SONAR-17393 E2E test for owasp-asvs security report

author: Philippe Perrin <philippe.perrin@sonarsource.com> 2022-09-29 16:47:19 +0200
committer: Philippe Perrin <philippe.perrin@sonarsource.com> 2022-10-07 12:13:56 +0200
commit: 119ddb45b87979b71df8afb8a6da6b6e9581da80 (patch)
tree: 217b10097cc718f573eb9ea0653e58cebf65bd69 /plugins
parent: 1942fe88ebad22640e16b21a1896eca094f7a6f7 (diff)
download: sonarqube-119ddb45b87979b71df8afb8a6da6b6e9581da80.tar.gz
sonarqube-119ddb45b87979b71df8afb8a6da6b6e9581da80.zip
1 files changed, 7 insertions, 0 deletions
diff --git a/plugins/sonar-xoo-plugin/src/main/java/org/sonar/xoo/rule/XooRulesDefinition.java b/plugins/sonar-xoo-plugin/src/main/java/org/sonar/xoo/rule/XooRulesDefinition.java
index 399e70c9d70..c15d84a32e8 100644
--- a/plugins/sonar-xoo-plugin/src/main/java/org/sonar/xoo/rule/XooRulesDefinition.java
+++ b/plugins/sonar-xoo-plugin/src/main/java/org/sonar/xoo/rule/XooRulesDefinition.java
@@ -251,6 +251,13 @@ public class XooRulesDefinition implements RulesDefinition {
         .addPciDss(PciDssVersion.V3_2, "10.1a.2c");
     }
 
+    if (version != null && version.isGreaterThanOrEqual(Version.create(9, 6))) {
+      hotspot
+        .addOwaspAsvs(OwaspAsvsVersion.V4_0, "3.1.1", "4.2.2");
+      oneVulnerabilityIssuePerModule
+        .addOwaspAsvs(OwaspAsvsVersion.V4_0, "11.1.2", "14.5.1");
+    }
+
     NewRule hotspotWithContexts = repo.createRule(HotspotWithContextsSensor.RULE_KEY)
       .setName("Find security hotspots with contexts")
       .setType(RuleType.SECURITY_HOTSPOT)
author	Philippe Perrin <philippe.perrin@sonarsource.com>	2022-09-29 16:47:19 +0200
committer	Philippe Perrin <philippe.perrin@sonarsource.com>	2022-10-07 12:13:56 +0200
commit	119ddb45b87979b71df8afb8a6da6b6e9581da80 (patch)
tree	217b10097cc718f573eb9ea0653e58cebf65bd69 /plugins
parent	1942fe88ebad22640e16b21a1896eca094f7a6f7 (diff)
download	sonarqube-119ddb45b87979b71df8afb8a6da6b6e9581da80.tar.gz sonarqube-119ddb45b87979b71df8afb8a6da6b6e9581da80.zip