SONARJAVA-5952 Update rule metadata

dorian-burihabwa-sonarsource · dorian-burihabwa-sonarsource · commit 7bbf5ae48a71 · 2026-01-09T14:52:13.000+01:00
Add missing security standards for some rules and change phrasing for
S7409.
diff --git a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S1313.json b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S1313.json
@@ -28,6 +28,9 @@
     ],
     "OWASP Top 10 2021": [
       "A1"
+    ],
+    "CWE": [
+      547
     ]
   },
   "quickfix": "unknown"
diff --git a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S5679.json b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S5679.json
@@ -33,6 +33,9 @@
     "PCI DSS 4.0": [
       "6.3.3",
       "6.2.4"
+    ],
+    "CWE": [
+      287
     ]
   },
   "quickfix": "unknown"
diff --git a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S6263.json b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S6263.json
@@ -19,5 +19,10 @@
   "ruleSpecification": "RSPEC-6263",
   "sqKey": "S6263",
   "scope": "Main",
-  "quickfix": "unknown"
+  "quickfix": "unknown",
+  "securityStandards": {
+    "CWE": [
+      798
+    ]
+  }
 }
diff --git a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S7409.html b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S7409.html
@@ -13,8 +13,8 @@ <h2>Ask Yourself Whether</h2>
 <h2>Recommended Secure Coding Practices</h2>
 <h3>Disable JavaScript</h3>
 <p>If it is possible to disable JavaScript in the WebView, this is the most secure option. By default, JavaScript is disabled in a WebView, so
-<code>webSettings.setJavaScriptEnabled(false)</code> does not need to be explicitly called. Of course, sometimes it is necessary to enable JavaScript,
-in which case the following recommendations should be considered.</p>
+<code>{setJavaScriptEnabledSnippet}</code> does not need to be explicitly called. Of course, sometimes it is necessary to enable JavaScript, in which
+case the following recommendations should be considered.</p>
 <h3>Remove JavaScript interface when loading untrusted content</h3>
 <p>JavaScript interfaces can be removed at a later point. It is recommended to remove the JavaScript interface when it is no longer needed. If it is
 needed for a longer time, consider removing it before loading untrusted content. This can be done by calling
diff --git a/sonarpedia.json b/sonarpedia.json
@@ -3,7 +3,7 @@
   "languages": [
     "JAVA"
   ],
-  "latest-update": "2025-11-27T16:01:59.765791069Z",
+  "latest-update": "2026-01-09T13:50:53.757492153Z",
   "options": {
     "no-language-in-filenames": true,
     "preserve-filenames": false
