Skip to content

RULEAPI-834 Update remaining rules where defaultSeverity is different from MQR #4686

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 6 commits into from
Feb 21, 2025
Merged

RULEAPI-834 Update remaining rules where defaultSeverity is different from MQR #4686

merged 6 commits into from
Feb 21, 2025

Conversation

nils-werner-sonarsource
Copy link
Contributor

@nils-werner-sonarsource nils-werner-sonarsource commented Feb 21, 2025
edited by jira bot
Loading

RULEAPI-834

Migration strategy

  • For rules with multiple qualities & severity is higher than all qualities: at least one quality needs to have the right mapping (preferred RELIABILITY)
  • For rules where quality is lower than severity: Update quality to higher impact
  • For rules where severity is lower than quality: Update severity to higher impact

frederic-tingaud-sonarsource
frederic-tingaud-sonarsource requested changes Feb 21, 2025
View reviewed changes
Copy link
Contributor

@frederic-tingaud-sonarsource frederic-tingaud-sonarsource left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

My script still finds the following contradictions:
'javascript': ['S5254', 'S6859', 'S7197'], 'common': ['S6680', 'S6827', 'S6845', 'S6846', 'S6847', 'S6848', 'S6851', 'S6852'], 'java': ['S6829', 'S6830', 'S6909', 'S6912', 'S6914', 'S6923', 'S7178', 'S7184', 'S7185', 'S7186', 'S7190'], 'kubernetes': ['S6869'], 'text': ['S7036'], 'python': ['S7181']

frederic-tingaud-sonarsource
frederic-tingaud-sonarsource approved these changes Feb 21, 2025
View reviewed changes
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I added another one that I don't know why was ignored before.

@nils-werner-sonarsource
Copy link
Contributor Author

Before merging @John-Clifton-SonarSource can you validate the migration strategy?

hendrik-buchwald-sonarsource
hendrik-buchwald-sonarsource approved these changes Feb 21, 2025
View reviewed changes
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I reviewed all the security-related rules and the changes there LGTM!

@sonarqube-next SonarQube-Next
Copy link

Quality Gate passed Quality Gate passed for 'rspec-tools'

Issues
0 New issues
0 Fixed issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarQube

@sonarqube-next SonarQube-Next
Copy link

Quality Gate passed Quality Gate passed for 'rspec-frontend'

Issues
0 New issues
0 Fixed issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarQube

@nils-werner-sonarsource nils-werner-sonarsource merged commit 656f853 into master Feb 21, 2025
8 of 9 checks passed
@nils-werner-sonarsource nils-werner-sonarsource deleted the nw/RULEAPI-834 branch February 21, 2025 14:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@hendrik-buchwald-sonarsource hendrik-buchwald-sonarsource hendrik-buchwald-sonarsource approved these changes

@frederic-tingaud-sonarsource frederic-tingaud-sonarsource frederic-tingaud-sonarsource approved these changes

@John-Clifton-SonarSource John-Clifton-SonarSource Awaiting requested review from John-Clifton-SonarSource

Assignees
No one assigned
Labels
common
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@nils-werner-sonarsource @hendrik-buchwald-sonarsource @frederic-tingaud-sonarsource