Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Create rule S6474: Using remote artifacts without authenticity and integrity checks is security-sensitive (SONARKT-574) #4720

Merged
merged 4 commits into from
Mar 6, 2025
Merged

Create rule S6474: Using remote artifacts without authenticity and integrity checks is security-sensitive (SONARKT-574) #4720

merged 4 commits into from
Mar 6, 2025

Conversation

github-actions[bot]
Copy link
Contributor

@github-actions github-actions bot commented Mar 4, 2025

You can preview this rule here (updated a few minutes after each push).

Review

A dedicated reviewer checked the rule description successfully for:

  • logical errors and incorrect information
  • information gaps and missing content
  • text style and tone
  • PR summary and labels follow the guidelines

@github-actions github-actions bot added the kotlin label Mar 4, 2025
@pierre-loup-tristant-sonarsource pierre-loup-tristant-sonarsource changed the title Create rule S6474 Create rule S6474: Using remote artifacts without authenticity and integrity checks is security-sensitive (SONARKT-574) Mar 4, 2025
@pierre-loup-tristant-sonarsource pierre-loup-tristant-sonarsource marked this pull request as ready for review March 4, 2025 16:17
hendrik-buchwald-sonarsource
hendrik-buchwald-sonarsource requested changes Mar 5, 2025
View reviewed changes
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks mostly good to me, see the comments.

hendrik-buchwald-sonarsource
hendrik-buchwald-sonarsource approved these changes Mar 6, 2025
View reviewed changes
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@sonarqube-next SonarQube-Next
Copy link

sonarqube-next bot commented Mar 6, 2025

Quality Gate passed Quality Gate passed for 'rspec-tools'

Issues
0 New issues
0 Fixed issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarQube

@sonarqube-next SonarQube-Next
Copy link

sonarqube-next bot commented Mar 6, 2025

Quality Gate passed Quality Gate passed for 'rspec-frontend'

Issues
0 New issues
0 Fixed issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarQube

@pierre-loup-tristant-sonarsource pierre-loup-tristant-sonarsource merged commit 8dc1c62 into master Mar 6, 2025
9 of 10 checks passed
@pierre-loup-tristant-sonarsource pierre-loup-tristant-sonarsource deleted the rule/S6474-add-kotlin branch March 6, 2025 10:18
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@hendrik-buchwald-sonarsource hendrik-buchwald-sonarsource

Assignees

@pierre-loup-tristant-sonarsource pierre-loup-tristant-sonarsource

Labels
kotlin
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@hendrik-buchwald-sonarsource @pierre-loup-tristant-sonarsource