From 0d39d92bd08442fc5f7f65adb1c7699a98f455b5 Mon Sep 17 00:00:00 2001
From: mary-georgiou-sonarsource <mary.georgiou@sonarsource.com>
Date: Fri, 1 Sep 2023 13:53:05 +0200
Subject: [PATCH 1/4] delete rule files

---
 .../Rules/Hotspots/SocketsCreation.cs         | 32 -------------
 .../Rules/Hotspots/SocketsCreationBase.cs     | 41 ----------------
 .../Rules/Hotspots/SocketsCreation.cs         | 32 -------------
 .../PackagingTests/RuleTypeMappingCS.cs       |  2 +-
 .../PackagingTests/RuleTypeMappingVB.cs       |  2 +-
 .../Rules/Hotspots/SocketsCreationTest.cs     | 46 ------------------
 .../TestCases/Hotspots/SocketsCreation.cs     | 42 -----------------
 .../TestCases/Hotspots/SocketsCreation.vb     | 47 -------------------
 8 files changed, 2 insertions(+), 242 deletions(-)
 delete mode 100644 analyzers/src/SonarAnalyzer.CSharp/Rules/Hotspots/SocketsCreation.cs
 delete mode 100644 analyzers/src/SonarAnalyzer.Common/Rules/Hotspots/SocketsCreationBase.cs
 delete mode 100644 analyzers/src/SonarAnalyzer.VisualBasic/Rules/Hotspots/SocketsCreation.cs
 delete mode 100644 analyzers/tests/SonarAnalyzer.UnitTest/Rules/Hotspots/SocketsCreationTest.cs
 delete mode 100644 analyzers/tests/SonarAnalyzer.UnitTest/TestCases/Hotspots/SocketsCreation.cs
 delete mode 100644 analyzers/tests/SonarAnalyzer.UnitTest/TestCases/Hotspots/SocketsCreation.vb

diff --git a/analyzers/src/SonarAnalyzer.CSharp/Rules/Hotspots/SocketsCreation.cs b/analyzers/src/SonarAnalyzer.CSharp/Rules/Hotspots/SocketsCreation.cs
deleted file mode 100644
index a2554893e75..00000000000
--- a/analyzers/src/SonarAnalyzer.CSharp/Rules/Hotspots/SocketsCreation.cs
+++ /dev/null
@@ -1,32 +0,0 @@
-/*
- * SonarAnalyzer for .NET
- * Copyright (C) 2015-2023 SonarSource SA
- * mailto: contact AT sonarsource DOT com
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 3 of the License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public License
- * along with this program; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
- */
-
-namespace SonarAnalyzer.Rules.CSharp
-{
-    [DiagnosticAnalyzer(LanguageNames.CSharp)]
-    public sealed class SocketsCreation : SocketsCreationBase<SyntaxKind>
-    {
-        protected override ILanguageFacade<SyntaxKind> Language => CSharpFacade.Instance;
-
-        public SocketsCreation() : this(AnalyzerConfiguration.Hotspot) { }
-
-        internal /*for testing*/ SocketsCreation(IAnalyzerConfiguration configuration) : base(configuration) { }
-    }
-}
diff --git a/analyzers/src/SonarAnalyzer.Common/Rules/Hotspots/SocketsCreationBase.cs b/analyzers/src/SonarAnalyzer.Common/Rules/Hotspots/SocketsCreationBase.cs
deleted file mode 100644
index 2a4353a7cb7..00000000000
--- a/analyzers/src/SonarAnalyzer.Common/Rules/Hotspots/SocketsCreationBase.cs
+++ /dev/null
@@ -1,41 +0,0 @@
-/*
- * SonarAnalyzer for .NET
- * Copyright (C) 2015-2023 SonarSource SA
- * mailto: contact AT sonarsource DOT com
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 3 of the License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public License
- * along with this program; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
- */
-
-namespace SonarAnalyzer.Rules
-{
-    public abstract class SocketsCreationBase<TSyntaxKind> : TrackerHotspotDiagnosticAnalyzer<TSyntaxKind>
-        where TSyntaxKind : struct
-    {
-        protected const string DiagnosticId = "S4818";
-        private const string MessageFormat = "Make sure that sockets are used safely here.";
-
-        protected SocketsCreationBase(IAnalyzerConfiguration configuration) : base(configuration, DiagnosticId, MessageFormat) { }
-
-        protected override void Initialize(TrackerInput input)
-        {
-            var t = Language.Tracker.ObjectCreation;
-            t.Track(input,
-                t.MatchConstructor(
-                    KnownType.System_Net_Sockets_Socket,
-                    KnownType.System_Net_Sockets_TcpClient,
-                    KnownType.System_Net_Sockets_UdpClient));
-        }
-    }
-}
diff --git a/analyzers/src/SonarAnalyzer.VisualBasic/Rules/Hotspots/SocketsCreation.cs b/analyzers/src/SonarAnalyzer.VisualBasic/Rules/Hotspots/SocketsCreation.cs
deleted file mode 100644
index 05419fbf7cc..00000000000
--- a/analyzers/src/SonarAnalyzer.VisualBasic/Rules/Hotspots/SocketsCreation.cs
+++ /dev/null
@@ -1,32 +0,0 @@
-/*
- * SonarAnalyzer for .NET
- * Copyright (C) 2015-2023 SonarSource SA
- * mailto: contact AT sonarsource DOT com
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 3 of the License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public License
- * along with this program; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
- */
-
-namespace SonarAnalyzer.Rules.VisualBasic
-{
-    [DiagnosticAnalyzer(LanguageNames.VisualBasic)]
-    public sealed class SocketsCreation : SocketsCreationBase<SyntaxKind>
-    {
-        protected override ILanguageFacade<SyntaxKind> Language => VisualBasicFacade.Instance;
-
-        public SocketsCreation() : this(AnalyzerConfiguration.Hotspot) { }
-
-        internal /*for testing*/ SocketsCreation(IAnalyzerConfiguration configuration) : base(configuration) { }
-    }
-}
diff --git a/analyzers/tests/SonarAnalyzer.UnitTest/PackagingTests/RuleTypeMappingCS.cs b/analyzers/tests/SonarAnalyzer.UnitTest/PackagingTests/RuleTypeMappingCS.cs
index 1b871d1ffd5..a59f0383d31 100644
--- a/analyzers/tests/SonarAnalyzer.UnitTest/PackagingTests/RuleTypeMappingCS.cs
+++ b/analyzers/tests/SonarAnalyzer.UnitTest/PackagingTests/RuleTypeMappingCS.cs
@@ -4742,7 +4742,7 @@ internal static class RuleTypeMappingCS
         // ["S4815"],
         // ["S4816"],
         // ["S4817"] = "SECURITY_HOTSPOT",
-        ["S4818"] = "SECURITY_HOTSPOT",
+        // ["S4818"],
         // ["S4819"],
         // ["S4820"],
         // ["S4821"],
diff --git a/analyzers/tests/SonarAnalyzer.UnitTest/PackagingTests/RuleTypeMappingVB.cs b/analyzers/tests/SonarAnalyzer.UnitTest/PackagingTests/RuleTypeMappingVB.cs
index 1ca13bef5b0..d3533f24d37 100644
--- a/analyzers/tests/SonarAnalyzer.UnitTest/PackagingTests/RuleTypeMappingVB.cs
+++ b/analyzers/tests/SonarAnalyzer.UnitTest/PackagingTests/RuleTypeMappingVB.cs
@@ -4742,7 +4742,7 @@ internal static class RuleTypeMappingVB
         // ["S4815"],
         // ["S4816"],
         // ["S4817"] = "SECURITY_HOTSPOT",
-        ["S4818"] = "SECURITY_HOTSPOT",
+        // ["S4818"],
         // ["S4819"],
         // ["S4820"],
         // ["S4821"],
diff --git a/analyzers/tests/SonarAnalyzer.UnitTest/Rules/Hotspots/SocketsCreationTest.cs b/analyzers/tests/SonarAnalyzer.UnitTest/Rules/Hotspots/SocketsCreationTest.cs
deleted file mode 100644
index 69694e99e49..00000000000
--- a/analyzers/tests/SonarAnalyzer.UnitTest/Rules/Hotspots/SocketsCreationTest.cs
+++ /dev/null
@@ -1,46 +0,0 @@
-/*
- * SonarAnalyzer for .NET
- * Copyright (C) 2015-2023 SonarSource SA
- * mailto: contact AT sonarsource DOT com
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 3 of the License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public License
- * along with this program; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
- */
-
-using CS = SonarAnalyzer.Rules.CSharp;
-using VB = SonarAnalyzer.Rules.VisualBasic;
-
-namespace SonarAnalyzer.UnitTest.Rules
-{
-    [TestClass]
-    public class SocketsCreationTest
-    {
-        [TestMethod]
-        public void SocketsCreation_CS() =>
-            new VerifierBuilder().WithBasePath("Hotspots").AddAnalyzer(() => new CS.SocketsCreation(AnalyzerConfiguration.AlwaysEnabled))
-                .AddPaths("SocketsCreation.cs")
-                .AddReferences(GetAdditionalReferences())
-                .Verify();
-
-        [TestMethod]
-        public void SocketsCreation_VB() =>
-            new VerifierBuilder().WithBasePath("Hotspots").AddAnalyzer(() => new VB.SocketsCreation(AnalyzerConfiguration.AlwaysEnabled))
-                .AddPaths("SocketsCreation.vb")
-                .AddReferences(GetAdditionalReferences())
-                .Verify();
-
-        private static IEnumerable<MetadataReference> GetAdditionalReferences() =>
-            MetadataReferenceFacade.SystemNetSockets.Concat(MetadataReferenceFacade.SystemNetPrimitives);
-    }
-}
diff --git a/analyzers/tests/SonarAnalyzer.UnitTest/TestCases/Hotspots/SocketsCreation.cs b/analyzers/tests/SonarAnalyzer.UnitTest/TestCases/Hotspots/SocketsCreation.cs
deleted file mode 100644
index a8f98a9b8ab..00000000000
--- a/analyzers/tests/SonarAnalyzer.UnitTest/TestCases/Hotspots/SocketsCreation.cs
+++ /dev/null
@@ -1,42 +0,0 @@
-namespace Tests.Diagnostics
-{
-    using System.Net.Sockets;
-
-    public class TestSocket
-    {
-        // RSpec example: https://jira.sonarsource.com/browse/RSPEC-4944
-        public static void Run()
-        {
-            Socket socket = new Socket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp);
-//                          ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ {{Make sure that sockets are used safely here.}}
-
-            // TcpClient and UdpClient simply abstract the details of creating a Socket
-            TcpClient client = new TcpClient("example.com", 80);
-//                             ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^  {{Make sure that sockets are used safely here.}}
-
-            UdpClient listener = new UdpClient(80);
-//                               ^^^^^^^^^^^^^^^^^  {{Make sure that sockets are used safely here.}}
-        }
-
-
-        public void Tests(Socket socket, TcpClient tcp, UdpClient udp)
-        {
-            // Ok to call other methods and properties
-            socket.Accept();
-            var isAvailable = tcp.Available;
-            udp.DontFragment = true;
-
-            // Creating of subclasses is not checked
-            new MySocket();
-            new MyTcpClient();
-            new MyUdpClient();
-        }
-    }
-
-    public class MySocket : Socket
-    {
-        public MySocket() : base(new SocketInformation()) { }
-    }
-    public class MyTcpClient : TcpClient { }
-    public class MyUdpClient : UdpClient { }
-}
diff --git a/analyzers/tests/SonarAnalyzer.UnitTest/TestCases/Hotspots/SocketsCreation.vb b/analyzers/tests/SonarAnalyzer.UnitTest/TestCases/Hotspots/SocketsCreation.vb
deleted file mode 100644
index ff66e51133c..00000000000
--- a/analyzers/tests/SonarAnalyzer.UnitTest/TestCases/Hotspots/SocketsCreation.vb
+++ /dev/null
@@ -1,47 +0,0 @@
-Imports System.Net.Sockets
-
-Namespace Tests.TestCases
-    Public Class Sockets
-
-        ' RSpec example: https://jira.sonarsource.com/browse/RSPEC-4996
-        Public Shared Sub Run()
-            Dim socket As Socket = New Socket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp)
-'                                  ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ {{Make sure that sockets are used safely here.}}
-
-            ' TcpClient And UdpClient simply abstract the details of creating a Socket
-            Dim client As TcpClient = New TcpClient("example.com", 80)
-'                                     ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ {{Make sure that sockets are used safely here.}}
-
-            Dim listener As UdpClient = New UdpClient(80)
-'                                       ^^^^^^^^^^^^^^^^^ {{Make sure that sockets are used safely here.}}
-        End Sub
-
-        Public Sub Tests(socket As Socket, tcp As TcpClient, udp As UdpClient)
-            ' Ok to call other methods And properties
-            socket.Accept()
-            Dim isAvailable = tcp.Available
-            udp.DontFragment = True
-
-            'Creating of subclasses ís not checked
-            Dim x As Object = New MySocket()
-            x = New MyTcpClient()
-            x = New MyUdpClient()
-        End Sub
-    End Class
-
-    Public Class MySocket
-        Inherits Socket
-        Sub New()
-            MyBase.New(CType(Nothing, SocketInformation))
-        End Sub
-    End Class
-
-    Friend Class MyTcpClient
-        Inherits TcpClient
-    End Class
-
-    Public Class MyUdpClient
-        Inherits UdpClient
-    End Class
-
-End Namespace

From cfb521aa958d7476c192f0e528c0eeb44b9dcf06 Mon Sep 17 00:00:00 2001
From: mary-georgiou-sonarsource <mary.georgiou@sonarsource.com>
Date: Fri, 1 Sep 2023 16:29:25 +0200
Subject: [PATCH 2/4] add rule id to deleted rules hashet

---
 .../tests/SonarAnalyzer.UnitTest/PackagingTests/RuleTypeTest.cs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/analyzers/tests/SonarAnalyzer.UnitTest/PackagingTests/RuleTypeTest.cs b/analyzers/tests/SonarAnalyzer.UnitTest/PackagingTests/RuleTypeTest.cs
index 53f5447a76c..2e4ee26dcd5 100644
--- a/analyzers/tests/SonarAnalyzer.UnitTest/PackagingTests/RuleTypeTest.cs
+++ b/analyzers/tests/SonarAnalyzer.UnitTest/PackagingTests/RuleTypeTest.cs
@@ -28,7 +28,7 @@ public class RuleTypeTest
     {
         // Rules that have been deprecated and deleted.
         // When changing this please do not forget to notify the product teams (SQ, SC, SL).
-        private static readonly HashSet<string> DeletedRules = new() { "S1145", "S1697", "S2070", "S2255", "S2278", "S2758", "S3693", "S4142", "S4432", "S4787"};
+        private static readonly HashSet<string> DeletedRules = new() { "S1145", "S1697", "S2070", "S2255", "S2278", "S2758", "S3693", "S4142", "S4432", "S4787", "S4818"};
 
         [TestMethod]
         public void DetectRuleTypeChanges_CS() =>

From 7406c4dbebe546a717240068f255b51c0b1412bf Mon Sep 17 00:00:00 2001
From: mary-georgiou-sonarsource <mary.georgiou@sonarsource.com>
Date: Fri, 1 Sep 2023 16:30:31 +0200
Subject: [PATCH 3/4] delete rspecs

---
 analyzers/rspec/cs/S4818.html    | 57 --------------------------------
 analyzers/rspec/cs/S4818.json    | 10 ------
 analyzers/rspec/vbnet/S4818.html | 57 --------------------------------
 analyzers/rspec/vbnet/S4818.json | 10 ------
 4 files changed, 134 deletions(-)
 delete mode 100644 analyzers/rspec/cs/S4818.html
 delete mode 100644 analyzers/rspec/cs/S4818.json
 delete mode 100644 analyzers/rspec/vbnet/S4818.html
 delete mode 100644 analyzers/rspec/vbnet/S4818.json

diff --git a/analyzers/rspec/cs/S4818.html b/analyzers/rspec/cs/S4818.html
deleted file mode 100644
index b41a3db13bf..00000000000
--- a/analyzers/rspec/cs/S4818.html
+++ /dev/null
@@ -1,57 +0,0 @@
-<p>This rule is deprecated, and will eventually be removed.</p>
-<p>Using sockets is security-sensitive. It has led in the past to the following vulnerabilities:</p>
-<ul>
-  <li> <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1785">CVE-2011-178</a> </li>
-  <li> <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5645">CVE-2017-5645</a> </li>
-  <li> <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6597">CVE-2018-6597</a> </li>
-</ul>
-<p>Sockets are vulnerable in multiple ways:</p>
-<ul>
-  <li> They enable a software to interact with the outside world. As this world is full of attackers it is necessary to check that they cannot receive
-  sensitive information or inject dangerous input. </li>
-  <li> The number of sockets is limited and can be exhausted. Which makes the application unresponsive to users who need additional sockets. </li>
-</ul>
-<p>This rules flags code that creates sockets. It matches only the direct use of sockets, not use through frameworks or high-level APIs such as the
-use of http connections.</p>
-<h2>Ask Yourself Whether</h2>
-<ul>
-  <li> sockets are created without any limit every time a user performs an action. </li>
-  <li> input received from sockets is used without being sanitized. </li>
-  <li> sensitive data is sent via sockets without being encrypted. </li>
-</ul>
-<p>There is a risk if you answered yes to any of those questions.</p>
-<h2>Recommended Secure Coding Practices</h2>
-<ul>
-  <li> In many cases there is no need to open a socket yourself. Use instead libraries and existing protocols. </li>
-  <li> Encrypt all data sent if it is sensitive. Usually it is better to encrypt it even if the data is not sensitive as it might change later. </li>
-  <li> <a href="https://www.owasp.org/index.php/Input_Validation_Cheat_Sheet">Sanitize</a> any input read from the socket. </li>
-  <li> Limit the number of sockets a given user can create. Close the sockets as soon as possible. </li>
-</ul>
-<h2>Sensitive Code Example</h2>
-<pre>
-using System.Net.Sockets;
-
-class TestSocket
-{
-    public static void Run()
-    {
-        // Sensitive
-        Socket socket = new Socket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp);
-
-        // TcpClient and UdpClient simply abstract the details of creating a Socket
-        TcpClient client = new TcpClient("example.com", 80); // Sensitive
-        UdpClient listener = new UdpClient(80); // Sensitive
-    }
-}
-</pre>
-<h2>See</h2>
-<ul>
-  <li> <a href="https://www.owasp.org/www-project-top-ten/2017/A3_2017-Sensitive_Data_Exposure">OWASP Top 10 2017 Category A3</a> - Sensitive Data
-  Exposure </li>
-  <li> <a href="https://cwe.mitre.org/data/definitions/20">MITRE, CWE-20</a> - Improper Input Validation </li>
-  <li> <a href="https://cwe.mitre.org/data/definitions/400">MITRE, CWE-400</a> - Uncontrolled Resource Consumption ('Resource Exhaustion') </li>
-  <li> <a href="https://cwe.mitre.org/data/definitions/200">MITRE, CWE-200</a> - Exposure of Sensitive Information to an Unauthorized Actor </li>
-  <li> <a href="https://www.sans.org/top25-software-errors/#cat2">SANS Top 25</a> - Risky Resource Management </li>
-  <li> <a href="https://www.sans.org/top25-software-errors/#cat3">SANS Top 25</a> - Porous Defenses </li>
-</ul>
-
diff --git a/analyzers/rspec/cs/S4818.json b/analyzers/rspec/cs/S4818.json
deleted file mode 100644
index ee901ec953e..00000000000
--- a/analyzers/rspec/cs/S4818.json
+++ /dev/null
@@ -1,10 +0,0 @@
-{
-  "title": "Using Sockets is security-sensitive",
-  "type": "SECURITY_HOTSPOT",
-  "status": "deprecated",
-  "tags": [],
-  "defaultSeverity": "Critical",
-  "ruleSpecification": "RSPEC-4818",
-  "sqKey": "S4818",
-  "scope": "Main"
-}
diff --git a/analyzers/rspec/vbnet/S4818.html b/analyzers/rspec/vbnet/S4818.html
deleted file mode 100644
index 0ebbaa30582..00000000000
--- a/analyzers/rspec/vbnet/S4818.html
+++ /dev/null
@@ -1,57 +0,0 @@
-<p>This rule is deprecated, and will eventually be removed.</p>
-<p>Using sockets is security-sensitive. It has led in the past to the following vulnerabilities:</p>
-<ul>
-  <li> <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1785">CVE-2011-178</a> </li>
-  <li> <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5645">CVE-2017-5645</a> </li>
-  <li> <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6597">CVE-2018-6597</a> </li>
-</ul>
-<p>Sockets are vulnerable in multiple ways:</p>
-<ul>
-  <li> They enable a software to interact with the outside world. As this world is full of attackers it is necessary to check that they cannot receive
-  sensitive information or inject dangerous input. </li>
-  <li> The number of sockets is limited and can be exhausted. Which makes the application unresponsive to users who need additional sockets. </li>
-</ul>
-<p>This rules flags code that creates sockets. It matches only the direct use of sockets, not use through frameworks or high-level APIs such as the
-use of http connections.</p>
-<h2>Ask Yourself Whether</h2>
-<ul>
-  <li> sockets are created without any limit every time a user performs an action. </li>
-  <li> input received from sockets is used without being sanitized. </li>
-  <li> sensitive data is sent via sockets without being encrypted. </li>
-</ul>
-<p>There is a risk if you answered yes to any of those questions.</p>
-<h2>Recommended Secure Coding Practices</h2>
-<ul>
-  <li> In many cases there is no need to open a socket yourself. Use instead libraries and existing protocols. </li>
-  <li> Encrypt all data sent if it is sensitive. Usually it is better to encrypt it even if the data is not sensitive as it might change later. </li>
-  <li> <a href="https://www.owasp.org/index.php/Input_Validation_Cheat_Sheet">Sanitize</a> any input read from the socket. </li>
-  <li> Limit the number of sockets a given user can create. Close the sockets as soon as possible. </li>
-</ul>
-<h2>Sensitive Code Example</h2>
-<pre>
-Imports System.Net.Sockets
-
-Public Class Sockets
-
-    Public Shared Sub Run()
-        ' Sensitive
-        Dim socket As Socket = New Socket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp)
-
-        ' TcpClient And UdpClient simply abstract the details of creating a Socket
-        Dim client As TcpClient = New TcpClient("example.com", 80) ' Sensitive
-        Dim listener As UdpClient = New UdpClient(80)   ' Sensitive
-    End Sub
-
-End Class
-</pre>
-<h2>See</h2>
-<ul>
-  <li> <a href="https://www.owasp.org/www-project-top-ten/2017/A3_2017-Sensitive_Data_Exposure">OWASP Top 10 2017 Category A3</a> - Sensitive Data
-  Exposure </li>
-  <li> <a href="https://cwe.mitre.org/data/definitions/20">MITRE, CWE-20</a> - Improper Input Validation </li>
-  <li> <a href="https://cwe.mitre.org/data/definitions/400">MITRE, CWE-400</a> - Uncontrolled Resource Consumption ('Resource Exhaustion') </li>
-  <li> <a href="https://cwe.mitre.org/data/definitions/200">MITRE, CWE-200</a> - Exposure of Sensitive Information to an Unauthorized Actor </li>
-  <li> <a href="https://www.sans.org/top25-software-errors/#cat2">SANS Top 25</a> - Risky Resource Management </li>
-  <li> <a href="https://www.sans.org/top25-software-errors/#cat3">SANS Top 25</a> - Porous Defenses </li>
-</ul>
-
diff --git a/analyzers/rspec/vbnet/S4818.json b/analyzers/rspec/vbnet/S4818.json
deleted file mode 100644
index ee901ec953e..00000000000
--- a/analyzers/rspec/vbnet/S4818.json
+++ /dev/null
@@ -1,10 +0,0 @@
-{
-  "title": "Using Sockets is security-sensitive",
-  "type": "SECURITY_HOTSPOT",
-  "status": "deprecated",
-  "tags": [],
-  "defaultSeverity": "Critical",
-  "ruleSpecification": "RSPEC-4818",
-  "sqKey": "S4818",
-  "scope": "Main"
-}

From c2c4a5cadb92f6088391968611be357ef1f53757 Mon Sep 17 00:00:00 2001
From: mary-georgiou-sonarsource <mary.georgiou@sonarsource.com>
Date: Fri, 1 Sep 2023 16:41:22 +0200
Subject: [PATCH 4/4] update ITs

Update ITs

update Its
---
 ...35-F186-4193-AF35-D20126B8DA64}-S4818.json | 17 ----
 .../akka.net/Akka--netstandard2.0-S4818.json  | 82 -------------------
 ...Streams.TestKit--netstandard2.0-S4818.json | 17 ----
 ...ests.Performance--netcoreapp3.1-S4818.json | 17 ----
 4 files changed, 133 deletions(-)
 delete mode 100644 analyzers/its/expected/Ember-MM/generic.EmberCore.WebServer-{64D6F035-F186-4193-AF35-D20126B8DA64}-S4818.json
 delete mode 100644 analyzers/its/expected/akka.net/Akka--netstandard2.0-S4818.json
 delete mode 100644 analyzers/its/expected/akka.net/Akka.Streams.TestKit--netstandard2.0-S4818.json
 delete mode 100644 analyzers/its/expected/akka.net/Akka.Tests.Performance--netcoreapp3.1-S4818.json

diff --git a/analyzers/its/expected/Ember-MM/generic.EmberCore.WebServer-{64D6F035-F186-4193-AF35-D20126B8DA64}-S4818.json b/analyzers/its/expected/Ember-MM/generic.EmberCore.WebServer-{64D6F035-F186-4193-AF35-D20126B8DA64}-S4818.json
deleted file mode 100644
index 65b73b54416..00000000000
--- a/analyzers/its/expected/Ember-MM/generic.EmberCore.WebServer-{64D6F035-F186-4193-AF35-D20126B8DA64}-S4818.json
+++ /dev/null
@@ -1,17 +0,0 @@
-{
-"issues":  [
-{
-"id":  "S4818",
-"message":  "Make sure that sockets are used safely here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/generic.EmberCore.WebServer/Module.WebServer.vb#L163",
-"region":  {
-"startLine":  163,
-"startColumn":  28,
-"endLine":  163,
-"endColumn":  103
-}
-}
-}
-]
-}
diff --git a/analyzers/its/expected/akka.net/Akka--netstandard2.0-S4818.json b/analyzers/its/expected/akka.net/Akka--netstandard2.0-S4818.json
deleted file mode 100644
index 622000ccc39..00000000000
--- a/analyzers/its/expected/akka.net/Akka--netstandard2.0-S4818.json
+++ /dev/null
@@ -1,82 +0,0 @@
-{
-"issues":  [
-{
-"id":  "S4818",
-"message":  "Make sure that sockets are used safely here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/akka.net/src/core/Akka/IO/Inet.cs#L80",
-"region":  {
-"startLine":  80,
-"startColumn":  24,
-"endLine":  80,
-"endColumn":  70
-}
-}
-},
-{
-"id":  "S4818",
-"message":  "Make sure that sockets are used safely here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/akka.net/src/core/Akka/IO/TcpListener.cs#L47",
-"region":  {
-"startLine":  47,
-"startColumn":  23,
-"endLine":  47,
-"endColumn":  125
-}
-}
-},
-{
-"id":  "S4818",
-"message":  "Make sure that sockets are used safely here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/akka.net/src/core/Akka/IO/TcpOutgoingConnection.cs#L33",
-"region":  {
-"startLine":  33,
-"startColumn":  26,
-"endLine":  33,
-"endColumn":  122
-}
-}
-},
-{
-"id":  "S4818",
-"message":  "Make sure that sockets are used safely here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/akka.net/src/core/Akka/IO/TcpOutgoingConnection.cs#L34",
-"region":  {
-"startLine":  34,
-"startColumn":  26,
-"endLine":  34,
-"endColumn":  94
-}
-}
-},
-{
-"id":  "S4818",
-"message":  "Make sure that sockets are used safely here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/akka.net/src/core/Akka/IO/UdpConnection.cs#L76",
-"region":  {
-"startLine":  76,
-"startColumn":  27,
-"endLine":  76,
-"endColumn":  94
-}
-}
-},
-{
-"id":  "S4818",
-"message":  "Make sure that sockets are used safely here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/akka.net/src/core/Akka/IO/UdpSender.cs#L39",
-"region":  {
-"startLine":  39,
-"startColumn":  30,
-"endLine":  39,
-"endColumn":  97
-}
-}
-}
-]
-}
diff --git a/analyzers/its/expected/akka.net/Akka.Streams.TestKit--netstandard2.0-S4818.json b/analyzers/its/expected/akka.net/Akka.Streams.TestKit--netstandard2.0-S4818.json
deleted file mode 100644
index 7b62d53ba00..00000000000
--- a/analyzers/its/expected/akka.net/Akka.Streams.TestKit--netstandard2.0-S4818.json
+++ /dev/null
@@ -1,17 +0,0 @@
-{
-"issues":  [
-{
-"id":  "S4818",
-"message":  "Make sure that sockets are used safely here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/akka.net/src/core/Akka.Streams.TestKit/TestUtils.cs#L20-L22",
-"region":  {
-"startLine":  20,
-"startColumn":  33,
-"endLine":  22,
-"endColumn":  59
-}
-}
-}
-]
-}
diff --git a/analyzers/its/expected/akka.net/Akka.Tests.Performance--netcoreapp3.1-S4818.json b/analyzers/its/expected/akka.net/Akka.Tests.Performance--netcoreapp3.1-S4818.json
deleted file mode 100644
index 53608db3a11..00000000000
--- a/analyzers/its/expected/akka.net/Akka.Tests.Performance--netcoreapp3.1-S4818.json
+++ /dev/null
@@ -1,17 +0,0 @@
-{
-"issues":  [
-{
-"id":  "S4818",
-"message":  "Make sure that sockets are used safely here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/akka.net/src/core/Akka.Tests.Performance/IO/TcpInboundOnlySpec.cs#L90",
-"region":  {
-"startLine":  90,
-"startColumn":  28,
-"endLine":  90,
-"endColumn":  103
-}
-}
-}
-]
-}