diff options
| author | Cody Simms <141657208+cody-simms-sonarsource@users.noreply.github.com> | 2025-07-18 13:10:47 -0500 |
|---|---|---|
| committer | sonartech <sonartech@sonarsource.com> | 2025-07-18 20:03:59 +0000 |
| commit | a655dc51e09c7b3ec7e42cf9ecaf3d804a769011 (patch) | |
| tree | fa929290d51d40b2fd0c78b1c4b507165840d526 | |
| parent | b56a98077d7c10f7e89f93ad22c33bcd51b27c0e (diff) | |
| download | sonarqube-a655dc51e09c7b3ec7e42cf9ecaf3d804a769011.tar.gz sonarqube-a655dc51e09c7b3ec7e42cf9ecaf3d804a769011.zip | |
SONAR-25558 Add OWASP Mobile Top 10 for 2024 to Rules index
15 files changed, 212 insertions, 333 deletions
diff --git a/server/sonar-server-common/src/it/java/org/sonar/server/rule/index/RuleIndexIT.java b/server/sonar-server-common/src/it/java/org/sonar/server/rule/index/RuleIndexIT.java index c218b8759d7..42d89f332e0 100644 --- a/server/sonar-server-common/src/it/java/org/sonar/server/rule/index/RuleIndexIT.java +++ b/server/sonar-server-common/src/it/java/org/sonar/server/rule/index/RuleIndexIT.java @@ -516,6 +516,22 @@ class RuleIndexIT { @ParameterizedTest @ValueSource(booleans = {true, false}) + void search_by_security_owaspMobileTop10_2024_return_correct_data_based_on_mode(boolean mqrMode) { + doReturn(Optional.of(mqrMode)).when(config).getBoolean(MULTI_QUALITY_MODE_ENABLED); + RuleDto rule1 = createRule(setSecurityStandards(of("owaspMobileTop10-2024:m1", "owaspMobileTop10-2024:m10", "cwe:543")), + r -> r.setType(VULNERABILITY).replaceAllDefaultImpacts(List.of(new ImpactDto(SECURITY, Severity.HIGH)))); + RuleDto rule2 = createRule(setSecurityStandards(of("owaspMobileTop10-2024:m10", "cwe:543")), r -> r.setType(SECURITY_HOTSPOT)); + createRule(setSecurityStandards(of("cwe:543")), + r -> r.setType(CODE_SMELL).replaceAllDefaultImpacts(List.of(new ImpactDto(MAINTAINABILITY, Severity.HIGH)))); + index(); + + RuleQuery query = new RuleQuery().setOwaspMobileTop10For2024(of("m5", "m10")); + SearchIdResult<String> results = underTest.search(query, new SearchOptions().addFacets("owaspMobileTop10-2024")); + assertThat(results.getUuids()).containsOnly(rule1.getUuid(), rule2.getUuid()); + } + + @ParameterizedTest + @ValueSource(booleans = {true, false}) void search_by_security_sansTop25_return_correct_data_based_on_mode(boolean mqrMode) { doReturn(Optional.of(mqrMode)).when(config).getBoolean(MULTI_QUALITY_MODE_ENABLED); RuleDto rule1 = createRule(setSecurityStandards(of("owaspTop10:a1", "owaspTop10:a10", "cwe:89")), diff --git a/server/sonar-server-common/src/main/java/org/sonar/server/rule/index/RuleDoc.java b/server/sonar-server-common/src/main/java/org/sonar/server/rule/index/RuleDoc.java index ae66aec98a8..bf4ad404ac4 100644 --- a/server/sonar-server-common/src/main/java/org/sonar/server/rule/index/RuleDoc.java +++ b/server/sonar-server-common/src/main/java/org/sonar/server/rule/index/RuleDoc.java @@ -186,6 +186,16 @@ public class RuleDoc extends BaseDoc { } @CheckForNull + public Collection<String> getOwaspMobileTop10For2024() { + return getNullableField(RuleIndexDefinition.FIELD_RULE_OWASP_MOBILE_TOP_10_2024); + } + + public RuleDoc setOwaspMobileTop10For2024(@Nullable Collection<String> o) { + setField(RuleIndexDefinition.FIELD_RULE_OWASP_MOBILE_TOP_10_2024, o); + return this; + } + + @CheckForNull public Collection<String> getSansTop25() { return getNullableField(RuleIndexDefinition.FIELD_RULE_SANS_TOP_25); } @@ -330,6 +340,7 @@ public class RuleDoc extends BaseDoc { .setCwe(securityStandards.getCwe()) .setOwaspTop10(securityStandards.getOwaspTop10()) .setOwaspTop10For2021(securityStandards.getOwaspTop10For2021()) + .setOwaspMobileTop10For2024(securityStandards.getOwaspMobileTop10For2024()) .setSansTop25(securityStandards.getSansTop25()) .setSonarSourceSecurityCategory(securityStandards.getSqCategory()) .setName(dto.getName()) diff --git a/server/sonar-server-common/src/main/java/org/sonar/server/rule/index/RuleIndex.java b/server/sonar-server-common/src/main/java/org/sonar/server/rule/index/RuleIndex.java index 3f443234135..22911ec6577 100644 --- a/server/sonar-server-common/src/main/java/org/sonar/server/rule/index/RuleIndex.java +++ b/server/sonar-server-common/src/main/java/org/sonar/server/rule/index/RuleIndex.java @@ -53,6 +53,7 @@ import org.elasticsearch.search.builder.SearchSourceBuilder; import org.elasticsearch.search.sort.FieldSortBuilder; import org.elasticsearch.search.sort.SortBuilders; import org.elasticsearch.search.sort.SortOrder; +import org.jetbrains.annotations.NotNull; import org.sonar.api.config.Configuration; import org.sonar.api.issue.impact.SoftwareQuality; import org.sonar.api.rule.RuleStatus; @@ -115,6 +116,7 @@ import static org.sonar.server.rule.index.RuleIndexDefinition.FIELD_RULE_IS_TEMP import static org.sonar.server.rule.index.RuleIndexDefinition.FIELD_RULE_KEY; import static org.sonar.server.rule.index.RuleIndexDefinition.FIELD_RULE_LANGUAGE; import static org.sonar.server.rule.index.RuleIndexDefinition.FIELD_RULE_NAME; +import static org.sonar.server.rule.index.RuleIndexDefinition.FIELD_RULE_OWASP_MOBILE_TOP_10_2024; import static org.sonar.server.rule.index.RuleIndexDefinition.FIELD_RULE_OWASP_TOP_10; import static org.sonar.server.rule.index.RuleIndexDefinition.FIELD_RULE_OWASP_TOP_10_2021; import static org.sonar.server.rule.index.RuleIndexDefinition.FIELD_RULE_REPOSITORY; @@ -155,6 +157,7 @@ public class RuleIndex { public static final String FACET_SANS_TOP_25 = "sansTop25"; public static final String FACET_OWASP_TOP_10 = "owaspTop10"; public static final String FACET_OWASP_TOP_10_2021 = "owaspTop10-2021"; + public static final String FACET_OWASP_MOBILE_TOP_10_2024 = "owaspMobileTop10-2024"; public static final String FACET_SONARSOURCE_SECURITY = "sonarsourceSecurity"; public static final String FACET_CLEAN_CODE_ATTRIBUTE_CATEGORY = "cleanCodeAttributeCategories"; public static final String FACET_IMPACT_SOFTWARE_QUALITY = "impactSoftwareQualities"; @@ -313,6 +316,8 @@ public class RuleIndex { addSecurityStandardFilter(filters, FIELD_RULE_OWASP_TOP_10_2021, query.getOwaspTop10For2021()); + addSecurityStandardFilter(filters, FIELD_RULE_OWASP_MOBILE_TOP_10_2024, query.getOwaspMobileTop10For2024()); + addSecurityStandardFilter(filters, FIELD_RULE_SANS_TOP_25, query.getSansTop25()); addSecurityStandardFilter(filters, FIELD_RULE_SONARSOURCE_SECURITY, query.getSonarsourceSecurity()); @@ -538,13 +543,13 @@ public class RuleIndex { Collection<String> languages = query.getLanguages(); aggregations.put(FACET_LANGUAGES, stickyFacetBuilder.buildStickyFacet(FIELD_RULE_LANGUAGE, FACET_LANGUAGES, MAX_FACET_SIZE, - (languages == null) ? (new String[0]) : languages.toArray())); + toStringArray(languages))); } if (options.getFacets().contains(FACET_TAGS) || options.getFacets().contains(FACET_OLD_DEFAULT)) { Collection<String> tags = query.getTags(); aggregations.put(FACET_TAGS, stickyFacetBuilder.buildStickyFacet(FIELD_RULE_TAGS, FACET_TAGS, MAX_FACET_SIZE, - (tags == null) ? (new String[0]) : tags.toArray())); + toStringArray(tags))); } if (options.getFacets().contains(FACET_TYPES)) { Collection<RuleType> types = query.getTypes(); @@ -556,13 +561,13 @@ public class RuleIndex { Collection<String> repositories = query.getRepositories(); aggregations.put(FACET_REPOSITORIES, stickyFacetBuilder.buildStickyFacet(FIELD_RULE_REPOSITORY, FACET_REPOSITORIES, MAX_FACET_SIZE, - (repositories == null) ? (new String[0]) : repositories.toArray())); + toStringArray(repositories))); } if (options.getFacets().contains(FACET_CLEAN_CODE_ATTRIBUTE_CATEGORY)) { Collection<String> cleanCodeCategories = query.getCleanCodeAttributesCategories(); aggregations.put(FACET_CLEAN_CODE_ATTRIBUTE_CATEGORY, stickyFacetBuilder.buildStickyFacet(FIELD_RULE_CLEAN_CODE_ATTRIBUTE_CATEGORY, FACET_CLEAN_CODE_ATTRIBUTE_CATEGORY, MAX_FACET_SIZE, - (cleanCodeCategories == null) ? (new String[0]) : cleanCodeCategories.toArray())); + toStringArray(cleanCodeCategories))); } addImpactSoftwareQualityFacetIfNeeded(options, query, aggregations, stickyFacetBuilder); @@ -701,38 +706,50 @@ public class RuleIndex { aggregations.put(FACET_CWE, stickyFacetBuilder.buildStickyFacet(FIELD_RULE_CWE, FACET_CWE, FACET_DEFAULT_SIZE, filterSecurityCategories(), - (categories == null) ? (new String[0]) : categories.toArray())); + toStringArray(categories))); } if (options.getFacets().contains(FACET_OWASP_TOP_10)) { Collection<String> categories = query.getOwaspTop10(); aggregations.put(FACET_OWASP_TOP_10, stickyFacetBuilder.buildStickyFacet(FIELD_RULE_OWASP_TOP_10, FACET_OWASP_TOP_10, FACET_DEFAULT_SIZE, filterSecurityCategories(), - (categories == null) ? (new String[0]) : categories.toArray())); + toStringArray(categories))); } if (options.getFacets().contains(FACET_OWASP_TOP_10_2021)) { Collection<String> categories = query.getOwaspTop10For2021(); aggregations.put(FACET_OWASP_TOP_10_2021, stickyFacetBuilder.buildStickyFacet(FIELD_RULE_OWASP_TOP_10_2021, FACET_OWASP_TOP_10_2021, FACET_DEFAULT_SIZE, filterSecurityCategories(), - (categories == null) ? (new String[0]) : categories.toArray())); + toStringArray(categories))); + } + if (options.getFacets().contains(FACET_OWASP_MOBILE_TOP_10_2024)) { + Collection<String> categories = query.getOwaspTop10For2021(); + aggregations.put(FACET_OWASP_MOBILE_TOP_10_2024, + stickyFacetBuilder.buildStickyFacet(FIELD_RULE_OWASP_MOBILE_TOP_10_2024, FACET_OWASP_MOBILE_TOP_10_2024, + FACET_DEFAULT_SIZE, filterSecurityCategories(), + toStringArray(categories))); } if (options.getFacets().contains(FACET_SANS_TOP_25)) { Collection<String> categories = query.getSansTop25(); aggregations.put(FACET_SANS_TOP_25, stickyFacetBuilder.buildStickyFacet(FIELD_RULE_SANS_TOP_25, FACET_SANS_TOP_25, FACET_DEFAULT_SIZE, filterSecurityCategories(), - (categories == null) ? (new String[0]) : categories.toArray())); + toStringArray(categories))); } if (options.getFacets().contains(FACET_SONARSOURCE_SECURITY)) { Collection<String> categories = query.getSonarsourceSecurity(); aggregations.put(FACET_SONARSOURCE_SECURITY, stickyFacetBuilder.buildStickyFacet(FIELD_RULE_SONARSOURCE_SECURITY, FACET_SONARSOURCE_SECURITY, SecurityStandards.SQCategory.values().length, filterSecurityCategories(), - (categories == null) ? (new String[0]) : categories.toArray())); + toStringArray(categories))); } } + @NotNull + private static Object[] toStringArray(@Nullable Collection<String> items) { + return (items == null) ? (new String[0]) : items.toArray(new String[0]); + } + private static void addStatusFacetIfNeeded(SearchOptions options, Map<String, AggregationBuilder> aggregations, StickyFacetBuilder stickyFacetBuilder) { if (options.getFacets().contains(FACET_STATUSES)) { BoolQueryBuilder facetFilter = stickyFacetBuilder.getStickyFacetFilter(FIELD_RULE_STATUS); diff --git a/server/sonar-server-common/src/main/java/org/sonar/server/rule/index/RuleIndexDefinition.java b/server/sonar-server-common/src/main/java/org/sonar/server/rule/index/RuleIndexDefinition.java index 76170885f2b..7bce1048b8d 100644 --- a/server/sonar-server-common/src/main/java/org/sonar/server/rule/index/RuleIndexDefinition.java +++ b/server/sonar-server-common/src/main/java/org/sonar/server/rule/index/RuleIndexDefinition.java @@ -63,6 +63,7 @@ public class RuleIndexDefinition implements IndexDefinition { public static final String FIELD_RULE_CWE = "cwe"; public static final String FIELD_RULE_OWASP_TOP_10 = "owaspTop10"; public static final String FIELD_RULE_OWASP_TOP_10_2021 = "owaspTop10-2021"; + public static final String FIELD_RULE_OWASP_MOBILE_TOP_10_2024 = "owaspMobileTop10-2024"; public static final String FIELD_RULE_SANS_TOP_25 = "sansTop25"; public static final String FIELD_RULE_SONARSOURCE_SECURITY = "sonarsourceSecurity"; public static final String FIELD_RULE_TAGS = "tags"; @@ -154,6 +155,7 @@ public class RuleIndexDefinition implements IndexDefinition { ruleMapping.keywordFieldBuilder(FIELD_RULE_CWE).disableNorms().build(); ruleMapping.keywordFieldBuilder(FIELD_RULE_OWASP_TOP_10).disableNorms().build(); ruleMapping.keywordFieldBuilder(FIELD_RULE_OWASP_TOP_10_2021).disableNorms().build(); + ruleMapping.keywordFieldBuilder(FIELD_RULE_OWASP_MOBILE_TOP_10_2024).disableNorms().build(); ruleMapping.keywordFieldBuilder(FIELD_RULE_SANS_TOP_25).disableNorms().build(); ruleMapping.keywordFieldBuilder(FIELD_RULE_SONARSOURCE_SECURITY).disableNorms().build(); diff --git a/server/sonar-server-common/src/main/java/org/sonar/server/rule/index/RuleQuery.java b/server/sonar-server-common/src/main/java/org/sonar/server/rule/index/RuleQuery.java index d0904071684..f309a66eb16 100644 --- a/server/sonar-server-common/src/main/java/org/sonar/server/rule/index/RuleQuery.java +++ b/server/sonar-server-common/src/main/java/org/sonar/server/rule/index/RuleQuery.java @@ -31,39 +31,38 @@ import org.sonar.db.qualityprofile.QProfileDto; import static java.util.Arrays.asList; public class RuleQuery { - - private String key; - private String queryText; - private Collection<String> languages; - private Collection<String> repositories; - private Collection<String> severities; - private Collection<RuleStatus> statuses; - private Collection<String> tags; - private Collection<RuleType> types; - private Boolean activation; - private QProfileDto profile; - private QProfileDto compareToQProfile; - private Collection<String> inheritance; - private Collection<String> activeSeverities; - private String templateKey; - private Boolean isTemplate; - private Long availableSince; - private String sortField; + private String key = null; + private String queryText = null; + private Collection<String> languages = null; + private Collection<String> repositories = null; + private Collection<String> severities = null; + private Collection<RuleStatus> statuses = null; + private Collection<String> tags = null; + private Collection<RuleType> types = null; + private Boolean activation = null; + private QProfileDto profile = null; + private QProfileDto compareToQProfile = null; + private Collection<String> inheritance = null; + private Collection<String> activeSeverities = null; + private String templateKey = null; + private Boolean isTemplate = null; + private Long availableSince = null; + private String sortField = null; private boolean ascendingSort = true; - private String internalKey; - private String ruleKey; - private boolean includeExternal; - private Collection<String> owaspTop10; - private Collection<String> owaspTop10For2021; - private Collection<String> sansTop25; - private Collection<String> cwe; - private Collection<String> sonarsourceSecurity; - private Collection<String> impactSeverities; - private Collection<String> impactSoftwareQualities; - private Collection<String> activeImpactSeverities; - private Collection<String> cleanCodeAttributesCategories; - private Boolean prioritizedRule; - + private String internalKey = null; + private String ruleKey = null; + private boolean includeExternal = false; + private Collection<String> owaspTop10 = null; + private Collection<String> owaspTop10For2021 = null; + private Collection<String> owaspMobileTop10For2024 = null; + private Collection<String> sansTop25 = null; + private Collection<String> cwe = null; + private Collection<String> sonarsourceSecurity = null; + private Collection<String> impactSeverities = null; + private Collection<String> impactSoftwareQualities = null; + private Collection<String> activeImpactSeverities = null; + private Collection<String> cleanCodeAttributesCategories = null; + private Boolean prioritizedRule = null; @CheckForNull public QProfileDto getQProfile() { @@ -335,6 +334,16 @@ public class RuleQuery { } @CheckForNull + public Collection<String> getOwaspMobileTop10For2024() { + return owaspMobileTop10For2024; + } + + public RuleQuery setOwaspMobileTop10For2024(@Nullable Collection<String> owaspMobileTop10For2024) { + this.owaspMobileTop10For2024 = owaspMobileTop10For2024; + return this; + } + + @CheckForNull public Collection<String> getSansTop25() { return sansTop25; } diff --git a/server/sonar-server-common/src/test/java/org/sonar/server/rule/index/RuleDocTest.java b/server/sonar-server-common/src/test/java/org/sonar/server/rule/index/RuleDocTest.java index 21eff8259fc..9676a0ef521 100644 --- a/server/sonar-server-common/src/test/java/org/sonar/server/rule/index/RuleDocTest.java +++ b/server/sonar-server-common/src/test/java/org/sonar/server/rule/index/RuleDocTest.java @@ -56,6 +56,7 @@ public class RuleDocTest { assertThat(ruleDoc.getCwe()).isEqualTo(securityStandards.getCwe()); assertThat(ruleDoc.getOwaspTop10()).isEqualTo(securityStandards.getOwaspTop10()); assertThat(ruleDoc.getOwaspTop10For2021()).isEqualTo(securityStandards.getOwaspTop10For2021()); + assertThat(ruleDoc.getOwaspMobileTop10For2024()).isEqualTo(securityStandards.getOwaspMobileTop10For2024()); assertThat(ruleDoc.getSansTop25()).isEqualTo(securityStandards.getSansTop25()); assertThat(ruleDoc.getSonarSourceSecurityCategory()).isEqualTo(securityStandards.getSqCategory()); assertThat(ruleDoc.name()).isEqualTo(ruleForIndexingDto.getName()); diff --git a/server/sonar-webserver-webapi/src/it/java/org/sonar/server/qualityprofile/ws/ActivateRulesActionIT.java b/server/sonar-webserver-webapi/src/it/java/org/sonar/server/qualityprofile/ws/ActivateRulesActionIT.java index 2621b250f7a..9eb43a55a64 100644 --- a/server/sonar-webserver-webapi/src/it/java/org/sonar/server/qualityprofile/ws/ActivateRulesActionIT.java +++ b/server/sonar-webserver-webapi/src/it/java/org/sonar/server/qualityprofile/ws/ActivateRulesActionIT.java @@ -92,6 +92,7 @@ class ActivateRulesActionIT { "cwe", "owaspTop10", "owaspTop10-2021", + "owaspMobileTop10-2024", "sansTop25", "sonarsourceSecurity", "cleanCodeAttributeCategories", diff --git a/server/sonar-webserver-webapi/src/it/java/org/sonar/server/qualityprofile/ws/DeactivateRulesActionIT.java b/server/sonar-webserver-webapi/src/it/java/org/sonar/server/qualityprofile/ws/DeactivateRulesActionIT.java index 2d47ed3d4d6..1bc17a606e7 100644 --- a/server/sonar-webserver-webapi/src/it/java/org/sonar/server/qualityprofile/ws/DeactivateRulesActionIT.java +++ b/server/sonar-webserver-webapi/src/it/java/org/sonar/server/qualityprofile/ws/DeactivateRulesActionIT.java @@ -90,6 +90,7 @@ public class DeactivateRulesActionIT { "cwe", "owaspTop10", "owaspTop10-2021", + "owaspMobileTop10-2024", "sansTop25", "sonarsourceSecurity", "cleanCodeAttributeCategories", diff --git a/server/sonar-webserver-webapi/src/it/java/org/sonar/server/rule/ws/SearchActionIT.java b/server/sonar-webserver-webapi/src/it/java/org/sonar/server/rule/ws/SearchActionIT.java index 2006f9a94f0..77a203ddea9 100644 --- a/server/sonar-webserver-webapi/src/it/java/org/sonar/server/rule/ws/SearchActionIT.java +++ b/server/sonar-webserver-webapi/src/it/java/org/sonar/server/rule/ws/SearchActionIT.java @@ -159,7 +159,7 @@ class SearchActionIT { assertThat(def.since()).isEqualTo("4.4"); assertThat(def.isInternal()).isFalse(); assertThat(def.responseExampleAsString()).isNotEmpty(); - assertThat(def.params()).hasSize(33); + assertThat(def.params()).hasSize(34); WebService.Param compareToProfile = def.param("compareToProfile"); assertThat(compareToProfile.since()).isEqualTo("6.5"); diff --git a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/qualityprofile/ws/ActivateRulesAction.java b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/qualityprofile/ws/ActivateRulesAction.java index 06ab823555c..deaf79ece99 100644 --- a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/qualityprofile/ws/ActivateRulesAction.java +++ b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/qualityprofile/ws/ActivateRulesAction.java @@ -109,7 +109,8 @@ public class ActivateRulesAction implements QProfileWsAction { wsSupport.checkNotBuiltIn(profile); RuleQuery ruleQuery = ruleQueryFactory.createRuleQuery(dbSession, request); ruleQuery.setIncludeExternal(false); - result = qProfileRules.bulkActivateAndCommit(dbSession, profile, ruleQuery, request.param(PARAM_TARGET_SEVERITY), request.paramAsBoolean(PARAM_PRIORITIZED_RULE)); + result = qProfileRules.bulkActivateAndCommit(dbSession, profile, ruleQuery, request.param(PARAM_TARGET_SEVERITY), + request.paramAsBoolean(PARAM_PRIORITIZED_RULE)); } writeResponse(result, response); diff --git a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/rule/ws/RuleQueryFactory.java b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/rule/ws/RuleQueryFactory.java index 831558dcc11..90ff616544a 100644 --- a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/rule/ws/RuleQueryFactory.java +++ b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/rule/ws/RuleQueryFactory.java @@ -46,6 +46,7 @@ import static org.sonar.server.rule.ws.RulesWsParameters.PARAM_INCLUDE_EXTERNAL; import static org.sonar.server.rule.ws.RulesWsParameters.PARAM_INHERITANCE; import static org.sonar.server.rule.ws.RulesWsParameters.PARAM_IS_TEMPLATE; import static org.sonar.server.rule.ws.RulesWsParameters.PARAM_LANGUAGES; +import static org.sonar.server.rule.ws.RulesWsParameters.PARAM_OWASP_MOBILE_TOP_10_2024; import static org.sonar.server.rule.ws.RulesWsParameters.PARAM_OWASP_TOP_10; import static org.sonar.server.rule.ws.RulesWsParameters.PARAM_OWASP_TOP_10_2021; import static org.sonar.server.rule.ws.RulesWsParameters.PARAM_PRIORITIZED_RULE; @@ -108,6 +109,7 @@ public class RuleQueryFactory { query.setCwe(request.paramAsStrings(PARAM_CWE)); query.setOwaspTop10(request.paramAsStrings(PARAM_OWASP_TOP_10)); query.setOwaspTop10For2021(request.paramAsStrings(PARAM_OWASP_TOP_10_2021)); + query.setOwaspMobileTop10For2024(request.paramAsStrings(PARAM_OWASP_MOBILE_TOP_10_2024)); query.setSansTop25(request.paramAsStrings(PARAM_SANS_TOP_25)); query.setSonarsourceSecurity(request.paramAsStrings(PARAM_SONARSOURCE_SECURITY)); query.setCleanCodeAttributesCategories(request.paramAsStrings(PARAM_CLEAN_CODE_ATTRIBUTE_CATEGORIES)); diff --git a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/rule/ws/RuleWsSupport.java b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/rule/ws/RuleWsSupport.java index 2f1504032b4..4736710cdfd 100644 --- a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/rule/ws/RuleWsSupport.java +++ b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/rule/ws/RuleWsSupport.java @@ -63,6 +63,7 @@ import static org.sonar.server.rule.ws.RulesWsParameters.PARAM_INCLUDE_EXTERNAL; import static org.sonar.server.rule.ws.RulesWsParameters.PARAM_INHERITANCE; import static org.sonar.server.rule.ws.RulesWsParameters.PARAM_IS_TEMPLATE; import static org.sonar.server.rule.ws.RulesWsParameters.PARAM_LANGUAGES; +import static org.sonar.server.rule.ws.RulesWsParameters.PARAM_OWASP_MOBILE_TOP_10_2024; import static org.sonar.server.rule.ws.RulesWsParameters.PARAM_OWASP_TOP_10; import static org.sonar.server.rule.ws.RulesWsParameters.PARAM_OWASP_TOP_10_2021; import static org.sonar.server.rule.ws.RulesWsParameters.PARAM_PRIORITIZED_RULE; @@ -137,6 +138,11 @@ public class RuleWsSupport { .setSince("9.4") .setPossibleValues("a1", "a2", "a3", "a4", "a5", "a6", "a7", "a8", "a9", "a10"); + action.createParam(PARAM_OWASP_MOBILE_TOP_10_2024) + .setDescription("Comma-separated list of OWASP Mobile Top 10 2024 lowercase categories.") + .setSince("2025.4") + .setPossibleValues("m1", "m2", "m3", "m4", "m5", "m6", "m7", "m8", "m9", "m10"); + action.createParam(PARAM_SANS_TOP_25) .setDeprecatedSince("10.0") .setDescription("Comma-separated list of SANS Top 25 categories.") diff --git a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/rule/ws/RulesWsParameters.java b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/rule/ws/RulesWsParameters.java index 3ad32dd58f0..70595644f15 100644 --- a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/rule/ws/RulesWsParameters.java +++ b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/rule/ws/RulesWsParameters.java @@ -35,6 +35,7 @@ public class RulesWsParameters { public static final String PARAM_CWE = "cwe"; public static final String PARAM_OWASP_TOP_10 = "owaspTop10"; public static final String PARAM_OWASP_TOP_10_2021 = "owaspTop10-2021"; + public static final String PARAM_OWASP_MOBILE_TOP_10_2024 = "owaspMobileTop10-2024"; /** * @deprecated SansTop25 report is outdated, it has been completely deprecated in version 10.0 and will be removed from version 11.0 */ @@ -84,26 +85,26 @@ public class RulesWsParameters { public static final String FIELD_CLEAN_CODE_ATTRIBUTE = "cleanCodeAttribute"; /** - * Value for 'f' parameter which is used to return all the "defaultDebtRemFn" fields. + * Value for 'fields' parameter which is used to return all the "defaultDebtRemFn" fields. * * @deprecated since 10.0, replaced by {@link #FIELD_DEFAULT_REM_FUNCTION} */ @Deprecated(since = "10.0") public static final String FIELD_DEFAULT_DEBT_REM_FUNCTION = "defaultDebtRemFn"; /** - * Value for 'f' parameter which is used to return all the "defaultRemFn" fields. + * Value for 'fields' parameter which is used to return all the "defaultRemFn" fields. */ public static final String FIELD_DEFAULT_REM_FUNCTION = "defaultRemFn"; /** - * Value for 'f' parameter which is used to return all the "debtRemFn" fields. + * Value for 'fields' parameter which is used to return all the "debtRemFn" fields. * * @deprecated since 10.0, replaced by {@link #FIELD_REM_FUNCTION} */ @Deprecated(since = "10.0") public static final String FIELD_DEBT_REM_FUNCTION = "debtRemFn"; /** - * Value for 'f' parameter which is used to return all the "remFn" fields. + * Value for 'fields' parameter which is used to return all the "remFn" fields. */ public static final String FIELD_REM_FUNCTION = "remFn"; public static final String FIELD_GAP_DESCRIPTION = "gapDescription"; diff --git a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/rule/ws/SearchAction.java b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/rule/ws/SearchAction.java index d0bfa57b855..808c822156a 100644 --- a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/rule/ws/SearchAction.java +++ b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/rule/ws/SearchAction.java @@ -33,16 +33,15 @@ import java.util.Map; import java.util.Objects; import java.util.Set; import java.util.stream.Collectors; -import javax.annotation.CheckForNull; import javax.annotation.Nullable; import org.sonar.api.issue.impact.SoftwareQuality; import org.sonar.api.rule.Severity; import org.sonar.api.rules.CleanCodeAttributeCategory; -import org.sonar.core.rule.RuleType; import org.sonar.api.server.ws.Change; import org.sonar.api.server.ws.Request; import org.sonar.api.server.ws.Response; import org.sonar.api.server.ws.WebService; +import org.sonar.core.rule.RuleType; import org.sonar.db.DbClient; import org.sonar.db.DbSession; import org.sonar.db.rule.RuleDto; @@ -76,6 +75,7 @@ import static org.sonar.server.rule.index.RuleIndex.FACET_IMPACT_SEVERITY; import static org.sonar.server.rule.index.RuleIndex.FACET_IMPACT_SOFTWARE_QUALITY; import static org.sonar.server.rule.index.RuleIndex.FACET_LANGUAGES; import static org.sonar.server.rule.index.RuleIndex.FACET_OLD_DEFAULT; +import static org.sonar.server.rule.index.RuleIndex.FACET_OWASP_MOBILE_TOP_10_2024; import static org.sonar.server.rule.index.RuleIndex.FACET_OWASP_TOP_10; import static org.sonar.server.rule.index.RuleIndex.FACET_OWASP_TOP_10_2021; import static org.sonar.server.rule.index.RuleIndex.FACET_REPOSITORIES; @@ -93,6 +93,7 @@ import static org.sonar.server.rule.ws.RulesWsParameters.PARAM_CWE; import static org.sonar.server.rule.ws.RulesWsParameters.PARAM_IMPACT_SEVERITIES; import static org.sonar.server.rule.ws.RulesWsParameters.PARAM_IMPACT_SOFTWARE_QUALITIES; import static org.sonar.server.rule.ws.RulesWsParameters.PARAM_LANGUAGES; +import static org.sonar.server.rule.ws.RulesWsParameters.PARAM_OWASP_MOBILE_TOP_10_2024; import static org.sonar.server.rule.ws.RulesWsParameters.PARAM_OWASP_TOP_10; import static org.sonar.server.rule.ws.RulesWsParameters.PARAM_OWASP_TOP_10_2021; import static org.sonar.server.rule.ws.RulesWsParameters.PARAM_PRIORITIZED_RULE; @@ -121,6 +122,7 @@ public class SearchAction implements RulesWsAction { FACET_CWE, FACET_OWASP_TOP_10, FACET_OWASP_TOP_10_2021, + FACET_OWASP_MOBILE_TOP_10_2024, FACET_SANS_TOP_25, FACET_SONARSOURCE_SECURITY, FACET_CLEAN_CODE_ATTRIBUTE_CATEGORY, @@ -154,16 +156,16 @@ public class SearchAction implements RulesWsAction { new Change("5.5", "The field 'defaultDebtRemFnOffset' has been deprecated, use 'defaultRemFnBaseEffort' instead"), new Change("5.5", "The field 'debtOverloaded' has been deprecated, use 'remFnOverloaded' instead"), new Change("7.1", "The field 'scope' has been added to the response"), - new Change("7.1", "The field 'scope' has been added to the 'f' parameter"), + new Change("7.1", "The field 'scope' has been added to the 'fields' parameter"), new Change("7.2", "The field 'isExternal' has been added to the response"), - new Change("7.2", "The field 'includeExternal' has been added to the 'f' parameter"), - new Change("7.5", "The field 'updatedAt' has been added to the 'f' parameter"), + new Change("7.2", "The field 'includeExternal' has been added to the 'fields' parameter"), + new Change("7.5", "The field 'updatedAt' has been added to the 'fields' parameter"), new Change("9.5", "The field 'htmlDesc' has been deprecated, use 'descriptionSections' instead"), new Change("9.5", "The field 'descriptionSections' has been added to the payload"), - new Change("9.5", "The field 'descriptionSections' has been added to the 'f' parameter"), + new Change("9.5", "The field 'descriptionSections' has been added to the 'fields' parameter"), new Change("9.6", "'descriptionSections' can optionally embed a context field"), - new Change("9.6", "The field 'educationPrinciples' has been added to the 'f' parameter"), - new Change("9.8", "response fields 'total', 's', 'ps' have been deprecated, please use 'paging' object instead"), + new Change("9.6", "The field 'educationPrinciples' has been added to the 'fields' parameter"), + new Change("9.8", "response fields 'total', 's', 'pageSize' have been deprecated, please use 'paging' object instead"), new Change("9.8", "The field 'paging' has been added to the response"), new Change("10.0", "The deprecated field 'effortToFixDescription' has been removed, use 'gapDescription' instead."), new Change("10.0", "The deprecated field 'debtRemFnCoeff' has been removed, use 'remFnGapMultiplier' instead."), @@ -173,14 +175,14 @@ public class SearchAction implements RulesWsAction { new Change("10.0", "The deprecated field 'debtOverloaded' has been removed, use 'remFnOverloaded' instead."), new Change("10.0", "The field 'defaultDebtRemFnType' has been deprecated, use 'defaultRemFnType' instead"), new Change("10.0", "The field 'debtRemFnType' has been deprecated, use 'remFnType' instead"), - new Change("10.0", "The value 'debtRemFn' for the 'f' parameter has been deprecated, use 'remFn' instead"), - new Change("10.0", "The value 'defaultDebtRemFn' for the 'f' parameter has been deprecated, use 'defaultRemFn' instead"), + new Change("10.0", "The value 'debtRemFn' for the 'fields' parameter has been deprecated, use 'remFn' instead"), + new Change("10.0", "The value 'defaultDebtRemFn' for the 'fields' parameter has been deprecated, use 'defaultRemFn' instead"), new Change("10.0", "The value 'sansTop25' for the parameter 'facets' has been deprecated"), new Change("10.0", "Parameter 'sansTop25' is deprecated"), new Change("10.2", "Add 'impacts', 'cleanCodeAttribute', 'cleanCodeAttributeCategory' fields to the response"), new Change("10.2", "The fields 'type' and 'severity' are deprecated in the response. Use 'impacts' instead."), - new Change("10.2", "The field 'cleanCodeAttribute' has been added to the 'f' parameter."), - new Change("10.2", "The value 'severity' for the 'f' parameter has been deprecated."), + new Change("10.2", "The field 'cleanCodeAttribute' has been added to the 'fields' parameter."), + new Change("10.2", "The value 'severity' for the 'fields' parameter has been deprecated."), new Change("10.2", format("The values '%s', '%s' and '%s' have been added to the 'facets' parameter.", FACET_CLEAN_CODE_ATTRIBUTE_CATEGORY, FACET_IMPACT_SOFTWARE_QUALITY, FACET_IMPACT_SEVERITY)), @@ -197,9 +199,9 @@ public class SearchAction implements RulesWsAction { new Change("10.8", format("The parameters '%s','%s and '%s' are not deprecated anymore.", PARAM_SEVERITIES, PARAM_TYPES, PARAM_ACTIVE_SEVERITIES)), new Change("10.8", "The values 'severity' and 'types' for the 'facets' parameter are not deprecated anymore."), new Change("10.8", "The fields 'type' and 'severity' in the response are not deprecated anymore."), - new Change("10.8", "The value 'severity' for the 'f' parameter is not deprecated anymore."), + new Change("10.8", "The value 'severity' for the 'fields' parameter is not deprecated anymore."), new Change("2025.1", format("The facet '%s' has been added.", FACET_ACTIVE_IMPACT_SEVERITY)), - new Change("2025.1", "The deprecated field 'htmlDesc' is not returned anymore, even if specified in the 'f' parameter.")); + new Change("2025.1", "The deprecated field 'htmlDesc' is not returned anymore, even if specified in the 'fields' parameter.")); action.createParam(FACETS) .setDescription("Comma-separated list of the facets to be computed. No facet is computed by default.") @@ -273,15 +275,15 @@ public class SearchAction implements RulesWsAction { } private static SearchOptions loadCommonContext(SearchRequest request) { - int pageSize = Integer.parseInt(request.getPs()); - SearchOptions context = new SearchOptions().addFields(request.getF()); - if (request.getFacets() != null) { - context.addFacets(request.getFacets()); + int pageSize = Integer.parseInt(request.pageSize()); + SearchOptions context = new SearchOptions().addFields(request.fields()); + if (request.facets() != null) { + context.addFacets(request.facets()); } if (pageSize < 1) { - context.setPage(Integer.parseInt(request.getP()), 0).setLimit(MAX_PAGE_SIZE); + context.setPage(Integer.parseInt(request.page()), 0).setLimit(MAX_PAGE_SIZE); } else { - context.setPage(Integer.parseInt(request.getP()), pageSize); + context.setPage(Integer.parseInt(request.page()), pageSize); } return context; } @@ -336,18 +338,19 @@ public class SearchAction implements RulesWsAction { if (resultsFacets == null) { return; } - addMandatoryFacetValues(results, FACET_LANGUAGES, request.getLanguages()); - addMandatoryFacetValues(results, FACET_REPOSITORIES, request.getRepositories()); + addMandatoryFacetValues(results, FACET_LANGUAGES, request.languages); + addMandatoryFacetValues(results, FACET_REPOSITORIES, request.repositories); addMandatoryFacetValues(results, FACET_STATUSES, ALL_STATUSES_EXCEPT_REMOVED); addMandatoryFacetValues(results, FACET_SEVERITIES, Severity.ALL); addMandatoryFacetValues(results, FACET_ACTIVE_SEVERITIES, Severity.ALL); - addMandatoryFacetValues(results, FACET_TAGS, request.getTags()); + addMandatoryFacetValues(results, FACET_TAGS, request.tags); addMandatoryFacetValues(results, FACET_TYPES, RuleType.names()); - addMandatoryFacetValues(results, FACET_CWE, request.getCwe()); - addMandatoryFacetValues(results, FACET_OWASP_TOP_10, request.getOwaspTop10()); - addMandatoryFacetValues(results, FACET_OWASP_TOP_10_2021, request.getOwaspTop10For2021()); - addMandatoryFacetValues(results, FACET_SANS_TOP_25, request.getSansTop25()); - addMandatoryFacetValues(results, FACET_SONARSOURCE_SECURITY, request.getSonarsourceSecurity()); + addMandatoryFacetValues(results, FACET_CWE, request.cwe); + addMandatoryFacetValues(results, FACET_OWASP_TOP_10, request.owaspTop10()); + addMandatoryFacetValues(results, FACET_OWASP_TOP_10_2021, request.owaspTop10For2021()); + addMandatoryFacetValues(results, FACET_OWASP_MOBILE_TOP_10_2024, request.owaspMobileTop10For2024()); + addMandatoryFacetValues(results, FACET_SANS_TOP_25, request.sansTop25()); + addMandatoryFacetValues(results, FACET_SONARSOURCE_SECURITY, request.sonarsourceSecurity()); addMandatoryFacetValues(results, PARAM_IMPACT_SOFTWARE_QUALITIES, enumToStringCollection(SoftwareQuality.values())); addMandatoryFacetValues(results, PARAM_IMPACT_SEVERITIES, enumToStringCollection(org.sonar.api.issue.impact.Severity.values())); addMandatoryFacetValues(results, PARAM_CLEAN_CODE_ATTRIBUTE_CATEGORIES, enumToStringCollection(CleanCodeAttributeCategory.values())); @@ -355,22 +358,23 @@ public class SearchAction implements RulesWsAction { Common.Facet.Builder facet = Common.Facet.newBuilder(); Common.FacetValue.Builder value = Common.FacetValue.newBuilder(); Map<String, List<String>> facetValuesByFacetKey = new HashMap<>(); - facetValuesByFacetKey.put(FACET_LANGUAGES, request.getLanguages()); - facetValuesByFacetKey.put(FACET_REPOSITORIES, request.getRepositories()); - facetValuesByFacetKey.put(FACET_STATUSES, request.getStatuses()); - facetValuesByFacetKey.put(FACET_SEVERITIES, request.getSeverities()); - facetValuesByFacetKey.put(FACET_ACTIVE_SEVERITIES, request.getActiveSeverities()); - facetValuesByFacetKey.put(FACET_TAGS, request.getTags()); - facetValuesByFacetKey.put(FACET_TYPES, request.getTypes()); - facetValuesByFacetKey.put(FACET_CWE, request.getCwe()); - facetValuesByFacetKey.put(FACET_OWASP_TOP_10, request.getOwaspTop10()); - facetValuesByFacetKey.put(FACET_OWASP_TOP_10_2021, request.getOwaspTop10For2021()); - facetValuesByFacetKey.put(FACET_SANS_TOP_25, request.getSansTop25()); - facetValuesByFacetKey.put(FACET_SONARSOURCE_SECURITY, request.getSonarsourceSecurity()); - facetValuesByFacetKey.put(FACET_CLEAN_CODE_ATTRIBUTE_CATEGORY, request.getCleanCodeAttributesCategories()); - facetValuesByFacetKey.put(FACET_IMPACT_SOFTWARE_QUALITY, request.getImpactSoftwareQualities()); - facetValuesByFacetKey.put(FACET_IMPACT_SEVERITY, request.getImpactSeverities()); - facetValuesByFacetKey.put(FACET_ACTIVE_IMPACT_SEVERITY, request.getActiveImpactSeverities()); + facetValuesByFacetKey.put(FACET_LANGUAGES, request.languages()); + facetValuesByFacetKey.put(FACET_REPOSITORIES, request.repositories()); + facetValuesByFacetKey.put(FACET_STATUSES, request.statuses()); + facetValuesByFacetKey.put(FACET_SEVERITIES, request.severities()); + facetValuesByFacetKey.put(FACET_ACTIVE_SEVERITIES, request.activeSeverities()); + facetValuesByFacetKey.put(FACET_TAGS, request.tags()); + facetValuesByFacetKey.put(FACET_TYPES, request.types()); + facetValuesByFacetKey.put(FACET_CWE, request.cwe()); + facetValuesByFacetKey.put(FACET_OWASP_TOP_10, request.owaspTop10()); + facetValuesByFacetKey.put(FACET_OWASP_TOP_10_2021, request.owaspTop10For2021()); + facetValuesByFacetKey.put(FACET_OWASP_MOBILE_TOP_10_2024, request.owaspMobileTop10For2024()); + facetValuesByFacetKey.put(FACET_SANS_TOP_25, request.sansTop25()); + facetValuesByFacetKey.put(FACET_SONARSOURCE_SECURITY, request.sonarsourceSecurity()); + facetValuesByFacetKey.put(FACET_CLEAN_CODE_ATTRIBUTE_CATEGORY, request.cleanCodeAttributesCategories()); + facetValuesByFacetKey.put(FACET_IMPACT_SOFTWARE_QUALITY, request.impactSoftwareQualities()); + facetValuesByFacetKey.put(FACET_IMPACT_SEVERITY, request.impactSeverities()); + facetValuesByFacetKey.put(FACET_ACTIVE_IMPACT_SEVERITY, request.activeImpactSeverities()); for (String facetName : context.getFacets()) { facet.clear().setProperty(facetName); @@ -425,248 +429,55 @@ public class SearchAction implements RulesWsAction { private static SearchRequest toSearchWsRequest(Request request) { request.mandatoryParamAsBoolean(ASCENDING); - return new SearchRequest() - .setImpactSeverities(request.paramAsStrings(PARAM_IMPACT_SEVERITIES)) - .setImpactSoftwareQualities(request.paramAsStrings(PARAM_IMPACT_SOFTWARE_QUALITIES)) - .setCleanCodeAttributesCategories(request.paramAsStrings(PARAM_CLEAN_CODE_ATTRIBUTE_CATEGORIES)) - .setActiveSeverities(request.paramAsStrings(PARAM_ACTIVE_SEVERITIES)) - .setF(request.paramAsStrings(FIELDS)) - .setFacets(request.paramAsStrings(FACETS)) - .setLanguages(request.paramAsStrings(PARAM_LANGUAGES)) - .setP("" + request.mandatoryParamAsInt(PAGE)) - .setPs("" + request.mandatoryParamAsInt(PAGE_SIZE)) - .setRepositories(request.paramAsStrings(PARAM_REPOSITORIES)) - .setSeverities(request.paramAsStrings(PARAM_SEVERITIES)) - .setStatuses(request.paramAsStrings(PARAM_STATUSES)) - .setTags(request.paramAsStrings(PARAM_TAGS)) - .setTypes(request.paramAsStrings(PARAM_TYPES)) - .setCwe(request.paramAsStrings(PARAM_CWE)) - .setOwaspTop10(request.paramAsStrings(PARAM_OWASP_TOP_10)) - .setOwaspTop10For2021(request.paramAsStrings(PARAM_OWASP_TOP_10_2021)) - .setSansTop25(request.paramAsStrings(PARAM_SANS_TOP_25)) - .setSonarsourceSecurity(request.paramAsStrings(PARAM_SONARSOURCE_SECURITY)) - .setPrioritizedRule(request.paramAsBoolean(PARAM_PRIORITIZED_RULE)) - .setActiveImpactSeverities(request.paramAsStrings(PARAM_ACTIVE_IMPACT_SEVERITIES)); + return new SearchRequest( + String.valueOf(request.mandatoryParamAsInt(PAGE)), + String.valueOf(request.mandatoryParamAsInt(PAGE_SIZE)), + request.paramAsStrings(FIELDS), + request.paramAsStrings(FACETS), + request.paramAsStrings(PARAM_LANGUAGES), + request.paramAsStrings(PARAM_REPOSITORIES), + request.paramAsStrings(PARAM_SEVERITIES), + request.paramAsStrings(PARAM_STATUSES), + request.paramAsStrings(PARAM_TAGS), + request.paramAsStrings(PARAM_TYPES), + request.paramAsStrings(PARAM_CWE), + request.paramAsStrings(PARAM_OWASP_TOP_10), + request.paramAsStrings(PARAM_OWASP_TOP_10_2021), + request.paramAsStrings(PARAM_OWASP_MOBILE_TOP_10_2024), + request.paramAsStrings(PARAM_SANS_TOP_25), + request.paramAsStrings(PARAM_SONARSOURCE_SECURITY), + request.paramAsStrings(PARAM_IMPACT_SEVERITIES), + request.paramAsStrings(PARAM_IMPACT_SOFTWARE_QUALITIES), + request.paramAsStrings(PARAM_CLEAN_CODE_ATTRIBUTE_CATEGORIES), + request.paramAsStrings(PARAM_ACTIVE_SEVERITIES), + request.paramAsStrings(PARAM_ACTIVE_IMPACT_SEVERITIES), + request.paramAsBoolean(PARAM_PRIORITIZED_RULE) + ); } - private static class SearchRequest { - - private List<String> activeSeverities; - private List<String> f; - private List<String> facets; - private List<String> languages; - private String p; - private String ps; - private List<String> repositories; - private List<String> severities; - private List<String> statuses; - private List<String> tags; - private List<String> types; - private List<String> cwe; - private List<String> owaspTop10; - private List<String> owaspTop10For2021; - private List<String> sansTop25; - private List<String> sonarsourceSecurity; - private List<String> impactSeverities; - private List<String> impactSoftwareQualities; - private List<String> cleanCodeAttributesCategories; - private List<String> activeImpactSeverities; - private Boolean prioritizedRule; - - private SearchRequest setActiveSeverities(List<String> activeSeverities) { - this.activeSeverities = activeSeverities; - return this; - } - - private List<String> getActiveSeverities() { - return activeSeverities; - } - - private SearchRequest setF(List<String> f) { - this.f = f; - return this; - } - - private List<String> getF() { - return f; - } - - private SearchRequest setFacets(List<String> facets) { - this.facets = facets; - return this; - } - - private List<String> getFacets() { - return facets; - } - - private SearchRequest setLanguages(List<String> languages) { - this.languages = languages; - return this; - } - - private List<String> getLanguages() { - return languages; - } - - private SearchRequest setP(String p) { - this.p = p; - return this; - } - - private String getP() { - return p; - } - - private SearchRequest setPs(String ps) { - this.ps = ps; - return this; - } - - private String getPs() { - return ps; - } - - private SearchRequest setRepositories(List<String> repositories) { - this.repositories = repositories; - return this; - } - - private List<String> getRepositories() { - return repositories; - } - - private SearchRequest setSeverities(List<String> severities) { - this.severities = severities; - return this; - } - - private List<String> getSeverities() { - return severities; - } - - private SearchRequest setStatuses(List<String> statuses) { - this.statuses = statuses; - return this; - } - - private List<String> getStatuses() { - return statuses; - } - - private SearchRequest setTags(List<String> tags) { - this.tags = tags; - return this; - } - - private List<String> getTags() { - return tags; - } - - private SearchRequest setTypes(@Nullable List<String> types) { - this.types = types; - return this; - } - - private List<String> getTypes() { - return types; - } - - public List<String> getCwe() { - return cwe; - } - - public SearchRequest setCwe(@Nullable List<String> cwe) { - this.cwe = cwe; - return this; - } - - public List<String> getOwaspTop10() { - return owaspTop10; - } - - public SearchRequest setOwaspTop10(@Nullable List<String> owaspTop10) { - this.owaspTop10 = owaspTop10; - return this; - } - - public List<String> getOwaspTop10For2021() { - return owaspTop10For2021; - } - - public SearchRequest setOwaspTop10For2021(@Nullable List<String> owaspTop10For2021) { - this.owaspTop10For2021 = owaspTop10For2021; - return this; - } - - /** - * @deprecated SansTop25 report is outdated, it has been completely deprecated in version 10.0 and will be removed from version 11.0 - */ - @Deprecated(since = "10.0", forRemoval = true) - public List<String> getSansTop25() { - return sansTop25; - } - - @Deprecated(since = "10.0", forRemoval = true) - public SearchRequest setSansTop25(@Nullable List<String> sansTop25) { - this.sansTop25 = sansTop25; - return this; - } - - public List<String> getSonarsourceSecurity() { - return sonarsourceSecurity; - } - - public SearchRequest setSonarsourceSecurity(@Nullable List<String> sonarsourceSecurity) { - this.sonarsourceSecurity = sonarsourceSecurity; - return this; - } - - public List<String> getImpactSeverities() { - return impactSeverities; - } - - public SearchRequest setImpactSeverities(@Nullable List<String> impactSeverities) { - this.impactSeverities = impactSeverities; - return this; - } - - public List<String> getImpactSoftwareQualities() { - return impactSoftwareQualities; - } - - public SearchRequest setImpactSoftwareQualities(@Nullable List<String> impactSoftwareQualities) { - this.impactSoftwareQualities = impactSoftwareQualities; - return this; - } - - public List<String> getCleanCodeAttributesCategories() { - return cleanCodeAttributesCategories; - } - - public SearchRequest setCleanCodeAttributesCategories(@Nullable List<String> cleanCodeAttributesCategories) { - this.cleanCodeAttributesCategories = cleanCodeAttributesCategories; - return this; - } - - @CheckForNull - public Boolean getPrioritizedRule() { - return prioritizedRule; - } - - public SearchRequest setPrioritizedRule(@Nullable Boolean prioritizedRule) { - this.prioritizedRule = prioritizedRule; - return this; - } - - public SearchRequest setActiveImpactSeverities(@Nullable List<String> activeImpactSeverities) { - this.activeImpactSeverities = activeImpactSeverities; - return this; - } - - @CheckForNull - public List<String> getActiveImpactSeverities() { - return activeImpactSeverities; - } + private record SearchRequest( + String page, + String pageSize, + @Nullable List<String> fields, + @Nullable List<String> facets, + @Nullable List<String> languages, + @Nullable List<String> repositories, + @Nullable List<String> severities, + @Nullable List<String> statuses, + @Nullable List<String> tags, + @Nullable List<String> types, + @Nullable List<String> cwe, + @Nullable List<String> owaspTop10, + @Nullable List<String> owaspTop10For2021, + @Nullable List<String> owaspMobileTop10For2024, + @Nullable List<String> sansTop25, + @Nullable List<String> sonarsourceSecurity, + @Nullable List<String> impactSeverities, + @Nullable List<String> impactSoftwareQualities, + @Nullable List<String> cleanCodeAttributesCategories, + @Nullable List<String> activeSeverities, + @Nullable List<String> activeImpactSeverities, + @Nullable Boolean prioritizedRule + ) { } } diff --git a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/rule/ws/ShowAction.java b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/rule/ws/ShowAction.java index 2df21e2e12f..e1aea127817 100644 --- a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/rule/ws/ShowAction.java +++ b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/rule/ws/ShowAction.java @@ -89,7 +89,7 @@ public class ShowAction implements RulesWsAction { new Change("10.2", "The field 'severity' and 'type' in the response have been deprecated, use 'impacts' instead."), new Change("10.8", format("Possible values '%s' and '%s' for response field 'severity' of 'impacts' have been added.", INFO.name(), BLOCKER.name())), new Change("10.8", "The field 'severity' and 'type' in the response are not deprecated anymore."), - new Change("2025.1", "The deprecated field 'htmlDesc' is not returned anymore, even if specified in the 'f' parameter.")); + new Change("2025.1", "The deprecated field 'htmlDesc' is not returned anymore, even if specified in the 'fields' parameter.")); action .createParam(PARAM_KEY) |