JS-382 Update rule metadata (#4959)

css-sonarpedia/sonarpedia.json

@@ -3,7 +3,7 @@
   "languages": [
     "CSS"
   ],
-  "latest-update": "2024-11-15T08:36:47.923296Z",
+  "latest-update": "2024-11-28T13:47:50.801838Z",
   "options": {
     "no-language-in-filenames": true
   }

sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S1441.json

@@ -5,7 +5,7 @@
     "func": "Constant\/Issue",
     "constantCost": "1min"
   },
-  "defaultSeverity": "Minor",
+  "defaultSeverity": "Major",
   "ruleSpecification": "RSPEC-1441",
   "sqKey": "S1441",
   "scope": "Main",

sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S2310.json

@@ -7,7 +7,7 @@
     "constantCost": "5min"
   },
   "tags": [],
-  "defaultSeverity": "Critical",
+  "defaultSeverity": "Major",
   "ruleSpecification": "RSPEC-2310",
   "sqKey": "S2310",
   "scope": "Main",

sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S3523.json

@@ -7,7 +7,7 @@
     "constantCost": "5min"
   },
   "tags": [],
-  "defaultSeverity": "Critical",
+  "defaultSeverity": "Major",
   "ruleSpecification": "RSPEC-3523",
   "sqKey": "S3523",
   "scope": "Main",

sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S3723.json

@@ -7,7 +7,7 @@
     "constantCost": "2min"
   },
   "tags": [],
-  "defaultSeverity": "Minor",
+  "defaultSeverity": "Major",
   "ruleSpecification": "RSPEC-3723",
   "sqKey": "S3723",
   "scope": "Main",

sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S5148.html

@@ -10,8 +10,6 @@ <h2>Ask Yourself Whether</h2>
 <p>There is a risk if you answered yes to this question.</p>
 <h2>Recommended Secure Coding Practices</h2>
 <p>Use <code>noopener</code> to prevent untrusted pages from abusing <code>window.opener</code>.</p>
-<p>Note: In Chrome 88+, Firefox 79+ or Safari 12.1+ <code>target=_blank</code> on anchors implies <code>rel=noopener</code> which make the protection
-enabled by default.</p>
 <h2>Sensitive Code Example</h2>
 <pre>
 window.open("https://example.com/dangerous"); // Sensitive

sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S6299.html

@@ -1,3 +1,4 @@
+<p>This rule is deprecated, and will eventually be removed.</p>
 <p>Vue.js framework prevents XSS vulnerabilities by automatically escaping HTML contents with the use of native API browsers like
 <code>innerText</code> instead of <code>innerHtml</code>.</p>
 <p>It’s still possible to explicity use <code>innerHtml</code> and similar APIs to render HTML. Accidentally rendering malicious HTML data will

sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S6299.json

@@ -7,7 +7,7 @@
     },
     "attribute": "CONVENTIONAL"
   },
-  "status": "ready",
+  "status": "deprecated",
   "tags": [
     "cwe"
   ],

sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S6327.html

@@ -9,8 +9,17 @@ <h2>Ask Yourself Whether</h2>
 </ul>
 <p>There is a risk if you answered yes to any of those questions.</p>
 <h2>Recommended Secure Coding Practices</h2>
-<p>It’s recommended to encrypt SNS topics that contain sensitive information. Encryption and decryption are handled transparently by SNS, so no
-further modifications to the application are necessary.</p>
+<p>It is recommended to encrypt SNS topics that contain sensitive information.</p>
+<p>To do so, create a master key and assign the SNS topic to it. Note that this system does not encrypt the following:</p>
+<ul>
+  <li> Topic metadata (topic name and attributes) </li>
+  <li> Message metadata (subject, message ID, timestamp, and attributes) </li>
+  <li> Data protection policy </li>
+  <li> Per-topic metrics </li>
+</ul>
+<p>Then, make sure that any publishers have the <code>kms:GenerateDataKey*</code> and <code>kms:Decrypt</code> permissions for the AWS KMS key.</p>
+<p>See <a href="https://docs.aws.amazon.com/sns/latest/dg/sns-key-management.html#sns-what-permissions-for-sse">AWS SNS Key Management
+Documentation</a> for more information.</p>
 <h2>Sensitive Code Example</h2>
 <p>For <a href="https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_sns.Topic.html"><code>aws_cdk.aws_sns.Topic</code></a></p>
 <pre>

sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S6327.json

@@ -10,7 +10,7 @@
   "status": "ready",
   "remediation": {
     "func": "Constant\/Issue",
-    "constantCost": "10min"
+    "constantCost": "45min"
   },
   "tags": [
     "aws",

sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S6661.json

@@ -9,7 +9,7 @@
   "tags": [
     "es2018"
   ],
-  "defaultSeverity": "Minor",
+  "defaultSeverity": "Major",
   "ruleSpecification": "RSPEC-6661",
   "sqKey": "S6661",
   "scope": "All",

sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S6666.json

@@ -7,7 +7,7 @@
     "constantCost": "5min"
   },
   "tags": [],
-  "defaultSeverity": "Minor",
+  "defaultSeverity": "Major",
   "ruleSpecification": "RSPEC-6666",
   "sqKey": "S6666",
   "scope": "All",

sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S6671.json

@@ -7,7 +7,7 @@
     "constantCost": "5min"
   },
   "tags": [],
-  "defaultSeverity": "Minor",
+  "defaultSeverity": "Major",
   "ruleSpecification": "RSPEC-6671",
   "sqKey": "S6671",
   "scope": "All",

sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S6676.json

@@ -7,7 +7,7 @@
     "constantCost": "5min"
   },
   "tags": [],
-  "defaultSeverity": "Minor",
+  "defaultSeverity": "Major",
   "ruleSpecification": "RSPEC-6676",
   "sqKey": "S6676",
   "scope": "All",

sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S6679.json

@@ -7,7 +7,7 @@
     "constantCost": "5min"
   },
   "tags": [],
-  "defaultSeverity": "Minor",
+  "defaultSeverity": "Major",
   "ruleSpecification": "RSPEC-6679",
   "sqKey": "S6679",
   "scope": "All",

sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S6749.json

@@ -9,7 +9,7 @@
   "tags": [
     "react"
   ],
-  "defaultSeverity": "Major",
+  "defaultSeverity": "Minor",
   "ruleSpecification": "RSPEC-6749",
   "sqKey": "S6749",
   "scope": "All",

sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S6754.json

@@ -7,7 +7,7 @@
     "constantCost": "5min"
   },
   "tags": [],
-  "defaultSeverity": "Major",
+  "defaultSeverity": "Minor",
   "ruleSpecification": "RSPEC-6754",
   "sqKey": "S6754",
   "scope": "All",

sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S6759.json

@@ -10,7 +10,7 @@
     "react",
     "type-dependent"
   ],
-  "defaultSeverity": "Major",
+  "defaultSeverity": "Minor",
   "ruleSpecification": "RSPEC-6759",
   "sqKey": "S6759",
   "scope": "All",

sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S6767.json

@@ -9,7 +9,7 @@
   "tags": [
     "react"
   ],
-  "defaultSeverity": "Major",
+  "defaultSeverity": "Minor",
   "ruleSpecification": "RSPEC-6767",
   "sqKey": "S6767",
   "scope": "All",

sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S6770.json

@@ -9,7 +9,7 @@
   "tags": [
     "react"
   ],
-  "defaultSeverity": "Major",
+  "defaultSeverity": "Minor",
   "ruleSpecification": "RSPEC-6770",
   "sqKey": "S6770",
   "scope": "All",

sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S6775.json

@@ -9,7 +9,7 @@
   "tags": [
     "react"
   ],
-  "defaultSeverity": "Major",
+  "defaultSeverity": "Minor",
   "ruleSpecification": "RSPEC-6775",
   "sqKey": "S6775",
   "scope": "All",

sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S6836.json

@@ -7,7 +7,7 @@
     "constantCost": "5min"
   },
   "tags": [],
-  "defaultSeverity": "Minor",
+  "defaultSeverity": "Major",
   "ruleSpecification": "RSPEC-6836",
   "sqKey": "S6836",
   "scope": "All",

sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/Sonar_way_profile.json

@@ -215,7 +215,6 @@
     "S6270",
     "S6275",
     "S6281",
-    "S6299",
     "S6302",
     "S6303",
     "S6308",

sonar-plugin/sonar-javascript-plugin/src/test/java/org/sonar/plugins/javascript/utils/RulesMetadataForSonarLintTest.java

@@ -65,7 +65,7 @@ void test() throws Exception {
         "    \"type\": \"CODE_SMELL\",\n" +
         "    \"name\": \"Quotes for string literals should be used consistently\",\n" +
         "    \"htmlDescription\": \"\\u003cp\\u003eThis rule is deprecated, and will eventually be removed.\\u003c/p\\u003e\\n\\u003ch2\\u003eWhy is this an issue?\\u003c/h2\\u003e\\n\\u003cp\\u003eThis rule checks that all string literals use the same kind of quotes.\\u003c/p\\u003e\\n\\u003ch3\\u003eNoncompliant code example\\u003c/h3\\u003e\\n\\u003cp\\u003eUsing the parameter default (forcing single quotes):\\u003c/p\\u003e\\n\\u003cpre\\u003e\\nvar firstParameter \\u003d \\\"something\\\"; // Noncompliant\\n\\u003c/pre\\u003e\\n\\u003ch3\\u003eCompliant solution\\u003c/h3\\u003e\\n\\u003cpre\\u003e\\nvar firstParameter \\u003d \\u0027something\\u0027;\\n\\u003c/pre\\u003e\\n\\u003ch3\\u003eExceptions\\u003c/h3\\u003e\\n\\u003cp\\u003eStrings that contain quotes are ignored.\\u003c/p\\u003e\\n\\u003cpre\\u003e\\nlet heSaid \\u003d \\\"Then he said \\u0027What?\\u0027.\\\"  // ignored\\nlet sheSaid \\u003d \\u0027\\\"Whatever!\\\" she replied.\\u0027  // ignored\\n\\u003c/pre\\u003e\",\n" +
-        "    \"severity\": \"MINOR\",\n" +
+        "    \"severity\": \"MAJOR\",\n" +
         "    \"status\": \"DEPRECATED\",\n" +
         "    \"tags\": [],\n" +
         "    \"params\": [\n" +

sonarpedia.json

@@ -3,7 +3,7 @@
   "languages": [
     "JS"
   ],
-  "latest-update": "2024-11-15T08:36:20.934286Z",
+  "latest-update": "2024-11-28T13:46:14.829734Z",
   "options": {
     "no-language-in-filenames": true,
     "preserve-filenames": true