Update rules metadata (#1988)

Author: joke1196

python-checks/src/main/resources/org/sonar/l10n/py/rules/python/ParsingError.json

@@ -13,5 +13,5 @@
   "ruleSpecification": "RSPEC-2260",
   "sqKey": "ParsingError",
   "scope": "All",
-  "quickfix": "unknown"
+  "quickfix": "infeasible"
 }

python-checks/src/main/resources/org/sonar/l10n/py/rules/python/S112.json

@@ -25,5 +25,5 @@
       397
     ]
   },
-  "quickfix": "unknown"
+  "quickfix": "infeasible"
 }

python-checks/src/main/resources/org/sonar/l10n/py/rules/python/S1135.json

@@ -24,5 +24,5 @@
       546
     ]
   },
-  "quickfix": "unknown"
+  "quickfix": "infeasible"
 }

python-checks/src/main/resources/org/sonar/l10n/py/rules/python/S1186.json

@@ -19,5 +19,5 @@
   "ruleSpecification": "RSPEC-1186",
   "sqKey": "S1186",
   "scope": "All",
-  "quickfix": "unknown"
+  "quickfix": "infeasible"
 }

python-checks/src/main/resources/org/sonar/l10n/py/rules/python/S1763.json

@@ -25,5 +25,5 @@
       561
     ]
   },
-  "quickfix": "unknown"
+  "quickfix": "infeasible"
 }

python-checks/src/main/resources/org/sonar/l10n/py/rules/python/S1871.json

@@ -20,5 +20,5 @@
   "ruleSpecification": "RSPEC-1871",
   "sqKey": "S1871",
   "scope": "Main",
-  "quickfix": "unknown"
+  "quickfix": "infeasible"
 }

python-checks/src/main/resources/org/sonar/l10n/py/rules/python/S2068.html

@@ -8,7 +8,6 @@
 <p>Credentials should be stored outside of the code in a configuration file, a database, or a management service for secrets.</p>
 <p>This rule flags instances of hard-coded credentials used in database and LDAP connections. It looks for hard-coded credentials in connection
 strings, and for variable names that match any of the patterns from the provided list.</p>
-<p>It’s recommended to customize the configuration of this rule with additional credential words such as "oauthToken", "secret", …​</p>
 <h2>Ask Yourself Whether</h2>
 <ul>
   <li> Credentials allow access to a sensitive component like a database, a file storage, an API or a service. </li>

python-checks/src/main/resources/org/sonar/l10n/py/rules/python/S3329.html

@@ -44,7 +44,7 @@ <h4>Noncompliant code example</h4>
     modes,
 )
 
-iv     = "doNotTryThis@Home2023"
+iv     = b"exampleIV1234567"
 cipher = Cipher(algorithms.AES(key), modes.CBC(iv))
 
 cipher.encryptor()  # Noncompliant
@@ -83,7 +83,7 @@ <h4>Noncompliant code example</h4>
 from Crypto.Random import get_random_bytes
 from Crypto.Util.Padding import pad
 
-iv     = "doNotTryThis@Home2023"
+iv     = b"exampleIV1234567"
 cipher = AES.new(key, AES.MODE_CBC, iv)
 cipher.encrypt(pad(data, AES.block_size))  # Noncompliant
 </pre>

python-checks/src/main/resources/org/sonar/l10n/py/rules/python/S4144.json

@@ -21,5 +21,5 @@
   "ruleSpecification": "RSPEC-4144",
   "sqKey": "S4144",
   "scope": "All",
-  "quickfix": "unknown"
+  "quickfix": "infeasible"
 }

python-checks/src/main/resources/org/sonar/l10n/py/rules/python/S4502.html

@@ -142,8 +142,10 @@ <h2>See</h2>
   <li> CWE - <a href="https://cwe.mitre.org/data/definitions/352">CWE-352 - Cross-Site Request Forgery (CSRF)</a> </li>
   <li> OWASP - <a href="https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration">Top 10 2017 Category A6 - Security
   Misconfiguration</a> </li>
-  <li> <a href="https://owasp.org/www-community/attacks/csrf">OWASP: Cross-Site Request Forgery</a> </li>
+  <li> OWASP - <a href="https://owasp.org/www-community/attacks/csrf">Cross-Site Request Forgery</a> </li>
   <li> STIG Viewer - <a href="https://stigviewer.com/stig/application_security_and_development/2023-06-08/finding/V-222603">Application Security and
   Development: V-222603</a> - The application must protect from Cross-Site Request Forgery (CSRF) vulnerabilities. </li>
+  <li> PortSwigger - <a href="https://portswigger.net/research/web-storage-the-lesser-evil-for-session-tokens">Web storage: the lesser evil for
+  session tokens</a> </li>
 </ul>