SONAR-22543 Add more vulnerabilities and hotspots for CASA tests

author Wouter Admiraal <wouter.admiraal@sonarsource.com>

Mon, 29 Jul 2024 10:38:16 +0000 (12:38 +0200)

committer sonartech <sonartech@sonarsource.com>

Tue, 30 Jul 2024 20:02:34 +0000 (20:02 +0000)
author Wouter Admiraal <wouter.admiraal@sonarsource.com>
Mon, 29 Jul 2024 10:38:16 +0000 (12:38 +0200)
committer sonartech <sonartech@sonarsource.com>
Tue, 30 Jul 2024 20:02:34 +0000 (20:02 +0000)
diff --git a/plugins/sonar-xoo-plugin/src/main/java/org/sonar/xoo/rule/XooRulesDefinition.java b/plugins/sonar-xoo-plugin/src/main/java/org/sonar/xoo/rule/XooRulesDefinition.java

index 8426cd5ae85811789bb6f61b55e87eb7d4f96965..6468f7ef0d93b2f33c1509faa8384440e2db5bac 100644 (file)
--- a/plugins/sonar-xoo-plugin/src/main/java/org/sonar/xoo/rule/XooRulesDefinition.java
+++ b/plugins/sonar-xoo-plugin/src/main/java/org/sonar/xoo/rule/XooRulesDefinition.java
@@ -290,7 +290,7 @@ public class XooRulesDefinition implements RulesDefinition {
        oneVulnerabilityIssuePerProject
          .addOwaspTop10(Y2017, OwaspTop10.A9, OwaspTop10.A10)
          .addOwaspTop10(Y2021, OwaspTop10.A6, OwaspTop10.A9)
-        .addCwe(250, 564, 546, 943);
+        .addCwe(89, 250, 311, 546, 564, 943);
      }
  
      if (version != null && version.isGreaterThanOrEqual(Version.create(9, 5))) {
diff --git a/plugins/sonar-xoo-plugin/src/test/java/org/sonar/xoo/rule/XooRulesDefinitionTest.java b/plugins/sonar-xoo-plugin/src/test/java/org/sonar/xoo/rule/XooRulesDefinitionTest.java

index b714fd60cf05699eb24a9de22ead1280c80ebab6..f1effd3b78cb429dae815a9b015bb07ecaf8d71d 100644 (file)
--- a/plugins/sonar-xoo-plugin/src/test/java/org/sonar/xoo/rule/XooRulesDefinitionTest.java
+++ b/plugins/sonar-xoo-plugin/src/test/java/org/sonar/xoo/rule/XooRulesDefinitionTest.java
@@ -97,7 +97,7 @@ public class XooRulesDefinitionTest {
      assertThat(rule.name()).isNotEmpty();
      assertThat(rule.securityStandards())
        .isNotEmpty()
-      .containsExactlyInAnyOrder("cwe:250", "cwe:546", "cwe:564", "cwe:943", "owaspTop10-2021:a6", "owaspTop10-2021:a9",
+      .containsExactlyInAnyOrder("cwe:89", "cwe:250", "cwe:311", "cwe:546", "cwe:564", "cwe:943", "owaspTop10-2021:a6", "owaspTop10-2021:a9",
          "owaspTop10:a10", "owaspTop10:a9",
          "owaspAsvs-4.0:11.1.2", "owaspAsvs-4.0:14.5.1", "owaspAsvs-4.0:14.5.4",
          "pciDss-3.2:10.1a.2c", "pciDss-3.2:10.2", "pciDss-4.0:10.1", "pciDss-4.0:10.1a.2b",
author	Wouter Admiraal <wouter.admiraal@sonarsource.com>
	Mon, 29 Jul 2024 10:38:16 +0000 (12:38 +0200)
committer	sonartech <sonartech@sonarsource.com>
	Tue, 30 Jul 2024 20:02:34 +0000 (20:02 +0000)
plugins/sonar-xoo-plugin/src/main/java/org/sonar/xoo/rule/XooRulesDefinition.java		patch \| blob \| history
plugins/sonar-xoo-plugin/src/test/java/org/sonar/xoo/rule/XooRulesDefinitionTest.java		patch \| blob \| history