From 8ca4f969b6e89cddb303b705f7e757a8bf59a929 Mon Sep 17 00:00:00 2001
From: Pavel Mikula <pavel.mikula@sonarsource.com>
Date: Wed, 14 Sep 2022 18:22:18 +0200
Subject: [PATCH 1/3] Update RSPEC

---
 analyzers/rspec/cs/S2115_c#.json              | 12 ++--------
 analyzers/rspec/cs/S3353_c#.html              | 22 ++++++++++++++++++-
 analyzers/rspec/cs/S4423_c#.json              | 12 +---------
 analyzers/rspec/cs/S4426_c#.json              |  9 +-------
 analyzers/rspec/cs/S4433_c#.json              | 12 ++--------
 analyzers/rspec/cs/S4792_c#.json              |  5 +----
 analyzers/rspec/cs/S5542_c#.html              |  2 +-
 analyzers/rspec/cs/S5547_c#.json              |  9 +-------
 analyzers/rspec/vbnet/S4423_vb.net.json       | 12 +---------
 analyzers/rspec/vbnet/S4792_vb.net.json       |  5 +----
 analyzers/rspec/vbnet/S5542_vb.net.html       |  2 +-
 analyzers/rspec/vbnet/S5547_vb.net.json       |  9 +-------
 .../src/SonarAnalyzer.CSharp/sonarpedia.json  |  2 +-
 .../SonarAnalyzer.VisualBasic/sonarpedia.json |  2 +-
 14 files changed, 36 insertions(+), 79 deletions(-)

diff --git a/analyzers/rspec/cs/S2115_c#.json b/analyzers/rspec/cs/S2115_c#.json
index 48f5a74c826..06f850109f2 100644
--- a/analyzers/rspec/cs/S2115_c#.json
+++ b/analyzers/rspec/cs/S2115_c#.json
@@ -33,16 +33,8 @@
       "6.2.4"
     ],
     "ASVS 4.0": [
-      "2.1.1",
-      "2.1.11",
-      "2.1.12",
-      "2.1.2",
-      "2.1.3",
-      "2.1.4",
-      "2.1.7",
-      "2.1.8",
-      "2.1.9",
-      "2.10.3"
+      "9.2.2",
+      "9.2.3"
     ]
   },
   "quickfix": "unknown"
diff --git a/analyzers/rspec/cs/S3353_c#.html b/analyzers/rspec/cs/S3353_c#.html
index bf311a6bfe6..c01da85d836 100644
--- a/analyzers/rspec/cs/S3353_c#.html
+++ b/analyzers/rspec/cs/S3353_c#.html
@@ -4,7 +4,7 @@ <h2>Noncompliant Code Example</h2>
 <pre>
 public bool Seek(int[] input)
 {
-  int target = 32;  // Noncompliant
+  var target = 32;  // Noncompliant
   foreach (int i in input)
   {
     if (i == target)
@@ -15,6 +15,16 @@ <h2>Noncompliant Code Example</h2>
   return false;
 }
 </pre>
+<p>or</p>
+<pre>
+public class Sample
+{
+  public void Method()
+  {
+    var context = $"{nameof(Sample)}.{nameof(Method)}";  // Noncompliant (C# 10 and above only)
+  }
+}
+</pre>
 <h2>Compliant Solution</h2>
 <pre>
 public bool Seek(int[] input)
@@ -30,4 +40,14 @@ <h2>Compliant Solution</h2>
   return false;
 }
 </pre>
+<p>or</p>
+<pre>
+public class Sample
+{
+  public void Method()
+  {
+    const string context = $"{nameof(Sample)}.{nameof(Method)}";
+  }
+}
+</pre>
 
diff --git a/analyzers/rspec/cs/S4423_c#.json b/analyzers/rspec/cs/S4423_c#.json
index 8be24569af2..73a990fefd9 100644
--- a/analyzers/rspec/cs/S4423_c#.json
+++ b/analyzers/rspec/cs/S4423_c#.json
@@ -47,19 +47,9 @@
       "6.2.4"
     ],
     "ASVS 4.0": [
-      "1.9.2",
-      "2.8.3",
-      "2.9.3",
-      "6.2.2",
-      "6.2.3",
-      "6.2.4",
-      "6.2.5",
-      "6.2.6",
-      "6.2.7",
       "8.3.7",
       "9.1.2",
-      "9.1.3",
-      "9.2.1"
+      "9.1.3"
     ]
   },
   "quickfix": "unknown"
diff --git a/analyzers/rspec/cs/S4426_c#.json b/analyzers/rspec/cs/S4426_c#.json
index dae6ad530f6..074908b3705 100644
--- a/analyzers/rspec/cs/S4426_c#.json
+++ b/analyzers/rspec/cs/S4426_c#.json
@@ -35,14 +35,7 @@
       "A2"
     ],
     "ASVS 4.0": [
-      "2.8.3",
-      "6.2.3",
-      "6.2.4",
-      "6.2.5",
-      "6.2.6",
-      "6.2.7",
-      "9.1.2",
-      "9.1.3"
+      "6.2.3"
     ]
   },
   "quickfix": "unknown"
diff --git a/analyzers/rspec/cs/S4433_c#.json b/analyzers/rspec/cs/S4433_c#.json
index 50dbf23ebf1..266b04a149e 100644
--- a/analyzers/rspec/cs/S4433_c#.json
+++ b/analyzers/rspec/cs/S4433_c#.json
@@ -31,16 +31,8 @@
       "6.2.4"
     ],
     "ASVS 4.0": [
-      "2.1.1",
-      "2.1.11",
-      "2.1.12",
-      "2.1.2",
-      "2.1.3",
-      "2.1.4",
-      "2.1.7",
-      "2.1.8",
-      "2.1.9",
-      "2.10.3"
+      "9.2.2",
+      "9.2.3"
     ]
   },
   "quickfix": "unknown"
diff --git a/analyzers/rspec/cs/S4792_c#.json b/analyzers/rspec/cs/S4792_c#.json
index 1811bd87fc4..4a5ee333097 100644
--- a/analyzers/rspec/cs/S4792_c#.json
+++ b/analyzers/rspec/cs/S4792_c#.json
@@ -34,10 +34,7 @@
     ],
     "ASVS 4.0": [
       "7.1.1",
-      "7.1.2",
-      "7.3.1",
-      "7.3.2",
-      "8.3.5"
+      "7.1.2"
     ]
   }
 }
diff --git a/analyzers/rspec/cs/S5542_c#.html b/analyzers/rspec/cs/S5542_c#.html
index e3b47a6e22d..ed9e5172be1 100644
--- a/analyzers/rspec/cs/S5542_c#.html
+++ b/analyzers/rspec/cs/S5542_c#.html
@@ -3,7 +3,7 @@
   <li> For block cipher encryption algorithms (like AES):
     <ul>
       <li> The ECB (Electronic Codebook) cipher mode doesn’t provide serious message confidentiality: under a given key any given plaintext block
-      always gets encrypted to the same ciphertext block. This mode never be used. </li>
+      always gets encrypted to the same ciphertext block. This mode should never be used. </li>
       <li> The CBC (Cipher Block Chaining) mode by itself provides only data confidentiality. This cipher mode is also vulnerable to <a
       href="https://en.wikipedia.org/wiki/Padding_oracle_attack">padding oracle attacks</a> when used with padding. Using CBC along with Message
       Authentication Code can provide data integrity and should prevent such attacks. In practice the implementation has many pitfalls and it’s
diff --git a/analyzers/rspec/cs/S5547_c#.json b/analyzers/rspec/cs/S5547_c#.json
index 86d4b93c7f2..8d46cd709f2 100644
--- a/analyzers/rspec/cs/S5547_c#.json
+++ b/analyzers/rspec/cs/S5547_c#.json
@@ -46,17 +46,10 @@
       "6.2.4"
     ],
     "ASVS 4.0": [
-      "2.8.3",
-      "2.9.3",
       "6.2.2",
       "6.2.3",
-      "6.2.4",
       "6.2.5",
-      "6.2.6",
-      "6.2.7",
-      "8.3.7",
-      "9.1.2",
-      "9.1.3"
+      "8.3.7"
     ]
   },
   "quickfix": "unknown"
diff --git a/analyzers/rspec/vbnet/S4423_vb.net.json b/analyzers/rspec/vbnet/S4423_vb.net.json
index 8be24569af2..73a990fefd9 100644
--- a/analyzers/rspec/vbnet/S4423_vb.net.json
+++ b/analyzers/rspec/vbnet/S4423_vb.net.json
@@ -47,19 +47,9 @@
       "6.2.4"
     ],
     "ASVS 4.0": [
-      "1.9.2",
-      "2.8.3",
-      "2.9.3",
-      "6.2.2",
-      "6.2.3",
-      "6.2.4",
-      "6.2.5",
-      "6.2.6",
-      "6.2.7",
       "8.3.7",
       "9.1.2",
-      "9.1.3",
-      "9.2.1"
+      "9.1.3"
     ]
   },
   "quickfix": "unknown"
diff --git a/analyzers/rspec/vbnet/S4792_vb.net.json b/analyzers/rspec/vbnet/S4792_vb.net.json
index 1811bd87fc4..4a5ee333097 100644
--- a/analyzers/rspec/vbnet/S4792_vb.net.json
+++ b/analyzers/rspec/vbnet/S4792_vb.net.json
@@ -34,10 +34,7 @@
     ],
     "ASVS 4.0": [
       "7.1.1",
-      "7.1.2",
-      "7.3.1",
-      "7.3.2",
-      "8.3.5"
+      "7.1.2"
     ]
   }
 }
diff --git a/analyzers/rspec/vbnet/S5542_vb.net.html b/analyzers/rspec/vbnet/S5542_vb.net.html
index fb83abe92d2..13ec9160e68 100644
--- a/analyzers/rspec/vbnet/S5542_vb.net.html
+++ b/analyzers/rspec/vbnet/S5542_vb.net.html
@@ -3,7 +3,7 @@
   <li> For block cipher encryption algorithms (like AES):
     <ul>
       <li> The ECB (Electronic Codebook) cipher mode doesn’t provide serious message confidentiality: under a given key any given plaintext block
-      always gets encrypted to the same ciphertext block. This mode never be used. </li>
+      always gets encrypted to the same ciphertext block. This mode should never be used. </li>
       <li> The CBC (Cipher Block Chaining) mode by itself provides only data confidentiality. This cipher mode is also vulnerable to <a
       href="https://en.wikipedia.org/wiki/Padding_oracle_attack">padding oracle attacks</a> when used with padding. Using CBC along with Message
       Authentication Code can provide data integrity and should prevent such attacks. In practice the implementation has many pitfalls and it’s
diff --git a/analyzers/rspec/vbnet/S5547_vb.net.json b/analyzers/rspec/vbnet/S5547_vb.net.json
index 86d4b93c7f2..8d46cd709f2 100644
--- a/analyzers/rspec/vbnet/S5547_vb.net.json
+++ b/analyzers/rspec/vbnet/S5547_vb.net.json
@@ -46,17 +46,10 @@
       "6.2.4"
     ],
     "ASVS 4.0": [
-      "2.8.3",
-      "2.9.3",
       "6.2.2",
       "6.2.3",
-      "6.2.4",
       "6.2.5",
-      "6.2.6",
-      "6.2.7",
-      "8.3.7",
-      "9.1.2",
-      "9.1.3"
+      "8.3.7"
     ]
   },
   "quickfix": "unknown"
diff --git a/analyzers/src/SonarAnalyzer.CSharp/sonarpedia.json b/analyzers/src/SonarAnalyzer.CSharp/sonarpedia.json
index 50865bde844..dc27f5d11fc 100644
--- a/analyzers/src/SonarAnalyzer.CSharp/sonarpedia.json
+++ b/analyzers/src/SonarAnalyzer.CSharp/sonarpedia.json
@@ -3,5 +3,5 @@
   "languages": [
     "CSH"
   ],
-  "latest-update": "2022-08-18T08:35:17.004977500Z"
+  "latest-update": "2022-09-14T16:21:02.591923800Z"
 }
\ No newline at end of file
diff --git a/analyzers/src/SonarAnalyzer.VisualBasic/sonarpedia.json b/analyzers/src/SonarAnalyzer.VisualBasic/sonarpedia.json
index f5729bcf6d3..022508880bb 100644
--- a/analyzers/src/SonarAnalyzer.VisualBasic/sonarpedia.json
+++ b/analyzers/src/SonarAnalyzer.VisualBasic/sonarpedia.json
@@ -3,5 +3,5 @@
   "languages": [
     "VBNET"
   ],
-  "latest-update": "2022-08-18T08:36:58.940958600Z"
+  "latest-update": "2022-09-14T16:20:27.237152200Z"
 }
\ No newline at end of file

From cc053635b62071a361d0bd43a3bbad04c9341fca Mon Sep 17 00:00:00 2001
From: Pavel Mikula <pavel.mikula@sonarsource.com>
Date: Thu, 15 Sep 2022 08:36:21 +0200
Subject: [PATCH 2/3] Empty commit to rerun CI


From 86939fdc4724d80e9bb5b4d2e5e49cb417ae879d Mon Sep 17 00:00:00 2001
From: Pavel Mikula <pavel.mikula@sonarsource.com>
Date: Thu, 15 Sep 2022 14:38:32 +0200
Subject: [PATCH 3/3] Fix Java UT

---
 .../plugins/csharp/CSharpSonarRulesDefinitionTest.java     | 7 -------
 1 file changed, 7 deletions(-)

diff --git a/sonar-csharp-plugin/src/test/java/org/sonar/plugins/csharp/CSharpSonarRulesDefinitionTest.java b/sonar-csharp-plugin/src/test/java/org/sonar/plugins/csharp/CSharpSonarRulesDefinitionTest.java
index b58049c2a96..1aa6e601e1d 100644
--- a/sonar-csharp-plugin/src/test/java/org/sonar/plugins/csharp/CSharpSonarRulesDefinitionTest.java
+++ b/sonar-csharp-plugin/src/test/java/org/sonar/plugins/csharp/CSharpSonarRulesDefinitionTest.java
@@ -107,14 +107,7 @@ public void test_security_standards_with_vulnerability() {
     assertThat(rule.type()).isEqualTo(RuleType.VULNERABILITY);
     assertThat(rule.securityStandards()).containsExactlyInAnyOrder(
       "cwe:326",
-      "owaspAsvs-4.0:2.8.3",
       "owaspAsvs-4.0:6.2.3",
-      "owaspAsvs-4.0:6.2.4",
-      "owaspAsvs-4.0:6.2.5",
-      "owaspAsvs-4.0:6.2.6",
-      "owaspAsvs-4.0:6.2.7",
-      "owaspAsvs-4.0:9.1.2",
-      "owaspAsvs-4.0:9.1.3",
       "owaspTop10-2021:a2",
       "owaspTop10:a3",
       "owaspTop10:a6");