Update sonar-commons-api to support STIG

SonarSource · Jul 31, 2024 · 9c3685d · 9c3685d
1 parent 7387741
commit 9c3685d
Show file tree

Hide file tree

Showing 2 changed files with 18 additions and 14 deletions.
diff --git a/pom.xml b/pom.xml
@@ -57,7 +57,7 @@
     <artifactsToDownload>${project.groupId}:SonarAnalyzer.CSharp:nupkg,${project.groupId}:SonarAnalyzer.VisualBasic:nupkg</artifactsToDownload>
     <!-- We are ignoring java doc warnings - this is because we are using JDK 11. Ideally we should not do that. -->
     <doclint>none</doclint>
-    <sonar.analyzer.commons.version>2.11.0.2861</sonar.analyzer.commons.version>
+    <sonar.analyzer.commons.version>2.12.0.2964</sonar.analyzer.commons.version>
     <sonar.version>10.10.0.2391</sonar.version>
     <sonar.api.impl.version>10.6.0.92116</sonar.api.impl.version>
     <jdk.min.version>17</jdk.min.version>

diff --git a/...-csharp-plugin/src/test/java/org/sonar/plugins/csharp/CSharpSonarRulesDefinitionTest.java b/...-csharp-plugin/src/test/java/org/sonar/plugins/csharp/CSharpSonarRulesDefinitionTest.java
@@ -36,13 +36,13 @@
 import static org.assertj.core.api.Assertions.assertThat;
 
 class CSharpSonarRulesDefinitionTest {
-  private static final String SECURITY_HOTSPOT_RULE_KEY = "S5766";
-  private static final String VULNERABILITY_RULE_KEY = "S4426";
+  private static final String SECURITY_HOTSPOT_RULE_KEY = "S4502";
+  private static final String VULNERABILITY_RULE_KEY = "S2053";
   private static final String NO_TAGS_RULE_KEY = "S1048";
   private static final String SINGLE_PARAM_RULE_KEY = "S1200";
   private static final String MULTI_PARAM_RULE_KEY = "S110";
 
-  private static final SonarRuntime SONAR_RUNTIME = SonarRuntimeImpl.forSonarQube(Version.create(9, 9), SonarQubeSide.SCANNER, SonarEdition.COMMUNITY);
+  private static final SonarRuntime SONAR_RUNTIME = SonarRuntimeImpl.forSonarQube(Version.create(10, 10), SonarQubeSide.SCANNER, SonarEdition.COMMUNITY);
 
   @Test
   void test() {
@@ -88,12 +88,14 @@ void test_security_hotspot_has_correct_type_and_security_standards() {
     RulesDefinition.Rule rule = repository.rule(SECURITY_HOTSPOT_RULE_KEY);
     assertThat(rule.type()).isEqualTo(RuleType.SECURITY_HOTSPOT);
     assertThat(rule.securityStandards()).containsExactlyInAnyOrder(
-      "cwe:502",
-      "owaspAsvs-4.0:1.5.2",
-      "owaspAsvs-4.0:5.5.1",
-      "owaspAsvs-4.0:5.5.3",
-      "owaspTop10-2021:a8",
-      "owaspTop10:a8");
+      "cwe:352",
+      "owaspTop10:a6",
+      "owaspTop10-2021:a1",
+      "pciDss-3.2:6.5.9",
+      "pciDss-4.0:6.2.4",
+      "owaspAsvs-4.0:13.2.3",
+      "owaspAsvs-4.0:4.2.2",
+      "stig-ASD_V5R3:V-222603");
   }
 
   @Test
@@ -106,11 +108,13 @@ void test_security_standards_with_vulnerability() {
     RulesDefinition.Rule rule = repository.rule(VULNERABILITY_RULE_KEY);
     assertThat(rule.type()).isEqualTo(RuleType.VULNERABILITY);
     assertThat(rule.securityStandards()).containsExactlyInAnyOrder(
-      "cwe:326",
-      "owaspAsvs-4.0:6.2.3",
-      "owaspTop10-2021:a2",
+      "cwe:759",
+      "cwe:760",
       "owaspTop10:a3",
-      "owaspTop10:a6");
+      "owaspTop10-2021:a2",
+      "pciDss-3.2:6.5.10",
+      "pciDss-4.0:6.2.4",
+      "stig-ASD_V5R3:V-222542");
   }
 
   @Test