null
+++ b/rules/S7170/metadata.json
@@ -0,0 +1,2 @@
+{
+}
diff --git a/rules/S7170/secrets/metadata.json b/rules/S7170/secrets/metadata.json
new file mode 100644
index 00000000000..c138fb007d1
--- /dev/null
+++ b/rules/S7170/secrets/metadata.json
@@ -0,0 +1,56 @@
+{
+ "title": "HubSpot secrets should not be disclosed",
+ "type": "VULNERABILITY",
+ "code": {
+ "impacts": {
+ "SECURITY": "HIGH"
+ },
+ "attribute": "TRUSTWORTHY"
+ },
+ "status": "ready",
+ "remediation": {
+ "func": "Constant\/Issue",
+ "constantCost": "30min"
+ },
+ "tags": [
+ "cwe",
+ "cert"
+ ],
+ "defaultSeverity": "Blocker",
+ "ruleSpecification": "RSPEC-7170",
+ "sqKey": "S7170",
+ "scope": "All",
+ "securityStandards": {
+ "CWE": [
+ 798,
+ 259
+ ],
+ "OWASP": [
+ "A3"
+ ],
+ "CERT": [
+ "MSC03-J."
+ ],
+ "OWASP Top 10 2021": [
+ "A7"
+ ],
+ "PCI DSS 3.2": [
+ "6.5.10"
+ ],
+ "PCI DSS 4.0": [
+ "6.2.4"
+ ],
+ "ASVS 4.0": [
+ "2.10.4",
+ "3.5.2",
+ "6.4.1"
+ ],
+ "STIG ASD_V5R3": [
+ "V-222642"
+ ]
+ },
+ "defaultQualityProfiles": [
+ "Sonar way"
+ ],
+ "quickfix": "unknown"
+}
diff --git a/rules/S7170/secrets/rule.adoc b/rules/S7170/secrets/rule.adoc
new file mode 100644
index 00000000000..d4377676e40
--- /dev/null
+++ b/rules/S7170/secrets/rule.adoc
@@ -0,0 +1,45 @@
+
+include::../../../shared_content/secrets/description.adoc[]
+
+== Why is this an issue?
+
+include::../../../shared_content/secrets/rationale.adoc[]
+
+=== What is the potential impact?
+
+Hubspot credentials can be used for varieties of actions on the Hubspot services,
+including managing CRM, CMS, marketing automation, customer service and
+analytics.
+
+Below are some real-world scenarios that illustrate some impacts of an attacker
+exploiting the secret.
+
+:secret_type: secret
+
+
+include::../../../shared_content/secrets/impact/phishing.adoc[]
+
+include::../../../shared_content/secrets/impact/exceed_rate_limits.adoc[]
+
+include::../../../shared_content/secrets/impact/financial_loss.adoc[]
+
+include::../../../shared_content/secrets/impact/personal_data_compromise.adoc[]
+
+== How to fix it
+
+include::../../../shared_content/secrets/fix/revoke.adoc[]
+
+include::../../../shared_content/secrets/fix/vault.adoc[]
+
+=== Code examples
+
+:example_secret: pat-na1-6d04652d-107a-4742-964d-34dabf69843c
+:example_name: hubspot-api-key
+:example_env: HUBSPOT_API_KEY
+
+include::../../../shared_content/secrets/examples.adoc[]
+
+== Resources
+
+include::../../../shared_content/secrets/resources/standards.adoc[]
+
diff --git a/rules/S7171/metadata.json b/rules/S7171/metadata.json
new file mode 100644
index 00000000000..2c63c085104
--- /dev/null
+++ b/rules/S7171/metadata.json
@@ -0,0 +1,2 @@
+{
+}
diff --git a/rules/S7171/secrets/metadata.json b/rules/S7171/secrets/metadata.json
new file mode 100644
index 00000000000..5ce74ebf50c
--- /dev/null
+++ b/rules/S7171/secrets/metadata.json
@@ -0,0 +1,56 @@
+{
+ "title": "Mailgun SMTP credentials should not be disclosed",
+ "type": "VULNERABILITY",
+ "code": {
+ "impacts": {
+ "SECURITY": "HIGH"
+ },
+ "attribute": "TRUSTWORTHY"
+ },
+ "status": "ready",
+ "remediation": {
+ "func": "Constant\/Issue",
+ "constantCost": "30min"
+ },
+ "tags": [
+ "cwe",
+ "cert"
+ ],
+ "defaultSeverity": "Blocker",
+ "ruleSpecification": "RSPEC-7171",
+ "sqKey": "S7171",
+ "scope": "All",
+ "securityStandards": {
+ "CWE": [
+ 798,
+ 259
+ ],
+ "OWASP": [
+ "A3"
+ ],
+ "CERT": [
+ "MSC03-J."
+ ],
+ "OWASP Top 10 2021": [
+ "A7"
+ ],
+ "PCI DSS 3.2": [
+ "6.5.10"
+ ],
+ "PCI DSS 4.0": [
+ "6.2.4"
+ ],
+ "ASVS 4.0": [
+ "2.10.4",
+ "3.5.2",
+ "6.4.1"
+ ],
+ "STIG ASD_V5R3": [
+ "V-222642"
+ ]
+ },
+ "defaultQualityProfiles": [
+ "Sonar way"
+ ],
+ "quickfix": "unknown"
+}
diff --git a/rules/S7171/secrets/rule.adoc b/rules/S7171/secrets/rule.adoc
new file mode 100644
index 00000000000..1900d935cc1
--- /dev/null
+++ b/rules/S7171/secrets/rule.adoc
@@ -0,0 +1,45 @@
+
+include::../../../shared_content/secrets/description.adoc[]
+
+== Why is this an issue?
+
+include::../../../shared_content/secrets/rationale.adoc[]
+
+=== What is the potential impact?
+
+Below are some real-world scenarios that illustrate some impacts of an attacker
+exploiting the secret.
+
+:secret_type: credentials
+
+include::../../../shared_content/secrets/impact/phishing.adoc[]
+
+include::../../../shared_content/secrets/impact/exceed_rate_limits.adoc[]
+
+include::../../../shared_content/secrets/impact/suspicious_activities_termination.adoc[]
+
+== How to fix it
+
+include::../../../shared_content/secrets/fix/revoke.adoc[]
+
+include::../../../shared_content/secrets/fix/vault.adoc[]
+
+=== Code examples
+
+:example_secret: aae73f3aa79607cabffe7cd69e37e478-058ba5af-d1a3a279
+:example_name: mailgun.smtp.password
+:example_env: MAILGUN_SMTP_PASSWORD
+
+include::../../../shared_content/secrets/examples.adoc[]
+
+//=== How does this work?
+
+//=== Pitfalls
+
+//=== Going the extra mile
+
+== Resources
+
+include::../../../shared_content/secrets/resources/standards.adoc[]
+
+//=== Benchmarks
diff --git a/rules/S800/flex/metadata.json b/rules/S800/flex/metadata.json
index ba46fb6f078..17971333806 100644
--- a/rules/S800/flex/metadata.json
+++ b/rules/S800/flex/metadata.json
@@ -1,5 +1,3 @@
{
- "tags": [],
- "status": "deprecated",
- "defaultQualityProfiles": []
-}
\ No newline at end of file
+
+}
diff --git a/rules/S824/cfamily/metadata.json b/rules/S824/cfamily/metadata.json
index cd2c553cbaf..b54df5e7e15 100644
--- a/rules/S824/cfamily/metadata.json
+++ b/rules/S824/cfamily/metadata.json
@@ -27,5 +27,5 @@
"defaultQualityProfiles": [
"Sonar way"
],
- "quickfix": "targeted"
+ "quickfix": "partial"
}
\ No newline at end of file
diff --git a/shared_content/plsql/data_dictionary.adoc b/shared_content/plsql/data_dictionary.adoc
new file mode 100644
index 00000000000..4dc06b2f835
--- /dev/null
+++ b/shared_content/plsql/data_dictionary.adoc
@@ -0,0 +1,3 @@
+=== Noteworthy
+
+This rule raises issues only when a *Data Dictionary* is provided during the analysis. See{nbsp}https://docs.sonarqube.org/latest/analysis/languages/plsql/
diff --git a/shared_content/secrets/fix/oauth_pkce.adoc b/shared_content/secrets/fix/oauth_pkce.adoc
new file mode 100644
index 00000000000..59681cf21d9
--- /dev/null
+++ b/shared_content/secrets/fix/oauth_pkce.adoc
@@ -0,0 +1,6 @@
+**Use OAuth 2.0 PKCE**
+
+Proof Key for Code Exchange (PKCE, RFC 7636) is an extension to OAuth 2.0. It
+helps to protect authentication tokens when the `client_secret` value cannot be
+kept secure, such as mobile applications and JavaScript single page
+applications.
diff --git a/shared_content/secrets/impact/dataviz_takeover.adoc b/shared_content/secrets/impact/dataviz_takeover.adoc
new file mode 100644
index 00000000000..deb4efcf309
--- /dev/null
+++ b/shared_content/secrets/impact/dataviz_takeover.adoc
@@ -0,0 +1,12 @@
+==== Data visualization corruption and takeover
+
+With control over the {service_name} application, the attacker can modify
+dashboards, alter data sources, or inject malicious code. This can result in the
+manipulation of displayed data, misleading visualizations, or even the
+introduction of backdoors for further exploitation.
+
+The attacker may even attempt to escalate their privileges within the
+{service_name} environment. By gaining administrative access or higher-level
+permissions, they can perform more significant actions, such as modifying access
+controls, adding or deleting users, or changing system configurations.
+
diff --git a/shared_content/secrets/impact/oauth_token_compromise.adoc b/shared_content/secrets/impact/oauth_token_compromise.adoc
new file mode 100644
index 00000000000..7c772663005
--- /dev/null
+++ b/shared_content/secrets/impact/oauth_token_compromise.adoc
@@ -0,0 +1,10 @@
+=== OAuth token compromise
+
+The OAuth 2.0 authorization code grant flow is a secure method of authorizing
+a web application to access a third-party service. After the user authenticates
+with the third-party service and grants access, the web application is sent a
+single-use code. The application must then pass this code and a `client_secret`
+value to the service in order to obtain a usable authentication token.
+
+If the `client_secret` value is disclosed, anyone who can intercept the
+single-use code can then exchange it for a valid authentication token.