diff options
Diffstat (limited to 'server/sonar-web/src/main')
23 files changed, 21 insertions, 260 deletions
diff --git a/server/sonar-web/src/main/js/api/issues.ts b/server/sonar-web/src/main/js/api/issues.ts index d5a41e7d6ed..a0675a1dc09 100644 --- a/server/sonar-web/src/main/js/api/issues.ts +++ b/server/sonar-web/src/main/js/api/issues.ts @@ -45,7 +45,6 @@ type FacetName = | 'reporters' | 'resolutions' | 'rules' - | 'sansTop25' | 'severities' | 'statuses' | 'tags' diff --git a/server/sonar-web/src/main/js/apps/coding-rules/components/CodingRulesApp.tsx b/server/sonar-web/src/main/js/apps/coding-rules/components/CodingRulesApp.tsx index b6e32c4947c..9ee6237e2b0 100644 --- a/server/sonar-web/src/main/js/apps/coding-rules/components/CodingRulesApp.tsx +++ b/server/sonar-web/src/main/js/apps/coding-rules/components/CodingRulesApp.tsx @@ -112,7 +112,6 @@ export class CodingRulesApp extends React.PureComponent<Props, State> { query, SecurityStandard.OWASP_TOP10_2021 ), - sansTop25: shouldOpenStandardsChildFacet({}, query, SecurityStandard.SANS_TOP25), sonarsourceSecurity: shouldOpenSonarSourceSecurityFacet({}, query), standards: shouldOpenStandardsFacet({}, query), types: true, diff --git a/server/sonar-web/src/main/js/apps/coding-rules/components/FacetsList.tsx b/server/sonar-web/src/main/js/apps/coding-rules/components/FacetsList.tsx index 45e61ee93ec..a9b52ce93e8 100644 --- a/server/sonar-web/src/main/js/apps/coding-rules/components/FacetsList.tsx +++ b/server/sonar-web/src/main/js/apps/coding-rules/components/FacetsList.tsx @@ -111,7 +111,6 @@ export default function FacetsList(props: FacetsListProps) { fetchingCwe={false} fetchingOwaspTop10={false} fetchingOwaspTop10-2021={false} - fetchingSansTop25={false} fetchingSonarSourceSecurity={false} onChange={props.onFilterChange} onToggle={props.onFacetToggle} @@ -123,9 +122,6 @@ export default function FacetsList(props: FacetsListProps) { owaspTop10-2021Open={!!props.openFacets['owaspTop10-2021']} owaspTop10-2021Stats={props.facets && props.facets['owaspTop10-2021']} query={props.query} - sansTop25={props.query.sansTop25} - sansTop25Open={!!props.openFacets.sansTop25} - sansTop25Stats={props.facets && props.facets.sansTop25} sonarsourceSecurity={props.query.sonarsourceSecurity} sonarsourceSecurityOpen={!!props.openFacets.sonarsourceSecurity} sonarsourceSecurityStats={props.facets && props.facets.sonarsourceSecurity} diff --git a/server/sonar-web/src/main/js/apps/coding-rules/components/__tests__/__snapshots__/CodingRulesApp-test.tsx.snap b/server/sonar-web/src/main/js/apps/coding-rules/components/__tests__/__snapshots__/CodingRulesApp-test.tsx.snap index e89e17bb628..78e53adfec6 100644 --- a/server/sonar-web/src/main/js/apps/coding-rules/components/__tests__/__snapshots__/CodingRulesApp-test.tsx.snap +++ b/server/sonar-web/src/main/js/apps/coding-rules/components/__tests__/__snapshots__/CodingRulesApp-test.tsx.snap @@ -20,7 +20,6 @@ exports[`renderBulkButton should show bulk change button when user has edit righ "profile": undefined, "repositories": [], "ruleKey": undefined, - "sansTop25": [], "searchQuery": undefined, "severities": [], "sonarsourceSecurity": [], @@ -85,7 +84,6 @@ exports[`renderBulkButton should show bulk change button when user has global ad "profile": undefined, "repositories": [], "ruleKey": undefined, - "sansTop25": [], "searchQuery": undefined, "severities": [], "sonarsourceSecurity": [], @@ -143,7 +141,6 @@ exports[`should render correctly: loaded (ScreenPositionHelper) 1`] = ` "languages": true, "owaspTop10": false, "owaspTop10-2021": false, - "sansTop25": false, "sonarsourceSecurity": false, "standards": false, "types": true, @@ -163,7 +160,6 @@ exports[`should render correctly: loaded (ScreenPositionHelper) 1`] = ` "profile": undefined, "repositories": [], "ruleKey": undefined, - "sansTop25": [], "searchQuery": undefined, "severities": [], "sonarsourceSecurity": [], @@ -239,7 +235,6 @@ exports[`should render correctly: loaded 1`] = ` "profile": undefined, "repositories": [], "ruleKey": undefined, - "sansTop25": [], "searchQuery": undefined, "severities": [], "sonarsourceSecurity": [], diff --git a/server/sonar-web/src/main/js/apps/coding-rules/components/__tests__/__snapshots__/FacetsList-test.tsx.snap b/server/sonar-web/src/main/js/apps/coding-rules/components/__tests__/__snapshots__/FacetsList-test.tsx.snap index aab0fc78ec4..ec82fc3872b 100644 --- a/server/sonar-web/src/main/js/apps/coding-rules/components/__tests__/__snapshots__/FacetsList-test.tsx.snap +++ b/server/sonar-web/src/main/js/apps/coding-rules/components/__tests__/__snapshots__/FacetsList-test.tsx.snap @@ -39,7 +39,6 @@ exports[`should render correctly 1`] = ` fetchingCwe={false} fetchingOwaspTop10={false} fetchingOwaspTop10-2021={false} - fetchingSansTop25={false} fetchingSonarSourceSecurity={false} onChange={[MockFunction]} onToggle={[MockFunction]} @@ -47,7 +46,6 @@ exports[`should render correctly 1`] = ` owaspTop10-2021Open={false} owaspTop10Open={false} query={{}} - sansTop25Open={false} sonarsourceSecurityOpen={false} /> <injectIntl(AvailableSinceFacet) diff --git a/server/sonar-web/src/main/js/apps/coding-rules/query.ts b/server/sonar-web/src/main/js/apps/coding-rules/query.ts index 27f58c8d8fe..540ebece009 100644 --- a/server/sonar-web/src/main/js/apps/coding-rules/query.ts +++ b/server/sonar-web/src/main/js/apps/coding-rules/query.ts @@ -45,7 +45,6 @@ export interface Query { profile: string | undefined; repositories: string[]; ruleKey: string | undefined; - sansTop25: string[]; searchQuery: string | undefined; severities: string[]; sonarsourceSecurity: string[]; @@ -90,7 +89,6 @@ export function parseQuery(query: RawQuery): Query { profile: parseAsOptionalString(query.qprofile), repositories: parseAsArray(query.repositories, parseAsString), ruleKey: parseAsOptionalString(query.rule_key), - sansTop25: parseAsArray(query.sansTop25, parseAsString), searchQuery: parseAsOptionalString(query.q), severities: parseAsArray(query.severities, parseAsString), sonarsourceSecurity: parseAsArray(query.sonarsourceSecurity, parseAsString), @@ -117,7 +115,6 @@ export function serializeQuery(query: Query): RawQuery { qprofile: serializeString(query.profile), repositories: serializeStringArray(query.repositories), rule_key: serializeString(query.ruleKey), - sansTop25: serializeStringArray(query.sansTop25), severities: serializeStringArray(query.severities), sonarsourceSecurity: serializeStringArray(query.sonarsourceSecurity), statuses: serializeStringArray(query.statuses), @@ -138,7 +135,6 @@ export function shouldRequestFacet(facet: string): facet is FacetKey { 'owaspTop10', 'owaspTop10-2021', 'repositories', - 'sansTop25', 'severities', 'sonarsourceSecurity', 'standard', diff --git a/server/sonar-web/src/main/js/apps/issues/__tests__/utils-test.ts b/server/sonar-web/src/main/js/apps/issues/__tests__/utils-test.ts index f4dda49e42e..9598f118904 100644 --- a/server/sonar-web/src/main/js/apps/issues/__tests__/utils-test.ts +++ b/server/sonar-web/src/main/js/apps/issues/__tests__/utils-test.ts @@ -60,7 +60,6 @@ describe('serialize/deserialize', () => { resolved: true, rules: ['a', 'b'], sort: 'rules', - sansTop25: ['a', 'b'], scopes: ['a', 'b'], severities: ['a', 'b'], inNewCodePeriod: true, @@ -91,7 +90,6 @@ describe('serialize/deserialize', () => { resolutions: 'a,b', rules: 'a,b', s: 'rules', - sansTop25: 'a,b', scopes: 'a,b', severities: 'a,b', inNewCodePeriod: 'true', @@ -126,11 +124,8 @@ describe('shouldOpenStandardsChildFacet', () => { shouldOpenStandardsChildFacet({ owaspTop10: true }, {}, SecurityStandard.OWASP_TOP10) ).toBe(true); expect( - shouldOpenStandardsChildFacet({ sansTop25: true }, {}, SecurityStandard.SANS_TOP25) - ).toBe(true); - expect( shouldOpenStandardsChildFacet( - { sansTop25: true }, + { cwe: true }, { owaspTop10: ['A1'] }, SecurityStandard.OWASP_TOP10 ) @@ -143,16 +138,12 @@ describe('shouldOpenStandardsChildFacet', () => { ) ).toBe(true); expect( - shouldOpenStandardsChildFacet( - {}, - { sansTop25: ['insecure-interactions'] }, - SecurityStandard.SANS_TOP25 - ) + shouldOpenStandardsChildFacet({}, { owaspTop10: ['A1'] }, SecurityStandard.OWASP_TOP10) ).toBe(true); expect( shouldOpenStandardsChildFacet( {}, - { sansTop25: ['insecure-interactions'], sonarsourceSecurity: ['sql-injection'] }, + { owaspTop10: ['A1'], sonarsourceSecurity: ['sql-injection'] }, SecurityStandard.SONARSOURCE ) ).toBe(true); @@ -162,17 +153,17 @@ describe('shouldOpenStandardsChildFacet', () => { expect( shouldOpenStandardsChildFacet({ standards: true }, {}, SecurityStandard.OWASP_TOP10) ).toBe(false); + expect(shouldOpenStandardsChildFacet({ cwe: true }, {}, SecurityStandard.OWASP_TOP10)).toBe( + false + ); expect( - shouldOpenStandardsChildFacet({ sansTop25: true }, {}, SecurityStandard.OWASP_TOP10) - ).toBe(false); - expect( - shouldOpenStandardsChildFacet({}, { types: ['VULNERABILITY'] }, SecurityStandard.SANS_TOP25) + shouldOpenStandardsChildFacet({}, { types: ['VULNERABILITY'] }, SecurityStandard.OWASP_TOP10) ).toBe(false); expect( shouldOpenStandardsChildFacet( {}, - { sansTop25: ['insecure-interactions'], sonarsourceSecurity: ['sql-injection'] }, - SecurityStandard.OWASP_TOP10 + { owaspTop10: ['A1'], sonarsourceSecurity: ['sql-injection'] }, + SecurityStandard.OWASP_TOP10_2021 ) ).toBe(false); }); @@ -195,8 +186,6 @@ describe('shouldOpenSonarSourceSecurityFacet', () => { it('should NOT open sonarsourceSecurity facet', () => { expect(shouldOpenSonarSourceSecurityFacet({ standards: false }, {})).toBe(false); expect(shouldOpenSonarSourceSecurityFacet({ owaspTop10: true }, {})).toBe(false); - expect(shouldOpenSonarSourceSecurityFacet({ standards: true, sansTop25: true }, {})).toBe( - false - ); + expect(shouldOpenSonarSourceSecurityFacet({ standards: true, cwe: true }, {})).toBe(false); }); }); diff --git a/server/sonar-web/src/main/js/apps/issues/components/IssuesApp.tsx b/server/sonar-web/src/main/js/apps/issues/components/IssuesApp.tsx index 99904430b65..3a7ffd27df2 100644 --- a/server/sonar-web/src/main/js/apps/issues/components/IssuesApp.tsx +++ b/server/sonar-web/src/main/js/apps/issues/components/IssuesApp.tsx @@ -173,7 +173,6 @@ export class App extends React.PureComponent<Props, State> { query, SecurityStandard.OWASP_TOP10_2021 ), - sansTop25: shouldOpenStandardsChildFacet({}, query, SecurityStandard.SANS_TOP25), severities: true, sonarsourceSecurity: shouldOpenSonarSourceSecurityFacet({}, query), standards: shouldOpenStandardsFacet({}, query), diff --git a/server/sonar-web/src/main/js/apps/issues/sidebar/Sidebar.tsx b/server/sonar-web/src/main/js/apps/issues/sidebar/Sidebar.tsx index 22819d813c4..a0be8e5c952 100644 --- a/server/sonar-web/src/main/js/apps/issues/sidebar/Sidebar.tsx +++ b/server/sonar-web/src/main/js/apps/issues/sidebar/Sidebar.tsx @@ -195,7 +195,6 @@ export class Sidebar extends React.PureComponent<Props> { fetchingCwe={this.props.loadingFacets.cwe === true} fetchingOwaspTop10={this.props.loadingFacets.owaspTop10 === true} fetchingOwaspTop10-2021={this.props.loadingFacets['owaspTop10-2021'] === true} - fetchingSansTop25={this.props.loadingFacets.sansTop25 === true} fetchingSonarSourceSecurity={this.props.loadingFacets.sonarsourceSecurity === true} loadSearchResultCount={this.props.loadSearchResultCount} onChange={this.props.onFilterChange} @@ -208,9 +207,6 @@ export class Sidebar extends React.PureComponent<Props> { owaspTop10-2021Open={!!openFacets['owaspTop10-2021']} owaspTop10-2021Stats={facets['owaspTop10-2021']} query={query} - sansTop25={query.sansTop25} - sansTop25Open={!!openFacets.sansTop25} - sansTop25Stats={facets.sansTop25} sonarsourceSecurity={query.sonarsourceSecurity} sonarsourceSecurityOpen={!!openFacets.sonarsourceSecurity} sonarsourceSecurityStats={facets.sonarsourceSecurity} diff --git a/server/sonar-web/src/main/js/apps/issues/sidebar/StandardFacet.tsx b/server/sonar-web/src/main/js/apps/issues/sidebar/StandardFacet.tsx index 407fe9341e9..7c8be377cad 100644 --- a/server/sonar-web/src/main/js/apps/issues/sidebar/StandardFacet.tsx +++ b/server/sonar-web/src/main/js/apps/issues/sidebar/StandardFacet.tsx @@ -35,7 +35,6 @@ import { renderCWECategory, renderOwaspTop102021Category, renderOwaspTop10Category, - renderSansTop25Category, renderSonarSourceSecurityCategory, } from '../../../helpers/security-standard'; import { Facet } from '../../../types/issues'; @@ -50,7 +49,6 @@ interface Props { fetchingCwe: boolean; fetchingOwaspTop10: boolean; 'fetchingOwaspTop10-2021': boolean; - fetchingSansTop25: boolean; fetchingSonarSourceSecurity: boolean; loadSearchResultCount?: (property: string, changes: Partial<Query>) => Promise<Facet>; onChange: (changes: Partial<Query>) => void; @@ -63,9 +61,6 @@ interface Props { 'owaspTop10-2021Open': boolean; 'owaspTop10-2021Stats': Dict<number> | undefined; query: Partial<Query>; - sansTop25: string[]; - sansTop25Open: boolean; - sansTop25Stats: Dict<number> | undefined; sonarsourceSecurity: string[]; sonarsourceSecurityOpen: boolean; sonarsourceSecurityStats: Dict<number> | undefined; @@ -80,9 +75,8 @@ type StatsProp = | 'owaspTop10-2021Stats' | 'owaspTop10Stats' | 'cweStats' - | 'sansTop25Stats' | 'sonarsourceSecurityStats'; -type ValuesProp = 'owaspTop10-2021' | 'owaspTop10' | 'sansTop25' | 'sonarsourceSecurity' | 'cwe'; +type ValuesProp = 'owaspTop10-2021' | 'owaspTop10' | 'sonarsourceSecurity' | 'cwe'; const INITIAL_FACET_COUNT = 15; export default class StandardFacet extends React.PureComponent<Props, State> { @@ -93,7 +87,6 @@ export default class StandardFacet extends React.PureComponent<Props, State> { standards: { owaspTop10: {}, 'owaspTop10-2021': {}, - sansTop25: {}, cwe: {}, sonarsourceSecurity: {}, 'pciDss-3.2': {}, @@ -111,7 +104,6 @@ export default class StandardFacet extends React.PureComponent<Props, State> { this.props.owaspTop10.length > 0 || this.props['owaspTop10-2021'].length > 0 || this.props.cwe.length > 0 || - this.props.sansTop25.length > 0 || this.props.sonarsourceSecurity.length > 0 ) { this.loadStandards(); @@ -133,7 +125,6 @@ export default class StandardFacet extends React.PureComponent<Props, State> { ({ 'owaspTop10-2021': owaspTop102021, owaspTop10, - sansTop25, cwe, sonarsourceSecurity, 'pciDss-3.2': pciDss3_2, @@ -145,7 +136,6 @@ export default class StandardFacet extends React.PureComponent<Props, State> { standards: { 'owaspTop10-2021': owaspTop102021, owaspTop10, - sansTop25, cwe, sonarsourceSecurity, 'pciDss-3.2': pciDss3_2, @@ -170,9 +160,6 @@ export default class StandardFacet extends React.PureComponent<Props, State> { ...this.props['owaspTop10-2021'].map((item) => renderOwaspTop102021Category(this.state.standards, item, true) ), - ...this.props.sansTop25.map((item) => - renderSansTop25Category(this.state.standards, item, true) - ), ...this.props.cwe.map((item) => renderCWECategory(this.state.standards, item)), ]; }; @@ -189,10 +176,6 @@ export default class StandardFacet extends React.PureComponent<Props, State> { this.props.onToggle('owaspTop10-2021'); }; - handleSansTop25HeaderClick = () => { - this.props.onToggle('sansTop25'); - }; - handleSonarSourceSecurityHeaderClick = () => { this.props.onToggle('sonarsourceSecurity'); }; @@ -202,7 +185,6 @@ export default class StandardFacet extends React.PureComponent<Props, State> { [this.property]: [], owaspTop10: [], 'owaspTop10-2021': [], - sansTop25: [], cwe: [], sonarsourceSecurity: [], }); @@ -230,10 +212,6 @@ export default class StandardFacet extends React.PureComponent<Props, State> { this.handleItemClick(SecurityStandard.OWASP_TOP10_2021, itemValue, multiple); }; - handleSansTop25ItemClick = (itemValue: string, multiple: boolean) => { - this.handleItemClick(SecurityStandard.SANS_TOP25, itemValue, multiple); - }; - handleSonarSourceSecurityItemClick = (itemValue: string, multiple: boolean) => { this.handleItemClick(SecurityStandard.SONARSOURCE, itemValue, multiple); }; @@ -330,15 +308,6 @@ export default class StandardFacet extends React.PureComponent<Props, State> { ); } - renderSansTop25List() { - return this.renderList( - 'sansTop25Stats', - SecurityStandard.SANS_TOP25, - renderSansTop25Category, - this.handleSansTop25ItemClick - ); - } - renderSonarSourceSecurityList() { const stats = this.props.sonarsourceSecurityStats; const values = this.props.sonarsourceSecurity; @@ -416,10 +385,6 @@ export default class StandardFacet extends React.PureComponent<Props, State> { return this.renderHint('owaspTop10-2021Stats', SecurityStandard.OWASP_TOP10_2021); } - renderSansTop25Hint() { - return this.renderHint('sansTop25Stats', SecurityStandard.SANS_TOP25); - } - renderSonarSourceSecurityHint() { return this.renderHint('sonarsourceSecurityStats', SecurityStandard.SONARSOURCE); } @@ -478,23 +443,6 @@ export default class StandardFacet extends React.PureComponent<Props, State> { </> )} </FacetBox> - <FacetBox className="is-inner" property={SecurityStandard.SANS_TOP25}> - <FacetHeader - fetching={this.props.fetchingSansTop25} - name={translate('issues.facet.sansTop25')} - onClick={this.handleSansTop25HeaderClick} - open={this.props.sansTop25Open} - values={this.props.sansTop25.map((item) => - renderSansTop25Category(this.state.standards, item) - )} - /> - {this.props.sansTop25Open && ( - <> - {this.renderSansTop25List()} - {this.renderSansTop25Hint()} - </> - )} - </FacetBox> <ListStyleFacet<string> className="is-inner" facetHeader={translate('issues.facet.cwe')} diff --git a/server/sonar-web/src/main/js/apps/issues/sidebar/__tests__/StandardFacet-test.tsx b/server/sonar-web/src/main/js/apps/issues/sidebar/__tests__/StandardFacet-test.tsx index 200e38fc590..91d7786ded0 100644 --- a/server/sonar-web/src/main/js/apps/issues/sidebar/__tests__/StandardFacet-test.tsx +++ b/server/sonar-web/src/main/js/apps/issues/sidebar/__tests__/StandardFacet-test.tsx @@ -44,11 +44,6 @@ jest.mock('../../../../helpers/security-standard', () => ({ title: 'Broken Authentication', }, }, - sansTop25: { - 'insecure-interaction': { - title: 'Insecure Interaction Between Components', - }, - }, cwe: { unknown: { title: 'No CWE associated', @@ -88,7 +83,6 @@ it('should clear standards facet', () => { cwe: [], owaspTop10: [], 'owaspTop10-2021': [], - sansTop25: [], sonarsourceSecurity: [], standards: [], }); @@ -104,9 +98,6 @@ it('should render sub-facets', () => { owaspTop10: ['a3'], owaspTop10Open: true, owaspTop10Stats: { a1: 15, a3: 5 }, - sansTop25: ['risky-resource'], - sansTop25Open: true, - sansTop25Stats: { foo: 12, 'risky-resource': 10 }, sonarsourceSecurity: ['sql-injection'], sonarsourceSecurityOpen: true, sonarsourceSecurityStats: { 'sql-injection': 12 }, @@ -157,9 +148,12 @@ it('should show sonarsource facet more button', () => { it('should render empty sub-facet', () => { expect( - shallowRender({ open: true, sansTop25: [], sansTop25Open: true, sansTop25Stats: {} }).find( - 'FacetBox[property="sansTop25"]' - ) + shallowRender({ + open: true, + 'owaspTop10-2021': [], + 'owaspTop10-2021Open': true, + 'owaspTop10-2021Stats': {}, + }).find('FacetBox[property="owaspTop10-2021"]') ).toMatchSnapshot(); }); @@ -174,9 +168,6 @@ it('should select items', () => { owaspTop10: ['a3'], owaspTop10Open: true, owaspTop10Stats: { a1: 15, a3: 5 }, - sansTop25: ['risky-resource'], - sansTop25Open: true, - sansTop25Stats: { foo: 12, 'risky-resource': 10 }, sonarsourceSecurity: ['command-injection'], sonarsourceSecurityOpen: true, sonarsourceSecurityStats: { 'sql-injection': 10 }, @@ -184,7 +175,6 @@ it('should select items', () => { selectAndCheck('owaspTop10', 'a1'); selectAndCheck('owaspTop10', 'a1', true, ['a1', 'a3']); - selectAndCheck('sansTop25', 'foo'); selectAndCheck('sonarsourceSecurity', 'sql-injection'); function selectAndCheck(facet: string, value: string, multiple = false, expectedValue = [value]) { @@ -201,8 +191,6 @@ it('should toggle sub-facets', () => { const wrapper = shallowRender({ onToggle, open: true }); click(wrapper.find('FacetBox[property="owaspTop10"]').children('FacetHeader')); expect(onToggle).toHaveBeenLastCalledWith('owaspTop10'); - click(wrapper.find('FacetBox[property="sansTop25"]').children('FacetHeader')); - expect(onToggle).toHaveBeenLastCalledWith('sansTop25'); click(wrapper.find('FacetBox[property="sonarsourceSecurity"]').children('FacetHeader')); expect(onToggle).toHaveBeenLastCalledWith('sonarsourceSecurity'); }); @@ -212,7 +200,6 @@ it('should display correct selection', () => { open: true, owaspTop10: ['a1', 'a3'], 'owaspTop10-2021': ['a1', 'a2'], - sansTop25: ['risky-resource', 'foo'], cwe: ['42', '1111', 'unknown'], sonarsourceSecurity: ['sql-injection', 'others'], }); @@ -223,15 +210,12 @@ it('should display correct selection', () => { 'OWASP A3', 'OWASP A1 - a1 title', 'OWASP A2', - 'SANS Risky Resource Management', - 'SANS foo', 'CWE-42 - cwe-42 title', 'CWE-1111', 'Unknown CWE', ]); checkValues('owaspTop10', ['A1 - a1 title', 'A3']); checkValues('owaspTop10-2021', ['A1 - a1 title', 'A2']); - checkValues('sansTop25', ['Risky Resource Management', 'foo']); checkValues('sonarsourceSecurity', ['SQL Injection', 'Others']); function checkValues(property: string, values: string[]) { @@ -250,7 +234,6 @@ function shallowRender(props: Partial<StandardFacet['props']> = {}) { fetchingCwe={false} fetchingOwaspTop10={false} fetchingOwaspTop10-2021={false} - fetchingSansTop25={false} fetchingSonarSourceSecurity={false} loadSearchResultCount={jest.fn()} onChange={jest.fn()} @@ -263,9 +246,6 @@ function shallowRender(props: Partial<StandardFacet['props']> = {}) { owaspTop10-2021Open={false} owaspTop10-2021Stats={{}} query={{} as Query} - sansTop25={[]} - sansTop25Open={false} - sansTop25Stats={{}} sonarsourceSecurity={[]} sonarsourceSecurityOpen={false} sonarsourceSecurityStats={{}} @@ -276,7 +256,6 @@ function shallowRender(props: Partial<StandardFacet['props']> = {}) { standards: { owaspTop10: { a1: { title: 'a1 title' } }, 'owaspTop10-2021': { a1: { title: 'a1 title' } }, - sansTop25: { 'risky-resource': { title: 'Risky Resource Management' } }, cwe: { 42: { title: 'cwe-42 title' }, unknown: { title: 'Unknown CWE' } }, sonarsourceSecurity: { 'sql-injection': { title: 'SQL Injection' }, diff --git a/server/sonar-web/src/main/js/apps/issues/sidebar/__tests__/__snapshots__/StandardFacet-test.tsx.snap b/server/sonar-web/src/main/js/apps/issues/sidebar/__tests__/__snapshots__/StandardFacet-test.tsx.snap index ee432561b63..e1996d21b90 100644 --- a/server/sonar-web/src/main/js/apps/issues/sidebar/__tests__/__snapshots__/StandardFacet-test.tsx.snap +++ b/server/sonar-web/src/main/js/apps/issues/sidebar/__tests__/__snapshots__/StandardFacet-test.tsx.snap @@ -17,11 +17,11 @@ exports[`should render closed 1`] = ` exports[`should render empty sub-facet 1`] = ` <FacetBox className="is-inner" - property="sansTop25" + property="owaspTop10-2021" > <FacetHeader fetching={false} - name="issues.facet.sansTop25" + name="issues.facet.owaspTop10_2021" onClick={[Function]} open={true} values={[]} @@ -51,7 +51,6 @@ exports[`should render sub-facets 1`] = ` [ "SONAR SQL Injection", "OWASP A3", - "SANS Risky Resource Management", "CWE-42 - cwe-42 title", ] } @@ -145,50 +144,6 @@ exports[`should render sub-facets 1`] = ` values={1} /> </FacetBox> - <FacetBox - className="is-inner" - property="sansTop25" - > - <FacetHeader - fetching={false} - name="issues.facet.sansTop25" - onClick={[Function]} - open={true} - values={ - [ - "Risky Resource Management", - ] - } - /> - <FacetItemsList> - <FacetItem - active={false} - halfWidth={false} - key="foo" - loading={false} - name="foo" - onClick={[Function]} - stat="12" - tooltip="foo" - value="foo" - /> - <FacetItem - active={true} - halfWidth={false} - key="risky-resource" - loading={false} - name="Risky Resource Management" - onClick={[Function]} - stat="10" - tooltip="Risky Resource Management" - value="risky-resource" - /> - </FacetItemsList> - <MultipleSelectionHint - options={2} - values={1} - /> - </FacetBox> <ListStyleFacet className="is-inner" facetHeader="issues.facet.cwe" diff --git a/server/sonar-web/src/main/js/apps/issues/utils.ts b/server/sonar-web/src/main/js/apps/issues/utils.ts index 8734a17d734..400718aa381 100644 --- a/server/sonar-web/src/main/js/apps/issues/utils.ts +++ b/server/sonar-web/src/main/js/apps/issues/utils.ts @@ -63,7 +63,6 @@ export interface Query { resolutions: string[]; resolved: boolean; rules: string[]; - sansTop25: string[]; scopes: string[]; severities: string[]; inNewCodePeriod: boolean; @@ -105,7 +104,6 @@ export function parseQuery(query: RawQuery): Query { resolutions: parseAsArray(query.resolutions, parseAsString), resolved: parseAsBoolean(query.resolved), rules: parseAsArray(query.rules, parseAsString), - sansTop25: parseAsArray(query.sansTop25, parseAsString), scopes: parseAsArray(query.scopes, parseAsString), severities: parseAsArray(query.severities, parseAsString), sonarsourceSecurity: parseAsArray(query.sonarsourceSecurity, parseAsString), @@ -152,7 +150,6 @@ export function serializeQuery(query: Query): RawQuery { resolved: query.resolved ? undefined : 'false', rules: serializeStringArray(query.rules), s: serializeString(query.sort), - sansTop25: serializeStringArray(query.sansTop25), scopes: serializeStringArray(query.scopes), severities: serializeStringArray(query.severities), inNewCodePeriod: query.inNewCodePeriod ? 'true' : undefined, @@ -265,7 +262,6 @@ export function shouldOpenStandardsChildFacet( | SecurityStandard.CWE | SecurityStandard.OWASP_TOP10 | SecurityStandard.OWASP_TOP10_2021 - | SecurityStandard.SANS_TOP25 | SecurityStandard.SONARSOURCE ): boolean { const filter = query[standardType]; @@ -292,18 +288,12 @@ function isFilteredBySecurityIssueTypes(query: Partial<Query>): boolean { } function isOneStandardChildFacetOpen(openFacets: Dict<boolean>, query: Partial<Query>): boolean { - return [ - SecurityStandard.OWASP_TOP10, - SecurityStandard.SANS_TOP25, - SecurityStandard.CWE, - SecurityStandard.SONARSOURCE, - ].some( + return [SecurityStandard.OWASP_TOP10, SecurityStandard.CWE, SecurityStandard.SONARSOURCE].some( ( standardType: | SecurityStandard.CWE | SecurityStandard.OWASP_TOP10 | SecurityStandard.OWASP_TOP10_2021 - | SecurityStandard.SANS_TOP25 | SecurityStandard.SONARSOURCE ) => shouldOpenStandardsChildFacet(openFacets, query, standardType) ); diff --git a/server/sonar-web/src/main/js/apps/security-hotspots/SecurityHotspotsApp.tsx b/server/sonar-web/src/main/js/apps/security-hotspots/SecurityHotspotsApp.tsx index 91b675e28aa..9d6818d14c6 100644 --- a/server/sonar-web/src/main/js/apps/security-hotspots/SecurityHotspotsApp.tsx +++ b/server/sonar-web/src/main/js/apps/security-hotspots/SecurityHotspotsApp.tsx @@ -95,7 +95,6 @@ export class SecurityHotspotsApp extends React.PureComponent<Props, State> { standards: { [SecurityStandard.OWASP_TOP10]: {}, [SecurityStandard.OWASP_TOP10_2021]: {}, - [SecurityStandard.SANS_TOP25]: {}, [SecurityStandard.SONARSOURCE]: {}, [SecurityStandard.CWE]: {}, [SecurityStandard.PCI_DSS_3_2]: {}, diff --git a/server/sonar-web/src/main/js/apps/security-hotspots/utils.ts b/server/sonar-web/src/main/js/apps/security-hotspots/utils.ts index 14a1a2d6704..e7a79986fb1 100644 --- a/server/sonar-web/src/main/js/apps/security-hotspots/utils.ts +++ b/server/sonar-web/src/main/js/apps/security-hotspots/utils.ts @@ -25,7 +25,6 @@ import { renderOwaspTop10Category, renderPciDss32Category, renderPciDss40Category, - renderSansTop25Category, renderSonarSourceSecurityCategory, } from '../../helpers/security-standard'; import { SecurityStandard } from '../../types/security'; @@ -54,7 +53,6 @@ export const SECURITY_STANDARDS = [ SecurityStandard.SONARSOURCE, SecurityStandard.OWASP_TOP10, SecurityStandard.OWASP_TOP10_2021, - SecurityStandard.SANS_TOP25, SecurityStandard.CWE, SecurityStandard.PCI_DSS_3_2, SecurityStandard.PCI_DSS_4_0, @@ -64,7 +62,6 @@ export const SECURITY_STANDARDS = [ export const SECURITY_STANDARD_RENDERER = { [SecurityStandard.OWASP_TOP10]: renderOwaspTop10Category, [SecurityStandard.OWASP_TOP10_2021]: renderOwaspTop102021Category, - [SecurityStandard.SANS_TOP25]: renderSansTop25Category, [SecurityStandard.SONARSOURCE]: renderSonarSourceSecurityCategory, [SecurityStandard.CWE]: renderCWECategory, [SecurityStandard.PCI_DSS_3_2]: renderPciDss32Category, diff --git a/server/sonar-web/src/main/js/helpers/__tests__/security-standard-test.ts b/server/sonar-web/src/main/js/helpers/__tests__/security-standard-test.ts index db4c33d2cef..09bd047a51f 100644 --- a/server/sonar-web/src/main/js/helpers/__tests__/security-standard-test.ts +++ b/server/sonar-web/src/main/js/helpers/__tests__/security-standard-test.ts @@ -25,7 +25,6 @@ import { renderOwaspTop10Category, renderPciDss32Category, renderPciDss40Category, - renderSansTop25Category, renderSonarSourceSecurityCategory, } from '../security-standard'; @@ -41,7 +40,6 @@ describe('renderCWECategory', () => { }, owaspTop10: {}, 'owaspTop10-2021': {}, - sansTop25: {}, sonarsourceSecurity: {}, 'pciDss-3.2': {}, 'pciDss-4.0': {}, @@ -65,7 +63,6 @@ describe('renderOwaspTop10Category', () => { }, }, 'owaspTop10-2021': {}, - sansTop25: {}, sonarsourceSecurity: {}, 'pciDss-3.2': {}, 'pciDss-4.0': {}, @@ -88,7 +85,6 @@ describe('renderOwaspTop102021Category', () => { title: 'Injection', }, }, - sansTop25: {}, sonarsourceSecurity: {}, 'pciDss-3.2': {}, 'pciDss-4.0': {}, @@ -107,7 +103,6 @@ describe('renderPciDss32Category', () => { cwe: {}, owaspTop10: {}, 'owaspTop10-2021': {}, - sansTop25: {}, sonarsourceSecurity: {}, 'pciDss-3.2': { '1': { @@ -130,7 +125,6 @@ describe('renderPciDss40Category', () => { cwe: {}, owaspTop10: {}, 'owaspTop10-2021': {}, - sansTop25: {}, sonarsourceSecurity: {}, 'pciDss-3.2': {}, 'pciDss-4.0': { @@ -153,7 +147,6 @@ describe('renderOwaspAsvs40Category', () => { cwe: {}, owaspTop10: {}, 'owaspTop10-2021': {}, - sansTop25: {}, sonarsourceSecurity: {}, 'pciDss-3.2': {}, 'pciDss-4.0': {}, @@ -173,39 +166,11 @@ describe('renderOwaspAsvs40Category', () => { }); }); -describe('renderSansTop25Category', () => { - const standards: Standards = { - cwe: {}, - owaspTop10: {}, - 'owaspTop10-2021': {}, - sansTop25: { - 'insecure-interaction': { - title: 'Insecure Interaction Between Components', - }, - }, - sonarsourceSecurity: {}, - 'pciDss-3.2': {}, - 'pciDss-4.0': {}, - 'owaspAsvs-4.0': {}, - }; - it('should render sans categories correctly', () => { - expect(renderSansTop25Category(standards, 'insecure-interaction')).toEqual( - 'Insecure Interaction Between Components' - ); - expect(renderSansTop25Category(standards, 'insecure-interaction', true)).toEqual( - 'SANS Insecure Interaction Between Components' - ); - expect(renderSansTop25Category(standards, 'unknown')).toEqual('unknown'); - expect(renderSansTop25Category(standards, 'unknown', true)).toEqual('SANS unknown'); - }); -}); - describe('renderSonarSourceSecurityCategory', () => { const standards: Standards = { cwe: {}, owaspTop10: {}, 'owaspTop10-2021': {}, - sansTop25: {}, sonarsourceSecurity: { xss: { title: 'Cross-Site Scripting (XSS)', diff --git a/server/sonar-web/src/main/js/helpers/__tests__/urls-test.ts b/server/sonar-web/src/main/js/helpers/__tests__/urls-test.ts index 469e55a6aa2..410084c3fff 100644 --- a/server/sonar-web/src/main/js/helpers/__tests__/urls-test.ts +++ b/server/sonar-web/src/main/js/helpers/__tests__/urls-test.ts @@ -126,7 +126,6 @@ describe('#getComponentSecurityHotspotsUrl', () => { [SecurityStandard.OWASP_TOP10_2021]: 'a1', [SecurityStandard.CWE]: '213', [SecurityStandard.OWASP_TOP10]: 'a1', - [SecurityStandard.SANS_TOP25]: 'insecure-interaction', [SecurityStandard.SONARSOURCE]: 'command-injection', [SecurityStandard.PCI_DSS_3_2]: '4.2', [SecurityStandard.PCI_DSS_4_0]: '4.1', @@ -141,7 +140,6 @@ describe('#getComponentSecurityHotspotsUrl', () => { [SecurityStandard.OWASP_TOP10_2021]: 'a1', [SecurityStandard.OWASP_TOP10]: 'a1', [SecurityStandard.SONARSOURCE]: 'command-injection', - [SecurityStandard.SANS_TOP25]: 'insecure-interaction', [SecurityStandard.CWE]: '213', [SecurityStandard.PCI_DSS_3_2]: '4.2', [SecurityStandard.PCI_DSS_4_0]: '4.1', diff --git a/server/sonar-web/src/main/js/helpers/mocks/security-hotspots.ts b/server/sonar-web/src/main/js/helpers/mocks/security-hotspots.ts index 1bbf7e07f53..afc79f6c77f 100644 --- a/server/sonar-web/src/main/js/helpers/mocks/security-hotspots.ts +++ b/server/sonar-web/src/main/js/helpers/mocks/security-hotspots.ts @@ -162,17 +162,6 @@ export function mockStandards(): Standards { title: 'Sensitive Data Exposure', }, }, - sansTop25: { - 'insecure-interaction': { - title: 'Insecure Interaction Between Components', - }, - 'risky-resource': { - title: 'Risky Resource Management', - }, - 'porous-defenses': { - title: 'Porous Defenses', - }, - }, sonarsourceSecurity: { 'buffer-overflow': { title: 'Buffer Overflow', diff --git a/server/sonar-web/src/main/js/helpers/security-standard.ts b/server/sonar-web/src/main/js/helpers/security-standard.ts index ebb1624041c..739b7766e9c 100644 --- a/server/sonar-web/src/main/js/helpers/security-standard.ts +++ b/server/sonar-web/src/main/js/helpers/security-standard.ts @@ -62,15 +62,6 @@ function renderOwaspCategory( return addPrefix(`${category.toUpperCase()} - ${record.title}`, 'OWASP', withPrefix); } -export function renderSansTop25Category( - standards: Standards, - category: string, - withPrefix = false -): string { - const record = standards.sansTop25[category]; - return addPrefix(record ? record.title : category, 'SANS', withPrefix); -} - export function renderSonarSourceSecurityCategory( standards: Standards, category: string, diff --git a/server/sonar-web/src/main/js/helpers/standards.json b/server/sonar-web/src/main/js/helpers/standards.json index 326c542d7bf..fbcfcd5f5a0 100644 --- a/server/sonar-web/src/main/js/helpers/standards.json +++ b/server/sonar-web/src/main/js/helpers/standards.json @@ -83,20 +83,6 @@ "description": "Insufficient logging and monitoring, coupled with missing or ineffective integration with incident response, allows attackers to further attack systems, maintain persistence, pivot to more systems, and tamper, extract, or destroy data. Most breach studies show time to detect a breach is over 200 days, typically detected by external parties rather than internal processes or monitoring." } }, - "sansTop25": { - "insecure-interaction": { - "title": "Insecure Interaction Between Components", - "description": "These weaknesses are related to insecure ways in which data is sent and received between separate components, modules, programs, processes, threads, or systems." - }, - "risky-resource": { - "title": "Risky Resource Management", - "description": "The weaknesses in this category are related to ways in which software does not properly manage the creation, usage, transfer, or destruction of important system resources." - }, - "porous-defenses": { - "title": "Porous Defenses", - "description": "The weaknesses in this category are related to defensive techniques that are often misused, abused, or just plain ignored." - } - }, "cwe": { "5": { "title": "J2EE Misconfiguration: Data Transmission Without Encryption", @@ -5275,4 +5261,4 @@ "level": "2" } } -}
\ No newline at end of file +} diff --git a/server/sonar-web/src/main/js/helpers/urls.ts b/server/sonar-web/src/main/js/helpers/urls.ts index 9f5f6fa4a8f..3bb59779bc9 100644 --- a/server/sonar-web/src/main/js/helpers/urls.ts +++ b/server/sonar-web/src/main/js/helpers/urls.ts @@ -217,7 +217,6 @@ export function getComponentSecurityHotspotsUrl(componentKey: string, query: Que SecurityStandard.OWASP_TOP10_2021, SecurityStandard.OWASP_TOP10, SecurityStandard.SONARSOURCE, - SecurityStandard.SANS_TOP25, SecurityStandard.CWE, SecurityStandard.PCI_DSS_3_2, SecurityStandard.PCI_DSS_4_0, diff --git a/server/sonar-web/src/main/js/types/rules.ts b/server/sonar-web/src/main/js/types/rules.ts index 3d88ce50bae..fb53a9f364a 100644 --- a/server/sonar-web/src/main/js/types/rules.ts +++ b/server/sonar-web/src/main/js/types/rules.ts @@ -44,7 +44,6 @@ export interface SearchRulesQuery { repositories?: string; rule_key?: string; s?: string; - sansTop25?: string; severities?: string; sonarsourceSecurity?: string; statuses?: string; diff --git a/server/sonar-web/src/main/js/types/security.ts b/server/sonar-web/src/main/js/types/security.ts index e12e3bbbc76..9112f555954 100644 --- a/server/sonar-web/src/main/js/types/security.ts +++ b/server/sonar-web/src/main/js/types/security.ts @@ -22,7 +22,6 @@ import { Dict } from './types'; export enum SecurityStandard { OWASP_TOP10_2021 = 'owaspTop10-2021', OWASP_TOP10 = 'owaspTop10', - SANS_TOP25 = 'sansTop25', SONARSOURCE = 'sonarsourceSecurity', CWE = 'cwe', PCI_DSS_3_2 = 'pciDss-3.2', |