SONAR-17067 Update SonarXoo to support some PCI DSS rules

author Wouter Admiraal <wouter.admiraal@sonarsource.com>

Tue, 19 Jul 2022 10:10:01 +0000 (12:10 +0200)

committer sonartech <sonartech@sonarsource.com>

Tue, 19 Jul 2022 20:03:21 +0000 (20:03 +0000)
author Wouter Admiraal <wouter.admiraal@sonarsource.com>
Tue, 19 Jul 2022 10:10:01 +0000 (12:10 +0200)
committer sonartech <sonartech@sonarsource.com>
Tue, 19 Jul 2022 20:03:21 +0000 (20:03 +0000)
diff --git a/plugins/sonar-xoo-plugin/src/main/java/org/sonar/xoo/rule/XooRulesDefinition.java b/plugins/sonar-xoo-plugin/src/main/java/org/sonar/xoo/rule/XooRulesDefinition.java

index 245478876325a32b074bbf730584fd5ea794480d..3d87a2cbb16ec573b4731b3ff24dca2ff2fc6340 100644 (file)
--- a/plugins/sonar-xoo-plugin/src/main/java/org/sonar/xoo/rule/XooRulesDefinition.java
+++ b/plugins/sonar-xoo-plugin/src/main/java/org/sonar/xoo/rule/XooRulesDefinition.java
@@ -237,6 +237,16 @@ public class XooRulesDefinition implements RulesDefinition {
          .addCwe(250, 564, 546, 943);
      }
  
+    if (version != null && version.isGreaterThanOrEqual(Version.create(9, 5))) {
+      hotspot
+        .addPciDss(PciDssVersion.V4_0, "6.5.1", "4.1")
+        .addPciDss(PciDssVersion.V3_2, "6.5.1", "4.2");
+
+      oneVulnerabilityIssuePerModule
+        .addPciDss(PciDssVersion.V4_0, "10.1")
+        .addPciDss(PciDssVersion.V3_2, "10.2");
+    }
+
      NewRule hotspotWithContexts = repo.createRule(HotspotWithContextsSensor.RULE_KEY)
        .setName("Find security hotspots with contexts")
        .setType(RuleType.SECURITY_HOTSPOT)
author	Wouter Admiraal <wouter.admiraal@sonarsource.com>
	Tue, 19 Jul 2022 10:10:01 +0000 (12:10 +0200)
committer	sonartech <sonartech@sonarsource.com>
	Tue, 19 Jul 2022 20:03:21 +0000 (20:03 +0000)