SONAR-17393 E2E test for owasp-asvs security report

author Philippe Perrin <philippe.perrin@sonarsource.com>

Thu, 29 Sep 2022 14:47:19 +0000 (16:47 +0200)

committer Philippe Perrin <philippe.perrin@sonarsource.com>

Fri, 7 Oct 2022 10:13:56 +0000 (12:13 +0200)
author Philippe Perrin <philippe.perrin@sonarsource.com>
Thu, 29 Sep 2022 14:47:19 +0000 (16:47 +0200)
committer Philippe Perrin <philippe.perrin@sonarsource.com>
Fri, 7 Oct 2022 10:13:56 +0000 (12:13 +0200)
diff --git a/plugins/sonar-xoo-plugin/src/main/java/org/sonar/xoo/rule/XooRulesDefinition.java b/plugins/sonar-xoo-plugin/src/main/java/org/sonar/xoo/rule/XooRulesDefinition.java

index 399e70c9d704adf24d80085eedf0476362aa8eae..c15d84a32e88d5d71ee7caeecad00dc0795d1ca3 100644 (file)
--- a/plugins/sonar-xoo-plugin/src/main/java/org/sonar/xoo/rule/XooRulesDefinition.java
+++ b/plugins/sonar-xoo-plugin/src/main/java/org/sonar/xoo/rule/XooRulesDefinition.java
@@ -251,6 +251,13 @@ public class XooRulesDefinition implements RulesDefinition {
          .addPciDss(PciDssVersion.V3_2, "10.1a.2c");
      }
  
+    if (version != null && version.isGreaterThanOrEqual(Version.create(9, 6))) {
+      hotspot
+        .addOwaspAsvs(OwaspAsvsVersion.V4_0, "3.1.1", "4.2.2");
+      oneVulnerabilityIssuePerModule
+        .addOwaspAsvs(OwaspAsvsVersion.V4_0, "11.1.2", "14.5.1");
+    }
+
      NewRule hotspotWithContexts = repo.createRule(HotspotWithContextsSensor.RULE_KEY)
        .setName("Find security hotspots with contexts")
        .setType(RuleType.SECURITY_HOTSPOT)
author	Philippe Perrin <philippe.perrin@sonarsource.com>
	Thu, 29 Sep 2022 14:47:19 +0000 (16:47 +0200)
committer	Philippe Perrin <philippe.perrin@sonarsource.com>
	Fri, 7 Oct 2022 10:13:56 +0000 (12:13 +0200)