From: Wouter Admiraal <wouter.admiraal@sonarsource.com>
Date: Tue, 19 Jul 2022 10:10:01 +0000 (+0200)
Subject: SONAR-17067 Update SonarXoo to support some PCI DSS rules
X-Git-Tag: 9.6.0.59041~209
X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=26f5c3f9730649345a5066a6823e9473e7ecc3d8;p=sonarqube.git

SONAR-17067 Update SonarXoo to support some PCI DSS rules
---

diff --git a/plugins/sonar-xoo-plugin/src/main/java/org/sonar/xoo/rule/XooRulesDefinition.java b/plugins/sonar-xoo-plugin/src/main/java/org/sonar/xoo/rule/XooRulesDefinition.java
index 24547887632..3d87a2cbb16 100644
--- a/plugins/sonar-xoo-plugin/src/main/java/org/sonar/xoo/rule/XooRulesDefinition.java
+++ b/plugins/sonar-xoo-plugin/src/main/java/org/sonar/xoo/rule/XooRulesDefinition.java
@@ -237,6 +237,16 @@ public class XooRulesDefinition implements RulesDefinition {
         .addCwe(250, 564, 546, 943);
     }
 
+    if (version != null && version.isGreaterThanOrEqual(Version.create(9, 5))) {
+      hotspot
+        .addPciDss(PciDssVersion.V4_0, "6.5.1", "4.1")
+        .addPciDss(PciDssVersion.V3_2, "6.5.1", "4.2");
+
+      oneVulnerabilityIssuePerModule
+        .addPciDss(PciDssVersion.V4_0, "10.1")
+        .addPciDss(PciDssVersion.V3_2, "10.2");
+    }
+
     NewRule hotspotWithContexts = repo.createRule(HotspotWithContextsSensor.RULE_KEY)
       .setName("Find security hotspots with contexts")
       .setType(RuleType.SECURITY_HOTSPOT)