Update rule metadata for version 1.17

python-checks/src/main/resources/org/sonar/l10n/py/rules/python/S1523.html

@@ -8,7 +8,7 @@
 href="https://www.owasp.org/index.php/Code_Injection">Injected Code</a>. Such attacks can either run on the server or in the client (exemple: XSS
 attack) and have a huge impact on an application's security.</p>
 <p>This rule marks for review each occurrence of such dynamic code execution. This rule does not detect code injections. It only highlights the use of
-APIs which should be used sparingly and very carefully. The goal is to guide security code reviews.</p>
+APIs which should be used sparingly and very carefully.</p>
 <h2>Ask Yourself Whether</h2>
 <ul>
   <li> the executed code may come from an untrusted source and hasn't been sanitized. </li>
@@ -46,8 +46,6 @@ <h2>Sensitive Code Example</h2>
 <h2>See</h2>
 <ul>
   <li> <a href="https://www.owasp.org/index.php/Top_10-2017_A1-Injection">OWASP Top 10 2017 Category A1</a> - Injection </li>
-  <li> <a href="https://www.owasp.org/index.php/Top_10-2017_A7-Cross-Site_Scripting_(XSS)">OWASP Top 10 2017 Category A7</a> - Cross-Site Scripting
-  (XSS) </li>
   <li> <a href="http://cwe.mitre.org/data/definitions/95.html">MITRE CWE-95</a> - Improper Neutralization of Directives in Dynamically Evaluated Code
   ('Eval Injection') </li>
 </ul>

python-checks/src/main/resources/org/sonar/l10n/py/rules/python/S1523.json

@@ -8,8 +8,7 @@
   },
   "tags": [
     "cwe",
-    "owasp-a1",
-    "owasp-a7"
+    "owasp-a1"
   ],
   "defaultSeverity": "Critical",
   "ruleSpecification": "RSPEC-1523",
@@ -21,7 +20,6 @@
       470
     ],
     "OWASP": [
-      "A7",
       "A1"
     ]
   }

python-checks/src/main/resources/org/sonar/l10n/py/rules/python/S3626.html

@@ -6,12 +6,28 @@ <h2>Noncompliant Code Example</h2>
     if x == 1:
         print(True)
         return  # NonCompliant
-}
 </pre>
 <h2>Compliant Solution</h2>
 <pre>
 def redundant_jump(x):
     if x == 1:
         print(True)
 </pre>
+<h2>Exceptions</h2>
+<ul>
+  <li> No issue is raised if the jump statement is the only statement of a statement suite: </li>
+</ul>
+<pre>
+def my_function(x):
+    if x &gt; 5:
+        do_something()
+    elif x == 0:
+        return # ok even it could be changed to "pass"
+    else:
+        do_something_else()
+</pre>
+<ul>
+  <li> No issue is raised for <code>return None</code> because this was certainly done on purpose to be explicit that a function is really returning
+  <code>None</code>. </li>
+</ul>
 

python-checks/src/main/resources/org/sonar/l10n/py/rules/python/S5439.html

@@ -12,7 +12,7 @@
   <li> Modify presentation of content </li>
   <li> User accounts takeover after disclosure of sensitive information like session cookies or passwords </li>
 </ul>
-<p>This rule raises supports the following libraries:</p>
+<p>This rule supports the following libraries:</p>
 <ul>
   <li> <a href="https://github.com/django/django">Django Templates</a> </li>
   <li> <a href="https://github.com/pallets/jinja">Jinja2</a> </li>

sonarpedia.json

@@ -3,7 +3,7 @@
   "languages": [
     "PY"
   ],
-  "latest-update": "2019-09-27T09:04:56.450672Z",
+  "latest-update": "2019-10-14T09:49:30.490848Z",
   "options": {
     "no-language-in-filenames": true,
     "preserve-filenames": true