From 9c59e2082916e562c37091a1da4bfbed046ee8ee Mon Sep 17 00:00:00 2001 From: Johann Beleites Date: Wed, 31 Jul 2024 14:26:14 +0000 Subject: [PATCH 1/2] Add STIG support * Upgrade sonar-analyzer-commons to version that supports STIG metadata. * Update rule metadata. --- pom.xml | 2 +- .../main/resources/org/sonar/l10n/java/rules/java/S1161.html | 2 +- .../main/resources/org/sonar/l10n/java/rules/java/S2053.json | 2 +- .../main/resources/org/sonar/l10n/java/rules/java/S2077.html | 2 +- .../main/resources/org/sonar/l10n/java/rules/java/S2092.json | 2 +- .../main/resources/org/sonar/l10n/java/rules/java/S2184.json | 2 +- .../main/resources/org/sonar/l10n/java/rules/java/S2226.json | 2 +- .../main/resources/org/sonar/l10n/java/rules/java/S2254.json | 2 +- .../main/resources/org/sonar/l10n/java/rules/java/S2612.json | 2 +- .../main/resources/org/sonar/l10n/java/rules/java/S2647.json | 2 +- .../main/resources/org/sonar/l10n/java/rules/java/S2696.json | 2 +- .../main/resources/org/sonar/l10n/java/rules/java/S2885.json | 2 +- .../main/resources/org/sonar/l10n/java/rules/java/S2886.json | 2 +- .../main/resources/org/sonar/l10n/java/rules/java/S3330.json | 2 +- .../main/resources/org/sonar/l10n/java/rules/java/S4502.json | 2 +- .../main/resources/org/sonar/l10n/java/rules/java/S4830.json | 2 +- .../main/resources/org/sonar/l10n/java/rules/java/S5332.json | 2 +- .../main/resources/org/sonar/l10n/java/rules/java/S5344.json | 2 +- .../main/resources/org/sonar/l10n/java/rules/java/S5443.json | 2 +- .../main/resources/org/sonar/l10n/java/rules/java/S5445.json | 2 +- .../main/resources/org/sonar/l10n/java/rules/java/S5527.json | 2 +- .../main/resources/org/sonar/l10n/java/rules/java/S5547.json | 2 +- .../main/resources/org/sonar/l10n/java/rules/java/S5876.json | 2 +- .../main/resources/org/sonar/l10n/java/rules/java/S6914.html | 5 ----- sonarpedia.json | 2 +- 25 files changed, 24 insertions(+), 29 deletions(-) diff --git a/pom.xml b/pom.xml index 63cb7769f74..379831af616 100644 --- a/pom.xml +++ b/pom.xml @@ -94,7 +94,7 @@ --> 10.2.0.1908 9.8.0.76914 - 2.11.0.2861 + 2.12.0.2964 3.40.0.183 1.24.0.633 -Xmx512m diff --git a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S1161.html b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S1161.html index 009468b6f2d..9fe85d9ff3a 100644 --- a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S1161.html +++ b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S1161.html @@ -1,6 +1,6 @@

Why is this an issue?

While not mandatory, using the @Override annotation on compliant methods improves readability by making it explicit that methods are -overriden.

+overridden.

A compliant method either overrides a parent method or implements an interface or abstract method.

Noncompliant code example

diff --git a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2053.json b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2053.json
index 6f426ba6a65..298542a3930 100644
--- a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2053.json
+++ b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2053.json
@@ -36,7 +36,7 @@
     "PCI DSS 4.0": [
       "6.2.4"
     ],
-    "STIG ASD 2023-06-08": [
+    "STIG ASD_V5R3": [
       "V-222542"
     ]
   },
diff --git a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2077.html b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2077.html
index 6ab995608d8..64911293a30 100644
--- a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2077.html
+++ b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2077.html
@@ -1,5 +1,5 @@
 
Formatted SQL queries can be difficult to maintain, debug and can increase the risk of SQL injection when concatenating untrusted values into the
-query. However, this rule doesn’t detect SQL injections (unlike rule {rule:javasecurity:S3649}), the goal is only to highlight complex/formatted queries.

+query. However, this rule doesn’t detect SQL injections (unlike rule {rule:java:S3649}), the goal is only to highlight complex/formatted queries.

 
Ask Yourself Whether

 
-
Articles & blog posts

-
 
diff --git a/sonarpedia.json b/sonarpedia.json
index fcbef9fc3ce..75669e00a95 100644
--- a/sonarpedia.json
+++ b/sonarpedia.json
@@ -3,7 +3,7 @@
   "languages": [
     "JAVA"
   ],
-  "latest-update": "2024-06-26T13:48:56.604262Z",
+  "latest-update": "2024-07-31T14:20:43.109120Z",
   "options": {
     "no-language-in-filenames": true,
     "preserve-filenames": false

From 6460a0b00f07bd0374dd6f460d68c1d1866164fd Mon Sep 17 00:00:00 2001
From: Johann Beleites 
Date: Tue, 6 Aug 2024 17:23:52 +0200
Subject: [PATCH 2/2] Revert erroneous metadata rule key update

---
 .../main/resources/org/sonar/l10n/java/rules/java/S2077.html    | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2077.html b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2077.html
index 64911293a30..6ab995608d8 100644
--- a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2077.html
+++ b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2077.html
@@ -1,5 +1,5 @@
 
Formatted SQL queries can be difficult to maintain, debug and can increase the risk of SQL injection when concatenating untrusted values into the
-query. However, this rule doesn’t detect SQL injections (unlike rule {rule:java:S3649}), the goal is only to highlight complex/formatted queries.

+query. However, this rule doesn’t detect SQL injections (unlike rule {rule:javasecurity:S3649}), the goal is only to highlight complex/formatted queries.

 
Ask Yourself Whether

 
    
   
  •  Some parts of the query come from untrusted values (like user inputs). 
    •