Skip to content

Commit a40bb11

Browse files
nils-werner-sonarsourcenils-werner-sonarsource
authored
SONARPY-989 Provide OWASP Top 10 2021 security standards for rules metadata (#1094)
1 parent 7724ee0 commit a40bb11

File tree

3 files changed

+34
-4
lines changed

3 files changed

+34
-4
lines changed

pom.xml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -89,9 +89,9 @@
8989
<logback.version>1.2.3</logback.version>
9090
<maven.project.version>2.2.1</maven.project.version>
9191
<mockito.version>3.9.0</mockito.version>
92-
<sonar.version>8.9.0.43852</sonar.version>
92+
<sonar.version>9.3.0.51899</sonar.version>
9393
<sonar.orchestrator.version>3.36.0.63</sonar.orchestrator.version>
94-
<sonar-analyzer-commons.version>1.22.0.848</sonar-analyzer-commons.version>
94+
<sonar-analyzer-commons.version>1.24.0.965</sonar-analyzer-commons.version>
9595
<sonarlint-core.version>6.0.0.32513</sonarlint-core.version>
9696
<sslr.version>1.23</sslr.version>
9797
<protobuf.version>3.17.3</protobuf.version>

sonar-python-plugin/src/main/java/org/sonar/plugins/python/PythonRuleRepository.java

Lines changed: 8 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -24,6 +24,7 @@
2424
import java.util.Set;
2525
import java.util.stream.Collectors;
2626
import java.util.stream.StreamSupport;
27+
import org.sonar.api.SonarRuntime;
2728
import org.sonar.api.server.rule.RulesDefinition;
2829
import org.sonar.python.checks.CheckList;
2930
import org.sonarsource.analyzer.commons.RuleMetadataLoader;
@@ -36,13 +37,19 @@ public class PythonRuleRepository implements RulesDefinition {
3637

3738
private static final Set<String> TEMPLATE_RULE_KEYS = Collections.singleton("CommentRegularExpression");
3839

40+
private final SonarRuntime runtime;
41+
42+
public PythonRuleRepository(SonarRuntime runtime) {
43+
this.runtime = runtime;
44+
}
45+
3946
@Override
4047
public void define(Context context) {
4148
NewRepository repository = context
4249
.createRepository(CheckList.REPOSITORY_KEY, Python.KEY)
4350
.setName(REPOSITORY_NAME);
4451

45-
RuleMetadataLoader loader = new RuleMetadataLoader(RESOURCE_FOLDER, PythonProfile.PROFILE_LOCATION);
52+
RuleMetadataLoader loader = new RuleMetadataLoader(RESOURCE_FOLDER, PythonProfile.PROFILE_LOCATION, runtime);
4653
loader.addRulesByAnnotatedClass(repository, getCheckClasses());
4754

4855
repository.rules().stream()

sonar-python-plugin/src/test/java/org/sonar/plugins/python/PythonRuleRepositoryTest.java

Lines changed: 24 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -25,8 +25,13 @@
2525
import java.util.List;
2626
import java.util.stream.Collectors;
2727
import org.junit.Test;
28+
import org.sonar.api.SonarEdition;
29+
import org.sonar.api.SonarQubeSide;
30+
import org.sonar.api.SonarRuntime;
31+
import org.sonar.api.internal.SonarRuntimeImpl;
2832
import org.sonar.api.rules.RuleType;
2933
import org.sonar.api.server.rule.RulesDefinition;
34+
import org.sonar.api.utils.Version;
3035
import org.sonar.python.checks.CheckList;
3136

3237
import static org.assertj.core.api.Assertions.assertThat;
@@ -58,6 +63,19 @@ public void createRulesTest() throws IOException {
5863
}
5964
}
6065

66+
@Test
67+
public void owaspSecurityStandard() {
68+
RulesDefinition.Repository repository_9_3 = buildRepository(9, 3);
69+
RulesDefinition.Rule s4721_9_3 = repository_9_3.rule("S4721");
70+
assertThat(s4721_9_3).isNotNull();
71+
assertThat(s4721_9_3.securityStandards()).contains("owaspTop10-2021:a3");
72+
73+
RulesDefinition.Repository repository_9_2 = buildRepository(9, 2);
74+
RulesDefinition.Rule s4721_9_2 = repository_9_2.rule("S4721");
75+
assertThat(s4721_9_2).isNotNull();
76+
assertThat(s4721_9_2.securityStandards()).doesNotContain("owaspTop10-2021:a3");
77+
}
78+
6179
private List<String> nonAbstractCheckFiles() throws IOException {
6280
return Files.walk(new File("../python-checks/src/main/java/org/sonar/python/checks").toPath())
6381
.filter(Files::isRegularFile)
@@ -98,7 +116,12 @@ public void hotspotRules() {
98116
}
99117

100118
private static RulesDefinition.Repository buildRepository() {
101-
PythonRuleRepository ruleRepository = new PythonRuleRepository();
119+
return buildRepository(9, 3);
120+
}
121+
122+
private static RulesDefinition.Repository buildRepository(int majorVersion, int minorVersion) {
123+
SonarRuntime sonarRuntime = SonarRuntimeImpl.forSonarQube(Version.create(majorVersion, minorVersion), SonarQubeSide.SERVER, SonarEdition.DEVELOPER);
124+
PythonRuleRepository ruleRepository = new PythonRuleRepository(sonarRuntime);
102125
RulesDefinition.Context context = new RulesDefinition.Context();
103126
ruleRepository.define(context);
104127
return context.repository(CheckList.REPOSITORY_KEY);

0 commit comments

Comments
 (0)