From e3e67e0b0d4d16ecde3225e2015dd93d2c097130 Mon Sep 17 00:00:00 2001 From: Cristian Ambrosini <114916336+cristian-ambrosini-sonarsource@users.noreply.github.com> Date: Wed, 17 Jan 2024 09:44:31 +0100 Subject: [PATCH] RSPEC update (#8553) --- analyzers/rspec/cs/S106.html | 4 +-- analyzers/rspec/cs/S1104.html | 2 +- analyzers/rspec/cs/S112.html | 2 +- analyzers/rspec/cs/S1121.html | 2 +- analyzers/rspec/cs/S1125.html | 2 +- analyzers/rspec/cs/S1134.html | 2 +- analyzers/rspec/cs/S1135.html | 2 +- analyzers/rspec/cs/S1206.html | 2 +- analyzers/rspec/cs/S131.html | 2 +- analyzers/rspec/cs/S1313.html | 6 ++--- analyzers/rspec/cs/S1696.html | 2 +- analyzers/rspec/cs/S1698.html | 4 +-- analyzers/rspec/cs/S1854.html | 2 +- analyzers/rspec/cs/S1944.html | 4 +-- analyzers/rspec/cs/S2053.html | 10 +++---- analyzers/rspec/cs/S2068.html | 10 +++---- analyzers/rspec/cs/S2077.html | 9 +++---- analyzers/rspec/cs/S2092.html | 14 +++++----- analyzers/rspec/cs/S2115.html | 14 +++++----- analyzers/rspec/cs/S2184.html | 2 +- analyzers/rspec/cs/S2221.html | 2 +- analyzers/rspec/cs/S2222.html | 2 +- analyzers/rspec/cs/S2225.html | 2 +- analyzers/rspec/cs/S2245.html | 20 +++++++------- analyzers/rspec/cs/S2257.html | 8 +++--- analyzers/rspec/cs/S2259.html | 2 +- analyzers/rspec/cs/S2386.html | 4 +-- analyzers/rspec/cs/S2445.html | 4 +-- analyzers/rspec/cs/S2486.html | 10 +++---- analyzers/rspec/cs/S2583.html | 4 +-- analyzers/rspec/cs/S2589.html | 4 +-- analyzers/rspec/cs/S2612.html | 10 +++---- analyzers/rspec/cs/S2681.html | 2 +- analyzers/rspec/cs/S2755.html | 10 +++---- analyzers/rspec/cs/S2930.html | 2 +- analyzers/rspec/cs/S2931.html | 2 +- analyzers/rspec/cs/S2952.html | 2 +- analyzers/rspec/cs/S3329.html | 16 ++++++------ analyzers/rspec/cs/S3330.html | 8 +++--- analyzers/rspec/cs/S3655.html | 2 +- analyzers/rspec/cs/S3871.html | 4 +-- analyzers/rspec/cs/S3884.html | 8 +++--- analyzers/rspec/cs/S4036.html | 10 +++---- analyzers/rspec/cs/S4212.html | 8 +++--- analyzers/rspec/cs/S4423.html | 8 +++--- analyzers/rspec/cs/S4426.html | 24 ++++++++--------- analyzers/rspec/cs/S4433.html | 8 +++--- analyzers/rspec/cs/S4487.html | 2 +- analyzers/rspec/cs/S4502.html | 8 +++--- analyzers/rspec/cs/S4507.html | 10 +++---- analyzers/rspec/cs/S4663.html | 4 +-- analyzers/rspec/cs/S4790.html | 20 +++++++------- analyzers/rspec/cs/S4792.html | 16 ++++++------ analyzers/rspec/cs/S4830.html | 26 +++++++++---------- analyzers/rspec/cs/S5042.html | 11 ++++---- analyzers/rspec/cs/S5122.html | 14 +++++----- analyzers/rspec/cs/S5332.html | 18 ++++++------- analyzers/rspec/cs/S5443.html | 12 ++++----- analyzers/rspec/cs/S5445.html | 10 +++---- analyzers/rspec/cs/S5542.html | 14 +++++----- analyzers/rspec/cs/S5547.html | 14 +++++----- analyzers/rspec/cs/S5659.html | 14 +++++----- analyzers/rspec/cs/S5693.html | 10 +++---- analyzers/rspec/cs/S5753.html | 10 +++---- analyzers/rspec/cs/S5766.html | 10 +++---- analyzers/rspec/cs/S6444.html | 8 +++--- analyzers/rspec/cs/S6507.html | 4 +-- analyzers/rspec/cs/S6602.html | 24 ++++++++--------- analyzers/rspec/cs/S6603.html | 24 ++++++++--------- analyzers/rspec/cs/S6605.html | 24 ++++++++--------- analyzers/rspec/cs/S6607.html | 19 +++++++------- analyzers/rspec/cs/S6608.html | 7 ++++- analyzers/rspec/cs/S6609.html | 8 +++++- analyzers/rspec/cs/S6640.html | 2 +- analyzers/rspec/vbnet/S112.html | 2 +- analyzers/rspec/vbnet/S1125.html | 2 +- analyzers/rspec/vbnet/S1134.html | 2 +- analyzers/rspec/vbnet/S1135.html | 2 +- analyzers/rspec/vbnet/S131.html | 2 +- analyzers/rspec/vbnet/S1313.html | 6 ++--- analyzers/rspec/vbnet/S1944.html | 4 +-- analyzers/rspec/vbnet/S2053.html | 10 +++---- analyzers/rspec/vbnet/S2068.html | 10 +++---- analyzers/rspec/vbnet/S2077.html | 9 +++---- analyzers/rspec/vbnet/S2222.html | 2 +- analyzers/rspec/vbnet/S2225.html | 6 ++--- analyzers/rspec/vbnet/S2257.html | 8 +++--- analyzers/rspec/vbnet/S2259.html | 2 +- analyzers/rspec/vbnet/S2583.html | 4 +-- analyzers/rspec/vbnet/S2589.html | 4 +-- analyzers/rspec/vbnet/S2612.html | 10 +++---- analyzers/rspec/vbnet/S3329.html | 16 ++++++------ analyzers/rspec/vbnet/S3655.html | 2 +- analyzers/rspec/vbnet/S3871.html | 4 +-- analyzers/rspec/vbnet/S3884.html | 8 +++--- analyzers/rspec/vbnet/S4036.html | 10 +++---- analyzers/rspec/vbnet/S4423.html | 8 +++--- analyzers/rspec/vbnet/S4507.html | 10 +++---- analyzers/rspec/vbnet/S4663.html | 4 +-- analyzers/rspec/vbnet/S4790.html | 20 +++++++------- analyzers/rspec/vbnet/S4792.html | 16 ++++++------ analyzers/rspec/vbnet/S4830.html | 26 +++++++++---------- analyzers/rspec/vbnet/S5042.html | 11 ++++---- analyzers/rspec/vbnet/S5443.html | 12 ++++----- analyzers/rspec/vbnet/S5445.html | 10 +++---- analyzers/rspec/vbnet/S5542.html | 14 +++++----- analyzers/rspec/vbnet/S5547.html | 14 +++++----- analyzers/rspec/vbnet/S5659.html | 14 +++++----- analyzers/rspec/vbnet/S5693.html | 10 +++---- analyzers/rspec/vbnet/S5753.html | 10 +++---- analyzers/rspec/vbnet/S6444.html | 8 +++--- analyzers/rspec/vbnet/S6602.html | 24 ++++++++--------- analyzers/rspec/vbnet/S6603.html | 24 ++++++++--------- analyzers/rspec/vbnet/S6605.html | 24 ++++++++--------- analyzers/rspec/vbnet/S6607.html | 19 +++++++------- analyzers/rspec/vbnet/S6608.html | 7 ++++- analyzers/rspec/vbnet/S6609.html | 8 +++++- .../src/SonarAnalyzer.CSharp/sonarpedia.json | 2 +- .../SonarAnalyzer.VisualBasic/sonarpedia.json | 2 +- 119 files changed, 534 insertions(+), 514 deletions(-) diff --git a/analyzers/rspec/cs/S106.html b/analyzers/rspec/cs/S106.html index 92d55a52f37..bab708117ef 100644 --- a/analyzers/rspec/cs/S106.html +++ b/analyzers/rspec/cs/S106.html @@ -47,7 +47,7 @@
Please be aware that changing a field by a property in a software that uses serialization could lead to binary incompatibility.
Remove redundant boolean literals from expressions to improve readability and make the code more maintainable.
==
overload is present).
lock
statement String.Intern(String)
Method When a block contains a comment, it is not considered to be empty.
This rule does not analyze configuration files. Make sure that debug mode is not enabled by default in those files.
Empty comments like the following don’t improve readability and might indicate an oversight.
+Empty comments, as shown in the example, hurt readability and might indicate an oversight.
// @@ -11,5 +11,5 @@-Why is this an issue?
/** */
A meaningful text should be added to the comment or the comment markers should be removed.
+Some meaningful text should be added to the comment, or the comment markers should be removed.
diff --git a/analyzers/rspec/cs/S4790.html b/analyzers/rspec/cs/S4790.html index c9950a1fa1b..39d4ce12818 100644 --- a/analyzers/rspec/cs/S4790.html +++ b/analyzers/rspec/cs/S4790.html @@ -29,15 +29,15 @@For these reasons, as soon as cryptography is included in a project, it is important to choose encryption algorithms that are considered strong and secure by the cryptography community.
-For AES, the weakest modes are CBC (Cipher Block Chaining) and ECB
-(Electronic Codebook), as they are either vulnerable to padding oracles or do not provide authentication mechanisms.
-And for RSA, the weakest algorithms are either using it without padding or using the PKCS1v1.5 padding scheme.
+For AES, the weakest modes are CBC (Cipher Block Chaining) and ECB (Electronic Codebook) because they are either vulnerable to padding oracles or +do not provide authentication mechanisms.
+For RSA, the weakest algorithms are either using it without padding or using the PKCS1v1.5 padding scheme.
The cleartext of an encrypted message might be recoverable. Additionally, it might be possible to modify the cleartext of an encrypted message.
Below are some real-world scenarios that illustrate possible impacts of an attacker exploiting the vulnerability.
@@ -108,9 +108,9 @@Encryption algorithms are essential for protecting sensitive information and ensuring secure communication in various domains. They are used for several important reasons:
When selecting encryption algorithms, tools, or combinations, you should also consider two things:
Every time your application receives a JWT, it needs to decode the token to extract the information contained within. It is during this decoding process that the signature of the JWT should also be checked.
-To resolve the issue follow these instructions:
+To resolve the issue, follow these instructions:
Method | Runtime | Mean | -StdDev | -Ratio | +Standard Deviation | Allocated | .NET 7.0 |
5.373 ms |
0.1049 ms |
- 1.00 |
125 KB |
---|---|---|---|---|---|---|
.NET 7.0 |
1.691 ms |
0.0334 ms |
- 0.32 |
85.94 KB |
||
.NET Framework 4.6.2 |
5.035 ms |
0.0421 ms |
- 1.00 |
125.38 KB |
||
.NET Framework 4.6.2 |
1.779 ms |
0.0107 ms |
- 0.35 |
86.2 KB |
The results were generated by running the following snippet with BenchmarkDotNet:
private List<string> data; diff --git a/analyzers/rspec/cs/S6603.html b/analyzers/rspec/cs/S6603.html index 4528b3d6982..5ad096bb6bd 100644 --- a/analyzers/rspec/cs/S6603.html +++ b/analyzers/rspec/cs/S6603.html @@ -51,20 +51,18 @@Documentation
Benchmarks
Method | Runtime | Mean | -StdDev | -Ratio | +Standard Deviation | Allocated | .NET 7.0 |
1.302 ms |
0.0027 ms |
- 0.21 |
1 B |
---|---|---|---|---|---|---|
.NET 7.0 |
6.279 ms |
0.0181 ms |
- 1.00 |
40004 B |
||
.NET Framework 4.6.2 |
1.105 ms |
0.0142 ms |
- 0.22 |
- |
||
.NET Framework 4.6.2 |
4.968 ms |
0.0143 ms |
- 1.00 |
40128 B |
The results were generated by running the following snippet with BenchmarkDotNet:
private List<int> data; diff --git a/analyzers/rspec/cs/S6605.html b/analyzers/rspec/cs/S6605.html index 0458efc7f8a..42d3328496d 100644 --- a/analyzers/rspec/cs/S6605.html +++ b/analyzers/rspec/cs/S6605.html @@ -54,20 +54,18 @@Documentation
Benchmarks
Method | Runtime | Mean | -StdDev | -Ratio | +Standard Deviation | Allocated | .NET 7.0 |
6.670 ms |
0.1413 ms |
- 1.00 |
40004 B |
---|---|---|---|---|---|---|
.NET 7.0 |
1.364 ms |
0.0270 ms |
- 0.20 |
1 B |
||
.NET Framework 4.6.2 |
5.380 ms |
0.0327 ms |
- 1.00 |
40128 B |
||
.NET Framework 4.6.2 |
1.575 ms |
0.0348 ms |
- 0.29 |
- |
The results were generated by running the following snippet with BenchmarkDotNet:
private List<int> data; diff --git a/analyzers/rspec/cs/S6607.html b/analyzers/rspec/cs/S6607.html index 2ff162f0d23..4e380deed81 100644 --- a/analyzers/rspec/cs/S6607.html +++ b/analyzers/rspec/cs/S6607.html @@ -35,19 +35,17 @@Articles & blog posts
Benchmarks
Method | Runtime | Mean | -StdDev | -Ratio | +Standard Deviation | .NET 7.0 |
175.36 ms |
5.101 ms |
- 1.00 |
---|---|---|---|---|---|
WhereThenOrderBy |
.NET 7.0 |
85.58 ms |
1.697 ms |
- 0.48 |
The results were generated by running the following snippet with BenchmarkDotNet:
private IList<int> data; diff --git a/analyzers/rspec/cs/S6608.html b/analyzers/rspec/cs/S6608.html index 4ee67e6efce..284689832c5 100644 --- a/analyzers/rspec/cs/S6608.html +++ b/analyzers/rspec/cs/S6608.html @@ -63,7 +63,7 @@Benchmarks
Method Runtime Mean -StdDev +Standard Deviation @@ -141,6 +141,11 @@Benchmarks
+Glossary
+
The results were generated by running the following snippet with BenchmarkDotNet:
private List<byte> data; diff --git a/analyzers/rspec/cs/S6609.html b/analyzers/rspec/cs/S6609.html index 6d86a9588c9..03af93caebb 100644 --- a/analyzers/rspec/cs/S6609.html +++ b/analyzers/rspec/cs/S6609.html @@ -75,7 +75,7 @@Benchmarks
Method Runtime Mean -StdDev +Standard Deviation Allocated @@ -110,6 +110,12 @@Benchmarks
+Glossary
+
The results were generated by running the following snippet with BenchmarkDotNet:
private SortedSet<string> data; diff --git a/analyzers/rspec/cs/S6640.html b/analyzers/rspec/cs/S6640.html index 51aa522bc66..d40cfaaf6c5 100644 --- a/analyzers/rspec/cs/S6640.html +++ b/analyzers/rspec/cs/S6640.html @@ -52,7 +52,7 @@Compliant Solution
Not, And, Or, =
) to produce logical expressions that represent truth values. However, comparing a boolean literal to a variable or
expression that evaluates to a boolean value is unnecessary and can make the code harder to read and understand. The more complex a boolean expression
is, the harder it will be for developers to understand its meaning and expected behavior, and it will favour the introduction of new bugs.
-Remove redundant boolean literals from expressions to improve readability and make the code more maintainable.
TryCast
operator
SyncLock
statement Calling ToString() on an object should always return a
-string
. Thus, overriding the ToString method should never return Nothing
, as it breaks the method’s implicit contract, and
-as a result the consumer’s expectations.
string
. Thus, overriding the ToString method should never return Nothing
because it breaks the method’s implicit contract,
+and as a result the consumer’s expectations.
Public Overrides Function ToString() As String Return Nothing ' Noncompliant @@ -15,7 +15,7 @@Why is this an issue?
Resources
Documentation
Empty comments like the following don’t improve readability and might indicate an oversight.
+Empty comments, as shown in the example, hurt readability and might indicate an oversight.
' '''-
A meaningful text should be added to the comment or the comment markers should be removed.
+Some meaningful text should be added to the comment, or the comment markers should be removed.
diff --git a/analyzers/rspec/vbnet/S4790.html b/analyzers/rspec/vbnet/S4790.html index fa61edf4bf3..9e341912fe8 100644 --- a/analyzers/rspec/vbnet/S4790.html +++ b/analyzers/rspec/vbnet/S4790.html @@ -49,15 +49,15 @@For these reasons, as soon as cryptography is included in a project, it is important to choose encryption algorithms that are considered strong and secure by the cryptography community.
-For AES, the weakest modes are CBC (Cipher Block Chaining) and ECB
-(Electronic Codebook), as they are either vulnerable to padding oracles or do not provide authentication mechanisms.
-And for RSA, the weakest algorithms are either using it without padding or using the PKCS1v1.5 padding scheme.
+For AES, the weakest modes are CBC (Cipher Block Chaining) and ECB (Electronic Codebook) because they are either vulnerable to padding oracles or +do not provide authentication mechanisms.
+For RSA, the weakest algorithms are either using it without padding or using the PKCS1v1.5 padding scheme.
The cleartext of an encrypted message might be recoverable. Additionally, it might be possible to modify the cleartext of an encrypted message.
Below are some real-world scenarios that illustrate possible impacts of an attacker exploiting the vulnerability.
@@ -117,9 +117,9 @@Encryption algorithms are essential for protecting sensitive information and ensuring secure communication in various domains. They are used for several important reasons:
When selecting encryption algorithms, tools, or combinations, you should also consider two things:
Every time your application receives a JWT, it needs to decode the token to extract the information contained within. It is during this decoding process that the signature of the JWT should also be checked.
-To resolve the issue follow these instructions:
+To resolve the issue, follow these instructions:
Method | Runtime | Mean | -StdDev | -Ratio | +Standard Deviation | Allocated | .NET 7.0 |
5.373 ms |
0.1049 ms |
- 1.00 |
125 KB |
---|---|---|---|---|---|---|
.NET 7.0 |
1.691 ms |
0.0334 ms |
- 0.32 |
85.94 KB |
||
.NET Framework 4.6.2 |
5.035 ms |
0.0421 ms |
- 1.00 |
125.38 KB |
||
.NET Framework 4.6.2 |
1.779 ms |
0.0107 ms |
- 0.35 |
86.2 KB |
The results were generated by running the following snippet with BenchmarkDotNet:
private List<string> data; diff --git a/analyzers/rspec/vbnet/S6603.html b/analyzers/rspec/vbnet/S6603.html index 0db6b14c750..a7da7a6511b 100644 --- a/analyzers/rspec/vbnet/S6603.html +++ b/analyzers/rspec/vbnet/S6603.html @@ -55,20 +55,18 @@Documentation
Benchmarks
Method | Runtime | Mean | -StdDev | -Ratio | +Standard Deviation | Allocated | .NET 7.0 |
1.302 ms |
0.0027 ms |
- 0.21 |
1 B |
---|---|---|---|---|---|---|
.NET 7.0 |
6.279 ms |
0.0181 ms |
- 1.00 |
40004 B |
||
.NET Framework 4.6.2 |
1.105 ms |
0.0142 ms |
- 0.22 |
- |
||
.NET Framework 4.6.2 |
4.968 ms |
0.0143 ms |
- 1.00 |
40128 B |
The results were generated by running the following snippet with BenchmarkDotNet:
private List<int> data; diff --git a/analyzers/rspec/vbnet/S6605.html b/analyzers/rspec/vbnet/S6605.html index 385701d0b2f..2769d256f2e 100644 --- a/analyzers/rspec/vbnet/S6605.html +++ b/analyzers/rspec/vbnet/S6605.html @@ -58,20 +58,18 @@Documentation
Benchmarks
Method | Runtime | Mean | -StdDev | -Ratio | +Standard Deviation | Allocated | .NET 7.0 |
6.670 ms |
0.1413 ms |
- 1.00 |
40004 B |
---|---|---|---|---|---|---|
.NET 7.0 |
1.364 ms |
0.0270 ms |
- 0.20 |
1 B |
||
.NET Framework 4.6.2 |
5.380 ms |
0.0327 ms |
- 1.00 |
40128 B |
||
.NET Framework 4.6.2 |
1.575 ms |
0.0348 ms |
- 0.29 |
- |
The results were generated by running the following snippet with BenchmarkDotNet:
private List<int> data; diff --git a/analyzers/rspec/vbnet/S6607.html b/analyzers/rspec/vbnet/S6607.html index 56f8439c801..5be41c39277 100644 --- a/analyzers/rspec/vbnet/S6607.html +++ b/analyzers/rspec/vbnet/S6607.html @@ -37,19 +37,17 @@Articles & blog posts
Benchmarks
Method | Runtime | Mean | -StdDev | -Ratio | +Standard Deviation | .NET 7.0 |
175.36 ms |
5.101 ms |
- 1.00 |
---|---|---|---|---|---|
WhereThenOrderBy |
.NET 7.0 |
85.58 ms |
1.697 ms |
- 0.48 |
The results were generated by running the following snippet with BenchmarkDotNet:
private IList<int> data; diff --git a/analyzers/rspec/vbnet/S6608.html b/analyzers/rspec/vbnet/S6608.html index 4f50d66019a..f9079c54768 100644 --- a/analyzers/rspec/vbnet/S6608.html +++ b/analyzers/rspec/vbnet/S6608.html @@ -69,7 +69,7 @@Benchmarks
Method Runtime Mean -StdDev +Standard Deviation @@ -147,6 +147,11 @@Benchmarks
+Glossary
+
The results were generated by running the following snippet with BenchmarkDotNet:
private List<byte> data; diff --git a/analyzers/rspec/vbnet/S6609.html b/analyzers/rspec/vbnet/S6609.html index 8f8a58ae967..277cad17238 100644 --- a/analyzers/rspec/vbnet/S6609.html +++ b/analyzers/rspec/vbnet/S6609.html @@ -79,7 +79,7 @@Benchmarks
Method Runtime Mean -StdDev +Standard Deviation Allocated @@ -114,6 +114,12 @@Benchmarks
+Glossary
+
The results were generated by running the following snippet with BenchmarkDotNet:
private SortedSet<string> data; diff --git a/analyzers/src/SonarAnalyzer.CSharp/sonarpedia.json b/analyzers/src/SonarAnalyzer.CSharp/sonarpedia.json index 74659148fb5..9a28355c6a3 100644 --- a/analyzers/src/SonarAnalyzer.CSharp/sonarpedia.json +++ b/analyzers/src/SonarAnalyzer.CSharp/sonarpedia.json @@ -3,7 +3,7 @@ "languages": [ "CSH" ], - "latest-update": "2023-12-20T09:49:44.644609900Z", + "latest-update": "2024-01-17T08:18:50.786965700Z", "options": { "no-language-in-filenames": true } diff --git a/analyzers/src/SonarAnalyzer.VisualBasic/sonarpedia.json b/analyzers/src/SonarAnalyzer.VisualBasic/sonarpedia.json index a846fba039d..b2aec4a7d4b 100644 --- a/analyzers/src/SonarAnalyzer.VisualBasic/sonarpedia.json +++ b/analyzers/src/SonarAnalyzer.VisualBasic/sonarpedia.json @@ -3,7 +3,7 @@ "languages": [ "VBNET" ], - "latest-update": "2023-12-20T09:50:06.699764Z", + "latest-update": "2024-01-17T08:21:02.541530700Z", "options": { "no-language-in-filenames": true }