Updated rules metadata (#1798)

Author: joke1196

python-checks/src/main/resources/org/sonar/l10n/py/rules/python/S1192.html

@@ -9,8 +9,8 @@ <h3>Exceptions</h3>
   <li> strings with only letters, numbers and underscores </li>
 </ul>
 <h2>How to fix it</h2>
-<p>Instead, use constants to replace the duplicated string literals. Constants can be referenced from many places, but only need to be updated in a
-single place.</p>
+<p>Use constants to replace the duplicated string literals. Constants can be referenced from many places, but only need to be updated in a single
+place.</p>
 <h3>Code examples</h3>
 <h4>Noncompliant code example</h4>
 <p>With the default threshold of 3:</p>

python-checks/src/main/resources/org/sonar/l10n/py/rules/python/S2053.html

@@ -108,5 +108,7 @@ <h3>Standards</h3>
   Exposure</a> </li>
   <li> CWE - <a href="https://cwe.mitre.org/data/definitions/759">CWE-759 - Use of a One-Way Hash without a Salt</a> </li>
   <li> CWE - <a href="https://cwe.mitre.org/data/definitions/760">CWE-760 - Use of a One-Way Hash with a Predictable Salt</a> </li>
+  <li> STIG Viewer - <a href="https://stigviewer.com/stig/application_security_and_development/2023-06-08/finding/V-222542">Application Security and
+  Development: V-222542</a> - The application must only store cryptographic representations of passwords. </li>
 </ul>
 

python-checks/src/main/resources/org/sonar/l10n/py/rules/python/S2053.json

@@ -35,6 +35,9 @@
     ],
     "PCI DSS 4.0": [
       "6.2.4"
+    ],
+    "STIG ASD 2023-06-08": [
+      "V-222542"
     ]
   },
   "quickfix": "unknown"

python-checks/src/main/resources/org/sonar/l10n/py/rules/python/S2092.html

@@ -44,5 +44,7 @@ <h2>See</h2>
   <li> CWE - <a href="https://cwe.mitre.org/data/definitions/311">CWE-311 - Missing Encryption of Sensitive Data</a> </li>
   <li> CWE - <a href="https://cwe.mitre.org/data/definitions/315">CWE-315 - Cleartext Storage of Sensitive Information in a Cookie</a> </li>
   <li> CWE - <a href="https://cwe.mitre.org/data/definitions/614">CWE-614 - Sensitive Cookie in HTTPS Session Without 'Secure' Attribute</a> </li>
+  <li> STIG Viewer - <a href="https://stigviewer.com/stig/application_security_and_development/2023-06-08/finding/V-222576">Application Security and
+  Development: V-222576</a> - The application must set the secure flag on session cookies. </li>
 </ul>
 

python-checks/src/main/resources/org/sonar/l10n/py/rules/python/S2092.json

@@ -44,6 +44,9 @@
       "6.1.1",
       "6.1.2",
       "6.1.3"
+    ],
+    "STIG ASD 2023-06-08": [
+      "V-222576"
     ]
   }
 }

python-checks/src/main/resources/org/sonar/l10n/py/rules/python/S2612.html

@@ -46,5 +46,7 @@ <h2>See</h2>
   href="https://owasp.org/www-project-web-security-testing-guide/latest/4-Web_Application_Security_Testing/02-Configuration_and_Deployment_Management_Testing/09-Test_File_Permission">OWASP File Permission</a> </li>
   <li> CWE - <a href="https://cwe.mitre.org/data/definitions/732">CWE-732 - Incorrect Permission Assignment for Critical Resource</a> </li>
   <li> CWE - <a href="https://cwe.mitre.org/data/definitions/266">CWE-266 - Incorrect Privilege Assignment</a> </li>
+  <li> STIG Viewer - <a href="https://stigviewer.com/stig/application_security_and_development/2023-06-08/finding/V-222430">Application Security and
+  Development: V-222430</a> - The application must execute without excessive account permissions. </li>
 </ul>
 

python-checks/src/main/resources/org/sonar/l10n/py/rules/python/S2612.json

@@ -39,6 +39,9 @@
     ],
     "ASVS 4.0": [
       "4.3.3"
+    ],
+    "STIG ASD 2023-06-08": [
+      "V-222430"
     ]
   }
 }

python-checks/src/main/resources/org/sonar/l10n/py/rules/python/S2755.html

@@ -125,5 +125,7 @@ <h3>Standards</h3>
   Entities (XXE)</a> </li>
   <li> CWE - <a href="https://cwe.mitre.org/data/definitions/611">CWE-611 - Information Exposure Through XML External Entity Reference</a> </li>
   <li> CWE - <a href="https://cwe.mitre.org/data/definitions/827">CWE-827 - Improper Control of Document Type Definition</a> </li>
+  <li> STIG Viewer - <a href="https://stigviewer.com/stig/application_security_and_development/2023-06-08/finding/V-222608">Application Security and
+  Development: V-222608</a> - The application must not be vulnerable to XML-oriented attacks. </li>
 </ul>
 

python-checks/src/main/resources/org/sonar/l10n/py/rules/python/S2755.json

@@ -38,6 +38,9 @@
     ],
     "ASVS 4.0": [
       "5.5.2"
+    ],
+    "STIG ASD 2023-06-08": [
+      "V-222608"
     ]
   },
   "quickfix": "unknown"

python-checks/src/main/resources/org/sonar/l10n/py/rules/python/S3330.html

@@ -45,5 +45,7 @@ <h2>See</h2>
   (XSS)</a> </li>
   <li> CWE - <a href="https://cwe.mitre.org/data/definitions/1004">CWE-1004 - Sensitive Cookie Without 'HttpOnly' Flag</a> </li>
   <li> Derived from FindSecBugs rule <a href="https://find-sec-bugs.github.io/bugs.htm#HTTPONLY_COOKIE">HTTPONLY_COOKIE</a> </li>
+  <li> STIG Viewer - <a href="https://stigviewer.com/stig/application_security_and_development/2023-06-08/finding/V-222575">Application Security and
+  Development: V-222575</a> - The application must set the HTTPOnly flag on session cookies. </li>
 </ul>