diff --git a/analyzers/its/expected/Automapper/AutoMapper--net461-S4784.json b/analyzers/its/expected/Automapper/AutoMapper--net461-S4784.json
deleted file mode 100644
index cec13d57dc2..00000000000
--- a/analyzers/its/expected/Automapper/AutoMapper--net461-S4784.json
+++ /dev/null
@@ -1,30 +0,0 @@
-{
-"issues": [
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/AutoMapper/src/AutoMapper/Configuration/INamingConvention.cs#L25",
-"region": {
-"startLine": 25,
-"startColumn": 52,
-"endLine": 25,
-"endColumn": 118
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/AutoMapper/src/AutoMapper/Configuration/INamingConvention.cs#L33",
-"region": {
-"startLine": 33,
-"startColumn": 57,
-"endLine": 33,
-"endColumn": 95
-}
-}
-}
-]
-}
diff --git a/analyzers/its/expected/Automapper/AutoMapper--netstandard2.0-S4784.json b/analyzers/its/expected/Automapper/AutoMapper--netstandard2.0-S4784.json
deleted file mode 100644
index cec13d57dc2..00000000000
--- a/analyzers/its/expected/Automapper/AutoMapper--netstandard2.0-S4784.json
+++ /dev/null
@@ -1,30 +0,0 @@
-{
-"issues": [
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/AutoMapper/src/AutoMapper/Configuration/INamingConvention.cs#L25",
-"region": {
-"startLine": 25,
-"startColumn": 52,
-"endLine": 25,
-"endColumn": 118
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/AutoMapper/src/AutoMapper/Configuration/INamingConvention.cs#L33",
-"region": {
-"startLine": 33,
-"startColumn": 57,
-"endLine": 33,
-"endColumn": 95
-}
-}
-}
-]
-}
diff --git a/analyzers/its/expected/Ember-MM/Ember Media Manager-{9B57D3AB-AF12-4012-B945-284C2448DC81}-S4784.json b/analyzers/its/expected/Ember-MM/Ember Media Manager-{9B57D3AB-AF12-4012-B945-284C2448DC81}-S4784.json
deleted file mode 100644
index 9e4b2d80f01..00000000000
--- a/analyzers/its/expected/Ember-MM/Ember Media Manager-{9B57D3AB-AF12-4012-B945-284C2448DC81}-S4784.json
+++ /dev/null
@@ -1,277 +0,0 @@
-{
-"issues": [
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Ember%20Media%20Manager/clsTheming.vb#L161",
-"region": {
-"startLine": 161,
-"startColumn": 16,
-"endLine": 161,
-"endColumn": 68
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Ember%20Media%20Manager/clsTheming.vb#L303",
-"region": {
-"startLine": 303,
-"startColumn": 39,
-"endLine": 303,
-"endColumn": 127
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Ember%20Media%20Manager/dlgManualEdit.vb#L154",
-"region": {
-"startLine": 154,
-"startColumn": 28,
-"endLine": 154,
-"endColumn": 106
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Ember%20Media%20Manager/dlgManualEdit.vb#L155",
-"region": {
-"startLine": 155,
-"startColumn": 31,
-"endLine": 155,
-"endColumn": 106
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Ember%20Media%20Manager/dlgManualEdit.vb#L160",
-"region": {
-"startLine": 160,
-"startColumn": 32,
-"endLine": 160,
-"endColumn": 124
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Ember%20Media%20Manager/dlgManualEdit.vb#L161",
-"region": {
-"startLine": 161,
-"startColumn": 35,
-"endLine": 161,
-"endColumn": 117
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Ember%20Media%20Manager/dlgManualEdit.vb#L178",
-"region": {
-"startLine": 178,
-"startColumn": 28,
-"endLine": 178,
-"endColumn": 83
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Ember%20Media%20Manager/dlgManualEdit.vb#L179",
-"region": {
-"startLine": 179,
-"startColumn": 31,
-"endLine": 179,
-"endColumn": 82
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Ember%20Media%20Manager/dlgManualEdit.vb#L186",
-"region": {
-"startLine": 186,
-"startColumn": 25,
-"endLine": 186,
-"endColumn": 83
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Ember%20Media%20Manager/dlgManualEdit.vb#L188",
-"region": {
-"startLine": 188,
-"startColumn": 32,
-"endLine": 188,
-"endColumn": 111
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Ember%20Media%20Manager/dlgManualEdit.vb#L190",
-"region": {
-"startLine": 190,
-"startColumn": 35,
-"endLine": 190,
-"endColumn": 105
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Ember%20Media%20Manager/dlgManualEdit.vb#L197",
-"region": {
-"startLine": 197,
-"startColumn": 29,
-"endLine": 197,
-"endColumn": 71
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Ember%20Media%20Manager/dlgManualEdit.vb#L200",
-"region": {
-"startLine": 200,
-"startColumn": 36,
-"endLine": 200,
-"endColumn": 89
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Ember%20Media%20Manager/dlgManualEdit.vb#L201",
-"region": {
-"startLine": 201,
-"startColumn": 39,
-"endLine": 201,
-"endColumn": 89
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Ember%20Media%20Manager/dlgManualEdit.vb#L211",
-"region": {
-"startLine": 211,
-"startColumn": 33,
-"endLine": 211,
-"endColumn": 73
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Ember%20Media%20Manager/dlgManualEdit.vb#L213",
-"region": {
-"startLine": 213,
-"startColumn": 40,
-"endLine": 213,
-"endColumn": 90
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Ember%20Media%20Manager/dlgManualEdit.vb#L214",
-"region": {
-"startLine": 214,
-"startColumn": 43,
-"endLine": 214,
-"endColumn": 91
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Ember%20Media%20Manager/dlgManualEdit.vb#L225",
-"region": {
-"startLine": 225,
-"startColumn": 44,
-"endLine": 225,
-"endColumn": 90
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Ember%20Media%20Manager/dlgManualEdit.vb#L227",
-"region": {
-"startLine": 227,
-"startColumn": 47,
-"endLine": 227,
-"endColumn": 94
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Ember%20Media%20Manager/dlgManualEdit.vb#L278",
-"region": {
-"startLine": 278,
-"startColumn": 26,
-"endLine": 278,
-"endColumn": 80
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Ember%20Media%20Manager/dlgManualEdit.vb#L279",
-"region": {
-"startLine": 279,
-"startColumn": 26,
-"endLine": 279,
-"endColumn": 80
-}
-}
-}
-]
-}
diff --git a/analyzers/its/expected/Ember-MM/EmberAPI-{208AA35E-C6AE-4D2D-A9DD-B6EFD19A4279}-S4784.json b/analyzers/its/expected/Ember-MM/EmberAPI-{208AA35E-C6AE-4D2D-A9DD-B6EFD19A4279}-S4784.json
deleted file mode 100644
index 0ee3904b8e9..00000000000
--- a/analyzers/its/expected/Ember-MM/EmberAPI-{208AA35E-C6AE-4D2D-A9DD-B6EFD19A4279}-S4784.json
+++ /dev/null
@@ -1,95 +0,0 @@
-{
-"issues": [
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/EmberAPI/clsAPIMediaInfo.vb#L393",
-"region": {
-"startLine": 393,
-"startColumn": 42,
-"endLine": 393,
-"endColumn": 110
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/EmberAPI/clsAPIMediaInfo.vb#L527",
-"region": {
-"startLine": 527,
-"startColumn": 34,
-"endLine": 527,
-"endColumn": 98
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/EmberAPI/clsAPINFO.vb#L441",
-"region": {
-"startLine": 441,
-"startColumn": 55,
-"endLine": 441,
-"endColumn": 211
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/EmberAPI/clsAPINFO.vb#L616",
-"region": {
-"startLine": 616,
-"startColumn": 59,
-"endLine": 616,
-"endColumn": 215
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/EmberAPI/clsAPIStringUtils.vb#L308",
-"region": {
-"startLine": 308,
-"startColumn": 169,
-"endLine": 308,
-"endColumn": 236
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/EmberAPI/clsAPIStringUtils.vb#L317",
-"region": {
-"startLine": 317,
-"startColumn": 16,
-"endLine": 317,
-"endColumn": 119
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/EmberAPI/clsAPIStringUtils.vb#L349",
-"region": {
-"startLine": 349,
-"startColumn": 12,
-"endLine": 349,
-"endColumn": 78
-}
-}
-}
-]
-}
diff --git a/analyzers/its/expected/Ember-MM/generic.EmberCore.NMT-{84B2143A-D04F-4262-923D-21AEDF86E2B7}-S4784.json b/analyzers/its/expected/Ember-MM/generic.EmberCore.NMT-{84B2143A-D04F-4262-923D-21AEDF86E2B7}-S4784.json
deleted file mode 100644
index 13d9edba457..00000000000
--- a/analyzers/its/expected/Ember-MM/generic.EmberCore.NMT-{84B2143A-D04F-4262-923D-21AEDF86E2B7}-S4784.json
+++ /dev/null
@@ -1,17 +0,0 @@
-{
-"issues": [
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/generic.EmberCore.NMT/dlgNMTMovies.vb#L280",
-"region": {
-"startLine": 280,
-"startColumn": 46,
-"endLine": 280,
-"endColumn": 110
-}
-}
-}
-]
-}
diff --git a/analyzers/its/expected/Ember-MM/scraper.EmberCore-{EF6A550E-DD76-4F4D-8250-8598140F828B}-S4784.json b/analyzers/its/expected/Ember-MM/scraper.EmberCore-{EF6A550E-DD76-4F4D-8250-8598140F828B}-S4784.json
deleted file mode 100644
index 27c37374f59..00000000000
--- a/analyzers/its/expected/Ember-MM/scraper.EmberCore-{EF6A550E-DD76-4F4D-8250-8598140F828B}-S4784.json
+++ /dev/null
@@ -1,563 +0,0 @@
-{
-"issues": [
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/clsScrapeIMDB.vb#L175",
-"region": {
-"startLine": 175,
-"startColumn": 85,
-"endLine": 175,
-"endColumn": 133
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/clsScrapeIMDB.vb#L200",
-"region": {
-"startLine": 200,
-"startColumn": 56,
-"endLine": 200,
-"endColumn": 130
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/clsScrapeIMDB.vb#L222",
-"region": {
-"startLine": 222,
-"startColumn": 56,
-"endLine": 222,
-"endColumn": 111
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/clsScrapeIMDB.vb#L248",
-"region": {
-"startLine": 248,
-"startColumn": 46,
-"endLine": 248,
-"endColumn": 87
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/clsScrapeIMDB.vb#L312",
-"region": {
-"startLine": 312,
-"startColumn": 52,
-"endLine": 312,
-"endColumn": 90
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/clsScrapeIMDB.vb#L315",
-"region": {
-"startLine": 315,
-"startColumn": 42,
-"endLine": 315,
-"endColumn": 115
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/clsScrapeIMDB.vb#L316",
-"region": {
-"startLine": 316,
-"startColumn": 42,
-"endLine": 316,
-"endColumn": 79
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/clsScrapeIMDB.vb#L317",
-"region": {
-"startLine": 317,
-"startColumn": 42,
-"endLine": 317,
-"endColumn": 114
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/clsScrapeIMDB.vb#L331",
-"region": {
-"startLine": 331,
-"startColumn": 53,
-"endLine": 331,
-"endColumn": 89
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/clsScrapeIMDB.vb#L367",
-"region": {
-"startLine": 367,
-"startColumn": 55,
-"endLine": 367,
-"endColumn": 108
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/clsScrapeIMDB.vb#L387",
-"region": {
-"startLine": 387,
-"startColumn": 55,
-"endLine": 387,
-"endColumn": 108
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/clsScrapeIMDB.vb#L411",
-"region": {
-"startLine": 411,
-"startColumn": 66,
-"endLine": 411,
-"endColumn": 119
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/clsScrapeIMDB.vb#L461",
-"region": {
-"startLine": 461,
-"startColumn": 61,
-"endLine": 461,
-"endColumn": 103
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/clsScrapeIMDB.vb#L464",
-"region": {
-"startLine": 464,
-"startColumn": 53,
-"endLine": 464,
-"endColumn": 107
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/clsScrapeIMDB.vb#L487",
-"region": {
-"startLine": 487,
-"startColumn": 57,
-"endLine": 487,
-"endColumn": 96
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/clsScrapeIMDB.vb#L503",
-"region": {
-"startLine": 503,
-"startColumn": 89,
-"endLine": 503,
-"endColumn": 141
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/clsScrapeIMDB.vb#L513",
-"region": {
-"startLine": 513,
-"startColumn": 49,
-"endLine": 513,
-"endColumn": 102
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/clsScrapeIMDB.vb#L522",
-"region": {
-"startLine": 522,
-"startColumn": 75,
-"endLine": 522,
-"endColumn": 126
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/clsScrapeIMDB.vb#L535",
-"region": {
-"startLine": 535,
-"startColumn": 43,
-"endLine": 535,
-"endColumn": 96
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/clsScrapeIMDB.vb#L557",
-"region": {
-"startLine": 557,
-"startColumn": 58,
-"endLine": 557,
-"endColumn": 112
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/clsScrapeIMDB.vb#L567",
-"region": {
-"startLine": 567,
-"startColumn": 42,
-"endLine": 567,
-"endColumn": 82
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/clsScrapeIMDB.vb#L579",
-"region": {
-"startLine": 579,
-"startColumn": 42,
-"endLine": 579,
-"endColumn": 80
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/clsScrapeIMDB.vb#L598",
-"region": {
-"startLine": 598,
-"startColumn": 49,
-"endLine": 598,
-"endColumn": 102
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/clsScrapeIMDB.vb#L626",
-"region": {
-"startLine": 626,
-"startColumn": 37,
-"endLine": 626,
-"endColumn": 90
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/clsScrapeIMDB.vb#L856",
-"region": {
-"startLine": 856,
-"startColumn": 57,
-"endLine": 856,
-"endColumn": 139
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/clsScrapeIMDB.vb#L865",
-"region": {
-"startLine": 865,
-"startColumn": 39,
-"endLine": 865,
-"endColumn": 91
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/clsScrapeIMDB.vb#L867",
-"region": {
-"startLine": 867,
-"startColumn": 44,
-"endLine": 867,
-"endColumn": 79
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/clsScrapeIMDB.vb#L879",
-"region": {
-"startLine": 879,
-"startColumn": 25,
-"endLine": 879,
-"endColumn": 78
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/clsScrapeIMDB.vb#L880",
-"region": {
-"startLine": 880,
-"startColumn": 44,
-"endLine": 880,
-"endColumn": 79
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/clsScrapeIMDB.vb#L893",
-"region": {
-"startLine": 893,
-"startColumn": 25,
-"endLine": 893,
-"endColumn": 77
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/clsScrapeIMDB.vb#L895",
-"region": {
-"startLine": 895,
-"startColumn": 43,
-"endLine": 895,
-"endColumn": 78
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/clsScrapeIMDB.vb#L913",
-"region": {
-"startLine": 913,
-"startColumn": 25,
-"endLine": 913,
-"endColumn": 78
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/clsScrapeIMDB.vb#L915",
-"region": {
-"startLine": 915,
-"startColumn": 42,
-"endLine": 915,
-"endColumn": 77
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/clsScrapeIMPA.vb#L85",
-"region": {
-"startLine": 85,
-"startColumn": 55,
-"endLine": 85,
-"endColumn": 135
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/clsScrapeIMPA.vb#L135",
-"region": {
-"startLine": 135,
-"startColumn": 49,
-"endLine": 135,
-"endColumn": 109
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/clsScrapeMPDB.vb#L87",
-"region": {
-"startLine": 87,
-"startColumn": 55,
-"endLine": 87,
-"endColumn": 167
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/clsScrapeOFDB.vb#L200",
-"region": {
-"startLine": 200,
-"startColumn": 66,
-"endLine": 200,
-"endColumn": 160
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/clsScrapeTrailers.vb#L101",
-"region": {
-"startLine": 101,
-"startColumn": 24,
-"endLine": 101,
-"endColumn": 117
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/clsScrapeYouTube.vb#L126",
-"region": {
-"startLine": 126,
-"startColumn": 16,
-"endLine": 126,
-"endColumn": 47
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/clsScrapeYouTube.vb#L127",
-"region": {
-"startLine": 127,
-"startColumn": 26,
-"endLine": 127,
-"endColumn": 55
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/clsScrapeYouTube.vb#L149",
-"region": {
-"startLine": 149,
-"startColumn": 30,
-"endLine": 149,
-"endColumn": 74
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/dlgTrailer.vb#L111",
-"region": {
-"startLine": 111,
-"startColumn": 16,
-"endLine": 111,
-"endColumn": 95
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/dlgTrailer.vb#L130",
-"region": {
-"startLine": 130,
-"startColumn": 16,
-"endLine": 130,
-"endColumn": 112
-}
-}
-}
-]
-}
diff --git a/analyzers/its/expected/Ember-MM/scraper.EmberCore.XML-{E567C031-1F7B-4637-9B3A-806988DE50CF}-S4784.json b/analyzers/its/expected/Ember-MM/scraper.EmberCore.XML-{E567C031-1F7B-4637-9B3A-806988DE50CF}-S4784.json
deleted file mode 100644
index 97c1d2a945d..00000000000
--- a/analyzers/its/expected/Ember-MM/scraper.EmberCore.XML-{E567C031-1F7B-4637-9B3A-806988DE50CF}-S4784.json
+++ /dev/null
@@ -1,173 +0,0 @@
-{
-"issues": [
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore.XML/XMLScraper/ScraperLib/Scraper.vb#L283",
-"region": {
-"startLine": 283,
-"startColumn": 42,
-"endLine": 283,
-"endColumn": 112
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore.XML/XMLScraper/ScraperLib/ScraperFunction.vb#L338",
-"region": {
-"startLine": 338,
-"startColumn": 36,
-"endLine": 338,
-"endColumn": 76
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore.XML/XMLScraper/ScraperLib/ScraperFunction.vb#L347",
-"region": {
-"startLine": 347,
-"startColumn": 36,
-"endLine": 347,
-"endColumn": 76
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore.XML/XMLScraper/ScraperLib/ScraperFunction.vb#L358",
-"region": {
-"startLine": 358,
-"startColumn": 40,
-"endLine": 358,
-"endColumn": 84
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore.XML/XMLScraper/ScraperLib/ScraperFunction.vb#L366",
-"region": {
-"startLine": 366,
-"startColumn": 40,
-"endLine": 366,
-"endColumn": 88
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore.XML/XMLScraper/ScraperLib/ScraperFunction.vb#L375",
-"region": {
-"startLine": 375,
-"startColumn": 36,
-"endLine": 375,
-"endColumn": 94
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore.XML/XMLScraper/ScraperLib/ScraperRegExp.vb#L453",
-"region": {
-"startLine": 453,
-"startColumn": 30,
-"endLine": 453,
-"endColumn": 61
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore.XML/XMLScraper/ScraperLib/ScraperRegExp.vb#L500",
-"region": {
-"startLine": 500,
-"startColumn": 39,
-"endLine": 500,
-"endColumn": 90
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore.XML/XMLScraper/ScraperLib/ScraperRegExp.vb#L501",
-"region": {
-"startLine": 501,
-"startColumn": 39,
-"endLine": 501,
-"endColumn": 88
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore.XML/XMLScraper/ScraperLib/ScraperRegExp.vb#L546",
-"region": {
-"startLine": 546,
-"startColumn": 39,
-"endLine": 546,
-"endColumn": 90
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore.XML/XMLScraper/ScraperLib/ScraperRegExp.vb#L547",
-"region": {
-"startLine": 547,
-"startColumn": 39,
-"endLine": 547,
-"endColumn": 88
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore.XML/XMLScraper/Utilities/Util.vb#L167",
-"region": {
-"startLine": 167,
-"startColumn": 40,
-"endLine": 167,
-"endColumn": 80
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore.XML/XMLScraper/Utilities/Util.vb#L208",
-"region": {
-"startLine": 208,
-"startColumn": 40,
-"endLine": 208,
-"endColumn": 80
-}
-}
-}
-]
-}
diff --git a/analyzers/its/expected/Nancy/Nancy--net452-S4784.json b/analyzers/its/expected/Nancy/Nancy--net452-S4784.json
deleted file mode 100644
index c32571816a3..00000000000
--- a/analyzers/its/expected/Nancy/Nancy--net452-S4784.json
+++ /dev/null
@@ -1,147 +0,0 @@
-{
-"issues": [
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Nancy/src/Nancy/Extensions/StringExtensions.cs#L23",
-"region": {
-"startLine": 23,
-"startColumn": 13,
-"endLine": 23,
-"endColumn": 107
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Nancy/src/Nancy/HttpMultipartBoundary.cs#L67",
-"region": {
-"startLine": 67,
-"startColumn": 37,
-"endLine": 67,
-"endColumn": 122
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Nancy/src/Nancy/Routing/Trie/Nodes/CaptureNodeWithMultipleParameters.cs#L19",
-"region": {
-"startLine": 19,
-"startColumn": 52,
-"endLine": 19,
-"endColumn": 101
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Nancy/src/Nancy/ViewEngines/SuperSimpleViewEngine/SuperSimpleViewEngine.cs#L23",
-"region": {
-"startLine": 23,
-"startColumn": 67,
-"endLine": 23,
-"endColumn": 166
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Nancy/src/Nancy/ViewEngines/SuperSimpleViewEngine/SuperSimpleViewEngine.cs#L28",
-"region": {
-"startLine": 28,
-"startColumn": 66,
-"endLine": 28,
-"endColumn": 163
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Nancy/src/Nancy/ViewEngines/SuperSimpleViewEngine/SuperSimpleViewEngine.cs#L33",
-"region": {
-"startLine": 33,
-"startColumn": 67,
-"endLine": 33,
-"endColumn": 166
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Nancy/src/Nancy/ViewEngines/SuperSimpleViewEngine/SuperSimpleViewEngine.cs#L38",
-"region": {
-"startLine": 38,
-"startColumn": 63,
-"endLine": 38,
-"endColumn": 237
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Nancy/src/Nancy/ViewEngines/SuperSimpleViewEngine/SuperSimpleViewEngine.cs#L43",
-"region": {
-"startLine": 43,
-"startColumn": 67,
-"endLine": 43,
-"endColumn": 166
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Nancy/src/Nancy/ViewEngines/SuperSimpleViewEngine/SuperSimpleViewEngine.cs#L63",
-"region": {
-"startLine": 63,
-"startColumn": 66,
-"endLine": 63,
-"endColumn": 214
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Nancy/src/Nancy/ViewEngines/SuperSimpleViewEngine/SuperSimpleViewEngine.cs#L73",
-"region": {
-"startLine": 73,
-"startColumn": 62,
-"endLine": 73,
-"endColumn": 202
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Nancy/src/Nancy/ViewEngines/SuperSimpleViewEngine/SuperSimpleViewEngine.cs#L88",
-"region": {
-"startLine": 88,
-"startColumn": 74,
-"endLine": 88,
-"endColumn": 172
-}
-}
-}
-]
-}
diff --git a/analyzers/its/expected/Nancy/Nancy--netstandard2.0-S4784.json b/analyzers/its/expected/Nancy/Nancy--netstandard2.0-S4784.json
deleted file mode 100644
index c32571816a3..00000000000
--- a/analyzers/its/expected/Nancy/Nancy--netstandard2.0-S4784.json
+++ /dev/null
@@ -1,147 +0,0 @@
-{
-"issues": [
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Nancy/src/Nancy/Extensions/StringExtensions.cs#L23",
-"region": {
-"startLine": 23,
-"startColumn": 13,
-"endLine": 23,
-"endColumn": 107
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Nancy/src/Nancy/HttpMultipartBoundary.cs#L67",
-"region": {
-"startLine": 67,
-"startColumn": 37,
-"endLine": 67,
-"endColumn": 122
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Nancy/src/Nancy/Routing/Trie/Nodes/CaptureNodeWithMultipleParameters.cs#L19",
-"region": {
-"startLine": 19,
-"startColumn": 52,
-"endLine": 19,
-"endColumn": 101
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Nancy/src/Nancy/ViewEngines/SuperSimpleViewEngine/SuperSimpleViewEngine.cs#L23",
-"region": {
-"startLine": 23,
-"startColumn": 67,
-"endLine": 23,
-"endColumn": 166
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Nancy/src/Nancy/ViewEngines/SuperSimpleViewEngine/SuperSimpleViewEngine.cs#L28",
-"region": {
-"startLine": 28,
-"startColumn": 66,
-"endLine": 28,
-"endColumn": 163
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Nancy/src/Nancy/ViewEngines/SuperSimpleViewEngine/SuperSimpleViewEngine.cs#L33",
-"region": {
-"startLine": 33,
-"startColumn": 67,
-"endLine": 33,
-"endColumn": 166
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Nancy/src/Nancy/ViewEngines/SuperSimpleViewEngine/SuperSimpleViewEngine.cs#L38",
-"region": {
-"startLine": 38,
-"startColumn": 63,
-"endLine": 38,
-"endColumn": 237
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Nancy/src/Nancy/ViewEngines/SuperSimpleViewEngine/SuperSimpleViewEngine.cs#L43",
-"region": {
-"startLine": 43,
-"startColumn": 67,
-"endLine": 43,
-"endColumn": 166
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Nancy/src/Nancy/ViewEngines/SuperSimpleViewEngine/SuperSimpleViewEngine.cs#L63",
-"region": {
-"startLine": 63,
-"startColumn": 66,
-"endLine": 63,
-"endColumn": 214
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Nancy/src/Nancy/ViewEngines/SuperSimpleViewEngine/SuperSimpleViewEngine.cs#L73",
-"region": {
-"startLine": 73,
-"startColumn": 62,
-"endLine": 73,
-"endColumn": 202
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Nancy/src/Nancy/ViewEngines/SuperSimpleViewEngine/SuperSimpleViewEngine.cs#L88",
-"region": {
-"startLine": 88,
-"startColumn": 74,
-"endLine": 88,
-"endColumn": 172
-}
-}
-}
-]
-}
diff --git a/analyzers/its/expected/akka.net/Akka--netstandard2.0-S4784.json b/analyzers/its/expected/akka.net/Akka--netstandard2.0-S4784.json
deleted file mode 100644
index 782912230a8..00000000000
--- a/analyzers/its/expected/akka.net/Akka--netstandard2.0-S4784.json
+++ /dev/null
@@ -1,30 +0,0 @@
-{
-"issues": [
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/akka.net/src/core/Akka/Configuration/Hocon/HoconValue.cs#L24",
-"region": {
-"startLine": 24,
-"startColumn": 55,
-"endLine": 24,
-"endColumn": 313
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/akka.net/src/core/Akka/Util/TypeExtensions.cs#L47-L49",
-"region": {
-"startLine": 47,
-"startColumn": 67,
-"endLine": 49,
-"endColumn": 93
-}
-}
-}
-]
-}
diff --git a/analyzers/its/expected/akka.net/Akka.Cluster.TestKit--netstandard2.0-S4784.json b/analyzers/its/expected/akka.net/Akka.Cluster.TestKit--netstandard2.0-S4784.json
deleted file mode 100644
index 7abdd5896f3..00000000000
--- a/analyzers/its/expected/akka.net/Akka.Cluster.TestKit--netstandard2.0-S4784.json
+++ /dev/null
@@ -1,30 +0,0 @@
-{
-"issues": [
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/akka.net/src/core/Akka.Cluster.TestKit/MultiNodeClusterSpec.cs#L214",
-"region": {
-"startLine": 214,
-"startColumn": 35,
-"endLine": 214,
-"endColumn": 76
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/akka.net/src/core/Akka.Cluster.TestKit/MultiNodeClusterSpec.cs#L221",
-"region": {
-"startLine": 221,
-"startColumn": 34,
-"endLine": 221,
-"endColumn": 73
-}
-}
-}
-]
-}
diff --git a/analyzers/its/expected/akka.net/Akka.Cluster.Tools--netstandard2.0-S4784.json b/analyzers/its/expected/akka.net/Akka.Cluster.Tools--netstandard2.0-S4784.json
deleted file mode 100644
index e7da64f75ed..00000000000
--- a/analyzers/its/expected/akka.net/Akka.Cluster.Tools--netstandard2.0-S4784.json
+++ /dev/null
@@ -1,17 +0,0 @@
-{
-"issues": [
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/akka.net/src/contrib/cluster/Akka.Cluster.Tools/PublishSubscribe/Internal/Topics.cs#L291",
-"region": {
-"startLine": 291,
-"startColumn": 74,
-"endLine": 291,
-"endColumn": 139
-}
-}
-}
-]
-}
diff --git a/analyzers/its/expected/akka.net/Akka.Discovery--netstandard2.0-S4784.json b/analyzers/its/expected/akka.net/Akka.Discovery--netstandard2.0-S4784.json
deleted file mode 100644
index c32039295fc..00000000000
--- a/analyzers/its/expected/akka.net/Akka.Discovery--netstandard2.0-S4784.json
+++ /dev/null
@@ -1,30 +0,0 @@
-{
-"issues": [
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/akka.net/src/core/Akka.Discovery/ServiceDiscovery.cs#L139-L140",
-"region": {
-"startLine": 139,
-"startColumn": 55,
-"endLine": 140,
-"endColumn": 93
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/akka.net/src/core/Akka.Discovery/ServiceDiscovery.cs#L163-L164",
-"region": {
-"startLine": 163,
-"startColumn": 57,
-"endLine": 164,
-"endColumn": 93
-}
-}
-}
-]
-}
diff --git a/analyzers/its/expected/akka.net/Akka.MultiNodeTestRunner.Shared--netstandard2.0-S4784.json b/analyzers/its/expected/akka.net/Akka.MultiNodeTestRunner.Shared--netstandard2.0-S4784.json
deleted file mode 100644
index 305db80aadf..00000000000
--- a/analyzers/its/expected/akka.net/Akka.MultiNodeTestRunner.Shared--netstandard2.0-S4784.json
+++ /dev/null
@@ -1,56 +0,0 @@
-{
-"issues": [
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/akka.net/src/core/Akka.MultiNodeTestRunner.Shared/Sinks/MessageSink.cs#L93",
-"region": {
-"startLine": 93,
-"startColumn": 63,
-"endLine": 93,
-"endColumn": 99
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/akka.net/src/core/Akka.MultiNodeTestRunner.Shared/Sinks/MessageSink.cs#L101",
-"region": {
-"startLine": 101,
-"startColumn": 66,
-"endLine": 101,
-"endColumn": 105
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/akka.net/src/core/Akka.MultiNodeTestRunner.Shared/Sinks/MessageSink.cs#L107",
-"region": {
-"startLine": 107,
-"startColumn": 65,
-"endLine": 107,
-"endColumn": 103
-}
-}
-},
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/akka.net/src/core/Akka.MultiNodeTestRunner.Shared/Sinks/MessageSink.cs#L110",
-"region": {
-"startLine": 110,
-"startColumn": 64,
-"endLine": 110,
-"endColumn": 101
-}
-}
-}
-]
-}
diff --git a/analyzers/its/expected/akka.net/Akka.Persistence--netstandard2.0-S4784.json b/analyzers/its/expected/akka.net/Akka.Persistence--netstandard2.0-S4784.json
deleted file mode 100644
index 19f1402c629..00000000000
--- a/analyzers/its/expected/akka.net/Akka.Persistence--netstandard2.0-S4784.json
+++ /dev/null
@@ -1,17 +0,0 @@
-{
-"issues": [
-{
-"id": "S4784",
-"message": "Make sure that using a regular expression is safe here.",
-"location": {
-"uri": "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/akka.net/src/core/Akka.Persistence/Snapshot/LocalSnapshotStore.cs#L30",
-"region": {
-"startLine": 30,
-"startColumn": 55,
-"endLine": 30,
-"endColumn": 118
-}
-}
-}
-]
-}
diff --git a/analyzers/rspec/cs/S4784.html b/analyzers/rspec/cs/S4784.html
deleted file mode 100644
index d0809987146..00000000000
--- a/analyzers/rspec/cs/S4784.html
+++ /dev/null
@@ -1,89 +0,0 @@
-This rule is deprecated; use {rule:roslyn.sonaranalyzer.security.cs:S2631} instead.
-Using regular expressions is security-sensitive. It has led in the past to the following vulnerabilities:
-
-Evaluating regular expressions against input strings is potentially an extremely CPU-intensive task. Specially crafted regular expressions such as
-(a+)+s will take several seconds to evaluate the input string aaaaaaaaaaaaaaaaaaaaaaaaaaaaabs. The problem is that with
-every additional a character added to the input, the time required to evaluate the regex doubles. However, the equivalent regular
-expression, a+s (without grouping) is efficiently evaluated in milliseconds and scales linearly with the input size.
-Evaluating such regular expressions opens the door to Regular expression Denial of Service (ReDoS) attacks.
-In the context of a web application, attackers can force the web server to spend all of its resources evaluating regular expressions thereby making
-the service inaccessible to genuine users.
-This rule flags any execution of a hardcoded regular expression which has at least 3 characters and at least two instances of any of the following
-characters: *+{.
-Example: (a+)*
-Ask Yourself Whether
-
- - the executed regular expression is sensitive and a user can provide a string which will be analyzed by this regular expression.
- - your regular expression engine performance decrease with specially crafted inputs and regular expressions.
-
-There is a risk if you answered yes to any of those questions.
-Recommended Secure Coding Practices
-Check whether your regular expression engine (the algorithm executing your regular expression) has any known vulnerabilities. Search for
-vulnerability reports mentioning the one engine you’re are using.
-If the regular expression is vulnerable to ReDos attacks, mitigate the risk by using a "match timeout" to limit the time spent running the regular
-expression.
-Remember also that a ReDos attack is possible if a user-provided regular expression is executed. This rule won’t detect this kind of injection.
-Sensitive Code Example
-
-using System;
-using System.Collections.Generic;
-using System.Linq;
-using System.Runtime.Serialization;
-using System.Text.RegularExpressions;
-using System.Web;
-
-namespace N
-{
- public class RegularExpression
- {
- void Foo(RegexOptions options, TimeSpan matchTimeout, string input,
- string replacement, MatchEvaluator evaluator)
- {
- // All the following instantiations are Sensitive.
- new System.Text.RegularExpressions.Regex("(a+)+");
- new System.Text.RegularExpressions.Regex("(a+)+", options);
- new System.Text.RegularExpressions.Regex("(a+)+", options, matchTimeout);
-
- // All the following static methods are Sensitive.
- System.Text.RegularExpressions.Regex.IsMatch(input, "(a+)+");
- System.Text.RegularExpressions.Regex.IsMatch(input, "(a+)+", options);
- System.Text.RegularExpressions.Regex.IsMatch(input, "(a+)+", options, matchTimeout);
-
- System.Text.RegularExpressions.Regex.Match(input, "(a+)+");
- System.Text.RegularExpressions.Regex.Match(input, "(a+)+", options);
- System.Text.RegularExpressions.Regex.Match(input, "(a+)+", options, matchTimeout);
-
- System.Text.RegularExpressions.Regex.Matches(input, "(a+)+");
- System.Text.RegularExpressions.Regex.Matches(input, "(a+)+", options);
- System.Text.RegularExpressions.Regex.Matches(input, "(a+)+", options, matchTimeout);
-
- System.Text.RegularExpressions.Regex.Replace(input, "(a+)+", evaluator);
- System.Text.RegularExpressions.Regex.Replace(input, "(a+)+", evaluator, options);
- System.Text.RegularExpressions.Regex.Replace(input, "(a+)+", evaluator, options, matchTimeout);
- System.Text.RegularExpressions.Regex.Replace(input, "(a+)+", replacement);
- System.Text.RegularExpressions.Regex.Replace(input, "(a+)+", replacement, options);
- System.Text.RegularExpressions.Regex.Replace(input, "(a+)+", replacement, options, matchTimeout);
-
- System.Text.RegularExpressions.Regex.Split(input, "(a+)+");
- System.Text.RegularExpressions.Regex.Split(input, "(a+)+", options);
- System.Text.RegularExpressions.Regex.Split(input, "(a+)+", options, matchTimeout);
- }
- }
-}
-
-Exceptions
-Some corner-case regular expressions will not raise an issue even though they might be vulnerable. For example: (a|aa)+,
-(a|a?)+.
-It is a good idea to test your regular expression if it has the same pattern on both side of a "|".
-See
-
-
diff --git a/analyzers/rspec/cs/S4784.json b/analyzers/rspec/cs/S4784.json
deleted file mode 100644
index 30dd19f4504..00000000000
--- a/analyzers/rspec/cs/S4784.json
+++ /dev/null
@@ -1,10 +0,0 @@
-{
- "title": "Using regular expressions is security-sensitive",
- "type": "SECURITY_HOTSPOT",
- "status": "deprecated",
- "tags": [],
- "defaultSeverity": "Critical",
- "ruleSpecification": "RSPEC-4784",
- "sqKey": "S4784",
- "scope": "Main"
-}
diff --git a/analyzers/rspec/vbnet/S4784.html b/analyzers/rspec/vbnet/S4784.html
deleted file mode 100644
index a67b5c18960..00000000000
--- a/analyzers/rspec/vbnet/S4784.html
+++ /dev/null
@@ -1,85 +0,0 @@
-Using regular expressions is security-sensitive. It has led in the past to the following vulnerabilities:
-
-Evaluating regular expressions against input strings is potentially an extremely CPU-intensive task. Specially crafted regular expressions such as
-(a+)+s will take several seconds to evaluate the input string aaaaaaaaaaaaaaaaaaaaaaaaaaaaabs. The problem is that with
-every additional a character added to the input, the time required to evaluate the regex doubles. However, the equivalent regular
-expression, a+s (without grouping) is efficiently evaluated in milliseconds and scales linearly with the input size.
-Evaluating such regular expressions opens the door to Regular expression Denial of Service (ReDoS) attacks.
-In the context of a web application, attackers can force the web server to spend all of its resources evaluating regular expressions thereby making
-the service inaccessible to genuine users.
-This rule flags any execution of a hardcoded regular expression which has at least 3 characters and at least two instances of any of the following
-characters: *+{.
-Example: (a+)*
-Ask Yourself Whether
-
- - the executed regular expression is sensitive and a user can provide a string which will be analyzed by this regular expression.
- - your regular expression engine performance decrease with specially crafted inputs and regular expressions.
-
-There is a risk if you answered yes to any of those questions.
-Recommended Secure Coding Practices
-Check whether your regular expression engine (the algorithm executing your regular expression) has any known vulnerabilities. Search for
-vulnerability reports mentioning the one engine you’re are using.
-If the regular expression is vulnerable to ReDos attacks, mitigate the risk by using a "match timeout" to limit the time spent running the regular
-expression.
-Remember also that a ReDos attack is possible if a user-provided regular expression is executed. This rule won’t detect this kind of injection.
-Sensitive Code Example
-
-Imports System
-Imports System.Collections.Generic
-Imports System.Linq
-Imports System.Runtime.Serialization
-Imports System.Text.RegularExpressions
-Imports System.Web
-
-Namespace N
- Public Class RegularExpression
- Private Sub Foo(ByVal pattern As String, ByVal options As RegexOptions, ByVal matchTimeout As TimeSpan,
- ByVal input As String, ByVal replacement As String, ByVal evaluator As MatchEvaluator)
- ' All the following instantiations are Sensitive. Validate the regular expression and matched input.
- Dim r As Regex = New System.Text.RegularExpressions.Regex("(a+)+b")
- r = New System.Text.RegularExpressions.Regex("(a+)+b", options)
- r = New System.Text.RegularExpressions.Regex("(a+)+b", options, matchTimeout)
-
- ' All the following static methods are Sensitive.
- System.Text.RegularExpressions.Regex.IsMatch(input, "(a+)+b")
- System.Text.RegularExpressions.Regex.IsMatch(input, "(a+)+b", options)
- System.Text.RegularExpressions.Regex.IsMatch(input, "(a+)+b", options, matchTimeout)
-
- System.Text.RegularExpressions.Regex.Match(input, "(a+)+b")
- System.Text.RegularExpressions.Regex.Match(input, "(a+)+b", options)
- System.Text.RegularExpressions.Regex.Match(input, "(a+)+b", options, matchTimeout)
-
- System.Text.RegularExpressions.Regex.Matches(input, "(a+)+b")
- System.Text.RegularExpressions.Regex.Matches(input, "(a+)+b", options)
- System.Text.RegularExpressions.Regex.Matches(input, "(a+)+b", options, matchTimeout)
-
- System.Text.RegularExpressions.Regex.Replace(input, "(a+)+b", evaluator)
- System.Text.RegularExpressions.Regex.Replace(input, "(a+)+b", evaluator, options)
- System.Text.RegularExpressions.Regex.Replace(input, "(a+)+b", evaluator, options, matchTimeout)
- System.Text.RegularExpressions.Regex.Replace(input, "(a+)+b", replacement)
- System.Text.RegularExpressions.Regex.Replace(input, "(a+)+b", replacement, options)
- System.Text.RegularExpressions.Regex.Replace(input, "(a+)+b", replacement, options, matchTimeout)
-
- System.Text.RegularExpressions.Regex.Split(input, "(a+)+b")
- System.Text.RegularExpressions.Regex.Split(input, "(a+)+b", options)
- System.Text.RegularExpressions.Regex.Split(input, "(a+)+b", options, matchTimeout)
- End Sub
- End Class
-End Namespace
-
-Exceptions
-Some corner-case regular expressions will not raise an issue even though they might be vulnerable. For example: (a|aa)+,
-(a|a?)+.
-It is a good idea to test your regular expression if it has the same pattern on both side of a "|".
-See
-
-
diff --git a/analyzers/rspec/vbnet/S4784.json b/analyzers/rspec/vbnet/S4784.json
deleted file mode 100644
index 8e9f094db8f..00000000000
--- a/analyzers/rspec/vbnet/S4784.json
+++ /dev/null
@@ -1,10 +0,0 @@
-{
- "title": "Using regular expressions is security-sensitive",
- "type": "SECURITY_HOTSPOT",
- "status": "ready",
- "tags": [],
- "defaultSeverity": "Critical",
- "ruleSpecification": "RSPEC-4784",
- "sqKey": "S4784",
- "scope": "Main"
-}
diff --git a/analyzers/src/SonarAnalyzer.CSharp/Rules/Hotspots/UsingRegularExpressions.cs b/analyzers/src/SonarAnalyzer.CSharp/Rules/Hotspots/UsingRegularExpressions.cs
deleted file mode 100644
index 084c30d51da..00000000000
--- a/analyzers/src/SonarAnalyzer.CSharp/Rules/Hotspots/UsingRegularExpressions.cs
+++ /dev/null
@@ -1,47 +0,0 @@
-/*
- * SonarAnalyzer for .NET
- * Copyright (C) 2015-2023 SonarSource SA
- * mailto: contact AT sonarsource DOT com
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 3 of the License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public License
- * along with this program; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
- */
-
-namespace SonarAnalyzer.Rules.CSharp
-{
- [DiagnosticAnalyzer(LanguageNames.CSharp)]
- public sealed class UsingRegularExpressions : UsingRegularExpressionsBase
- {
- protected override ILanguageFacade Language => CSharpFacade.Instance;
-
- public UsingRegularExpressions() : this(AnalyzerConfiguration.Hotspot) { }
-
- internal /*for testing*/ UsingRegularExpressions(IAnalyzerConfiguration configuration) : base(configuration) { }
-
- protected override string GetStringLiteralAtIndex(InvocationContext context, int index) =>
- context.Node is InvocationExpressionSyntax invocation
- ? GetStringValue(context.SemanticModel, invocation.ArgumentList, index)
- : null;
-
- protected override string GetStringLiteralAtIndex(ObjectCreationContext context, int index) =>
- context.Node is ObjectCreationExpressionSyntax objectCreation
- ? GetStringValue(context.SemanticModel, objectCreation.ArgumentList, index)
- : null;
-
- private static string GetStringValue(SemanticModel semanticModel, ArgumentListSyntax argumentList, int index) =>
- argumentList.Get(index) is { } argument
- ? argument.FindStringConstant(semanticModel)
- : null;
- }
-}
diff --git a/analyzers/src/SonarAnalyzer.Common/Rules/Hotspots/UsingRegularExpressionsBase.cs b/analyzers/src/SonarAnalyzer.Common/Rules/Hotspots/UsingRegularExpressionsBase.cs
deleted file mode 100644
index 0c173468936..00000000000
--- a/analyzers/src/SonarAnalyzer.Common/Rules/Hotspots/UsingRegularExpressionsBase.cs
+++ /dev/null
@@ -1,68 +0,0 @@
-/*
- * SonarAnalyzer for .NET
- * Copyright (C) 2015-2023 SonarSource SA
- * mailto: contact AT sonarsource DOT com
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 3 of the License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public License
- * along with this program; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
- */
-
-namespace SonarAnalyzer.Rules
-{
- public abstract class UsingRegularExpressionsBase : TrackerHotspotDiagnosticAnalyzer
- where TSyntaxKind : struct
- {
- protected const string DiagnosticId = "S4784";
- private const string MessageFormat = "Make sure that using a regular expression is safe here.";
- private const int MinRegexLength = 3;
-
- private readonly ISet specialCharacters = new HashSet { '{', '+', '*' };
-
- protected abstract string GetStringLiteralAtIndex(InvocationContext context, int index);
- protected abstract string GetStringLiteralAtIndex(ObjectCreationContext context, int index);
-
- protected UsingRegularExpressionsBase(IAnalyzerConfiguration configuration)
- : base(configuration, DiagnosticId, MessageFormat) { }
-
- protected override void Initialize(TrackerInput input)
- {
- var inv = Language.Tracker.Invocation;
- inv.Track(input,
- inv.MatchMethod(
- new MemberDescriptor(KnownType.System_Text_RegularExpressions_Regex, "IsMatch"),
- new MemberDescriptor(KnownType.System_Text_RegularExpressions_Regex, "Match"),
- new MemberDescriptor(KnownType.System_Text_RegularExpressions_Regex, "Matches"),
- new MemberDescriptor(KnownType.System_Text_RegularExpressions_Regex, "Replace"),
- new MemberDescriptor(KnownType.System_Text_RegularExpressions_Regex, "Split")),
- SecondArgumentIsHardcodedRegex(),
- inv.MethodIsStatic());
-
- var oc = Language.Tracker.ObjectCreation;
- oc.Track(input,
- oc.MatchConstructor(KnownType.System_Text_RegularExpressions_Regex),
- FirstArgumentIsHardcodedRegex());
- }
-
- private TrackerBase.Condition SecondArgumentIsHardcodedRegex() =>
- context => GetStringLiteralAtIndex(context, 1) is string hardcodedString && IsComplexRegex(hardcodedString);
-
- private TrackerBase.Condition FirstArgumentIsHardcodedRegex() =>
- context => GetStringLiteralAtIndex(context, 0) is string hardcodedString && IsComplexRegex(hardcodedString);
-
- private bool IsComplexRegex(string s) =>
- s != null
- && s.Length >= MinRegexLength
- && s.ToCharArray().Count(c => specialCharacters.Contains(c)) > 1;
- }
-}
diff --git a/analyzers/src/SonarAnalyzer.VisualBasic/Rules/Hotspots/UsingRegularExpressions.cs b/analyzers/src/SonarAnalyzer.VisualBasic/Rules/Hotspots/UsingRegularExpressions.cs
deleted file mode 100644
index 6ef57ea7b58..00000000000
--- a/analyzers/src/SonarAnalyzer.VisualBasic/Rules/Hotspots/UsingRegularExpressions.cs
+++ /dev/null
@@ -1,47 +0,0 @@
-/*
- * SonarAnalyzer for .NET
- * Copyright (C) 2015-2023 SonarSource SA
- * mailto: contact AT sonarsource DOT com
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 3 of the License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public License
- * along with this program; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
- */
-
-namespace SonarAnalyzer.Rules.VisualBasic
-{
- [DiagnosticAnalyzer(LanguageNames.VisualBasic)]
- public sealed class UsingRegularExpressions : UsingRegularExpressionsBase
- {
- protected override ILanguageFacade Language => VisualBasicFacade.Instance;
-
- public UsingRegularExpressions() : this(AnalyzerConfiguration.Hotspot) { }
-
- internal /*for testing*/ UsingRegularExpressions(IAnalyzerConfiguration configuration) : base(configuration) { }
-
- protected override string GetStringLiteralAtIndex(InvocationContext context, int index) =>
- context.Node is InvocationExpressionSyntax invocation
- ? GetStringValue(context.SemanticModel, invocation.ArgumentList, index)
- : null;
-
- protected override string GetStringLiteralAtIndex(ObjectCreationContext context, int index) =>
- context.Node is ObjectCreationExpressionSyntax objectCreation
- ? GetStringValue(context.SemanticModel, objectCreation.ArgumentList, index)
- : null;
-
- private static string GetStringValue(SemanticModel semanticModel, ArgumentListSyntax argumentList, int index) =>
- argumentList.Get(index) is { } argument
- ? argument.FindStringConstant(semanticModel)
- : null;
- }
-}
diff --git a/analyzers/tests/SonarAnalyzer.UnitTest/Common/SecurityHotspotTest.cs b/analyzers/tests/SonarAnalyzer.UnitTest/Common/SecurityHotspotTest.cs
index c593475040d..12d56c86756 100644
--- a/analyzers/tests/SonarAnalyzer.UnitTest/Common/SecurityHotspotTest.cs
+++ b/analyzers/tests/SonarAnalyzer.UnitTest/Common/SecurityHotspotTest.cs
@@ -106,7 +106,6 @@ private static IEnumerable GetAdditionalReferences(string ana
nameof(DoNotUseRandom) => MetadataReferenceFacade.SystemSecurityCryptography,
nameof(ExpandingArchives) => ExpandingArchivesTest.AdditionalReferences,
nameof(RequestsWithExcessiveLength) => RequestsWithExcessiveLengthTest.GetAdditionalReferences(),
- nameof(UsingRegularExpressions) => MetadataReferenceFacade.RegularExpressions,
nameof(SpecifyTimeoutOnRegex) => MetadataReferenceFacade.RegularExpressions
.Concat(NuGetMetadataReference.SystemComponentModelAnnotations()),
diff --git a/analyzers/tests/SonarAnalyzer.UnitTest/PackagingTests/RuleTypeMappingCS.cs b/analyzers/tests/SonarAnalyzer.UnitTest/PackagingTests/RuleTypeMappingCS.cs
index 2897f98cd01..e706c7434a1 100644
--- a/analyzers/tests/SonarAnalyzer.UnitTest/PackagingTests/RuleTypeMappingCS.cs
+++ b/analyzers/tests/SonarAnalyzer.UnitTest/PackagingTests/RuleTypeMappingCS.cs
@@ -4708,7 +4708,7 @@ internal static class RuleTypeMappingCS
// ["S4781"],
// ["S4782"],
// ["S4783"],
- ["S4784"] = "SECURITY_HOTSPOT",
+ // ["S4784"],
// ["S4785"],
// ["S4786"],
// ["S4787"],
diff --git a/analyzers/tests/SonarAnalyzer.UnitTest/PackagingTests/RuleTypeMappingVB.cs b/analyzers/tests/SonarAnalyzer.UnitTest/PackagingTests/RuleTypeMappingVB.cs
index a3bf89cf805..e98c3e279c2 100644
--- a/analyzers/tests/SonarAnalyzer.UnitTest/PackagingTests/RuleTypeMappingVB.cs
+++ b/analyzers/tests/SonarAnalyzer.UnitTest/PackagingTests/RuleTypeMappingVB.cs
@@ -4708,7 +4708,7 @@ internal static class RuleTypeMappingVB
// ["S4781"],
// ["S4782"],
// ["S4783"],
- ["S4784"] = "SECURITY_HOTSPOT",
+ // ["S4784"],
// ["S4785"],
// ["S4786"],
// ["S4787"],
diff --git a/analyzers/tests/SonarAnalyzer.UnitTest/Rules/Hotspots/UsingRegularExpressionsTest.cs b/analyzers/tests/SonarAnalyzer.UnitTest/Rules/Hotspots/UsingRegularExpressionsTest.cs
deleted file mode 100644
index 3a78cf8d972..00000000000
--- a/analyzers/tests/SonarAnalyzer.UnitTest/Rules/Hotspots/UsingRegularExpressionsTest.cs
+++ /dev/null
@@ -1,62 +0,0 @@
-/*
- * SonarAnalyzer for .NET
- * Copyright (C) 2015-2023 SonarSource SA
- * mailto: contact AT sonarsource DOT com
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 3 of the License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public License
- * along with this program; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
- */
-
-using CS = SonarAnalyzer.Rules.CSharp;
-using VB = SonarAnalyzer.Rules.VisualBasic;
-
-namespace SonarAnalyzer.UnitTest.Rules
-{
- [TestClass]
- public class UsingRegularExpressionsTest
- {
- private readonly VerifierBuilder builderCS = new VerifierBuilder().WithBasePath("Hotspots").AddAnalyzer(() => new CS.UsingRegularExpressions(AnalyzerConfiguration.AlwaysEnabled));
- private readonly VerifierBuilder builderVB = new VerifierBuilder().WithBasePath("Hotspots").AddAnalyzer(() => new VB.UsingRegularExpressions(AnalyzerConfiguration.AlwaysEnabled));
-
- [TestMethod]
- public void UsingRegularExpressions_CS() =>
- builderCS.AddPaths("UsingRegularExpressions.cs")
- .AddReferences(MetadataReferenceFacade.RegularExpressions)
- .Verify();
-
-#if NET
-
- [TestMethod]
- public void UsingRegularExpressions_CSharp10() =>
- builderCS.AddPaths("UsingRegularExpressions.CSharp10.cs")
- .AddReferences(MetadataReferenceFacade.RegularExpressions)
- .WithOptions(ParseOptionsHelper.FromCSharp10)
- .Verify();
-
- [TestMethod]
- public void UsingRegularExpressions_CSharp11() =>
- builderCS.AddPaths("UsingRegularExpressions.CSharp11.cs")
- .AddReferences(MetadataReferenceFacade.RegularExpressions)
- .WithOptions(ParseOptionsHelper.FromCSharp11)
- .Verify();
-
-#endif
-
- [TestMethod]
- public void UsingRegularExpressions_VB() =>
- builderVB.AddPaths("UsingRegularExpressions.vb")
- .AddReferences(MetadataReferenceFacade.RegularExpressions)
- .Verify();
- }
-}
diff --git a/analyzers/tests/SonarAnalyzer.UnitTest/TestCases/Hotspots/UsingRegularExpressions.CSharp10.cs b/analyzers/tests/SonarAnalyzer.UnitTest/TestCases/Hotspots/UsingRegularExpressions.CSharp10.cs
deleted file mode 100644
index 9943d8610f6..00000000000
--- a/analyzers/tests/SonarAnalyzer.UnitTest/TestCases/Hotspots/UsingRegularExpressions.CSharp10.cs
+++ /dev/null
@@ -1,21 +0,0 @@
-using System;
-using System.Text.RegularExpressions;
-
-namespace Tests.Diagnostics
-{
- class Program
- {
- const string part1 = "a";
- const string part2 = "b";
- const string compliant = $"{part1}{part2}";
- const string plus = "+";
- const string noncompliant = $"{part1}{plus}{part2}{plus}";
-
- void Main(string s)
- {
- Regex r;
- r = new Regex(compliant); // Compliant
- r = new Regex(noncompliant); // Noncompliant
- }
- }
-}
diff --git a/analyzers/tests/SonarAnalyzer.UnitTest/TestCases/Hotspots/UsingRegularExpressions.CSharp11.cs b/analyzers/tests/SonarAnalyzer.UnitTest/TestCases/Hotspots/UsingRegularExpressions.CSharp11.cs
deleted file mode 100644
index 47e0882d376..00000000000
--- a/analyzers/tests/SonarAnalyzer.UnitTest/TestCases/Hotspots/UsingRegularExpressions.CSharp11.cs
+++ /dev/null
@@ -1,14 +0,0 @@
-using System;
-using System.Text.RegularExpressions;
-
-namespace Tests.Diagnostics
-{
- class Program
- {
- void Main(string s)
- {
- Regex r;
- r = new Regex("""{abc}+{a}"""); // Noncompliant
- }
- }
-}
diff --git a/analyzers/tests/SonarAnalyzer.UnitTest/TestCases/Hotspots/UsingRegularExpressions.cs b/analyzers/tests/SonarAnalyzer.UnitTest/TestCases/Hotspots/UsingRegularExpressions.cs
deleted file mode 100644
index 1e419d25b27..00000000000
--- a/analyzers/tests/SonarAnalyzer.UnitTest/TestCases/Hotspots/UsingRegularExpressions.cs
+++ /dev/null
@@ -1,120 +0,0 @@
-using System;
-using System.Text.RegularExpressions;
-using RE = System.Text.RegularExpressions.Regex;
-using static System.Text.RegularExpressions.Regex;
-
-namespace Tests.Diagnostics
-{
- class Program
- {
- string longField = "a+a+";
- string shortField = "x";
-
- void Main(string s)
- {
- Regex r;
- r = new Regex(""); // Compliant, less than 3 characters
- r = new Regex("**"); // Compliant, less than 3 characters
- r = new Regex("+*"); // Compliant, less than 3 characters
- r = new Regex("abcdefghijklmnopqrst"); // Compliant, does not have the special characters
- r = new Regex("abcdefghijklmnopqrst+"); // Compliant, has only 1 special character
- r = new Regex("{abc}+defghijklmnopqrst"); // Noncompliant
- r = new Regex("{abc}+{a}"); // Noncompliant {{Make sure that using a regular expression is safe here.}}
-// ^^^^^^^^^^^^^^^^^^^^^^
- r = new Regex("+++"); // Noncompliant
- r = new Regex(@"\+\+\+"); // Noncompliant FP (escaped special characters)
- r = new Regex("{{{"); // Noncompliant
- r = new Regex(@"\{\{\{"); // Noncompliant FP (escaped special characters)
- r = new Regex("***"); // Noncompliant
- r = new Regex(@"\*\*\*"); // Noncompliant FP (escaped special characters)
- r = new Regex("(a+)+s", RegexOptions.Compiled); // Noncompliant
- r = new Regex("(a+)+s", RegexOptions.Compiled, TimeSpan.Zero); // Noncompliant
- r = new Regex("{ab}*{ab}+{cd}+foo*"); // Noncompliant
-
- Regex.IsMatch("", "(a+)+s"); // Noncompliant
-// ^^^^^^^^^^^^^^^^^^^^^^^^^^^
- Regex.IsMatch(s, "(a+)+s", RegexOptions.Compiled); // Noncompliant
- Regex.IsMatch("", "{foo}{bar}", RegexOptions.Compiled, TimeSpan.Zero); // Noncompliant
-
- Regex.Match(s, "{foo}{bar}"); // Noncompliant
- Regex.Match("", "{foo}{bar}", RegexOptions.Compiled); // Noncompliant
- Regex.Match("", "{foo}{bar}", RegexOptions.Compiled, TimeSpan.Zero); // Noncompliant
-
- Regex.Matches(s, "{foo}{bar}"); // Noncompliant
- Regex.Matches("", "{foo}{bar}", RegexOptions.Compiled); // Noncompliant
- Regex.Matches("", "{foo}{bar}", RegexOptions.Compiled, TimeSpan.Zero); // Noncompliant
-
- Regex.Replace(s, "ab*cd*", match => ""); // Noncompliant
- Regex.Replace("", "ab*cd*", ""); // Noncompliant
- Regex.Replace("", "ab*cd*", match => "", RegexOptions.Compiled); // Noncompliant
- Regex.Replace("", "ab*cd*", s, RegexOptions.Compiled); // Noncompliant
- Regex.Replace("", "ab*cd*", match => "", RegexOptions.Compiled, TimeSpan.Zero); // Noncompliant
- Regex.Replace("", "ab*cd*", "", RegexOptions.Compiled, TimeSpan.Zero); // Noncompliant
- Regex.Replace("", "ab\\*cd\\*", "", RegexOptions.Compiled, TimeSpan.Zero); // Noncompliant FP (escaped special characters)
-
- Regex.Split("", "a+a+"); // Noncompliant
- Regex.Split("", "a+a+", RegexOptions.Compiled); // Noncompliant
- Regex.Split("", "a+a+", RegexOptions.Compiled, TimeSpan.Zero); // Noncompliant
-
- new System.Text.RegularExpressions.Regex("a+a+"); // Noncompliant
- new RE("a+b+"); // Noncompliant
- System.Text.RegularExpressions.Regex.IsMatch("", "{}{}"); // Noncompliant
- RE.IsMatch("", "a**"); // Noncompliant
- IsMatch("", "b**"); // Noncompliant
-
- // Non-static methods are compliant
- r.IsMatch("a+a+");
- r.IsMatch("{ab}*{ab}+{cd}+foo*", 0);
-
- r.Match("{ab}*{ab}+{cd}+foo*");
- r.Match("{ab}*{ab}+{cd}+foo*", 0);
- r.Match("{ab}*{ab}+{cd}+foo*", 0, 1);
-
- r.Matches("{ab}*{ab}+{cd}+foo*");
- r.Matches("{ab}*{ab}+{cd}+foo*", 0);
-
- r.Replace("{ab}*{ab}+{cd}+foo*", match => "{ab}*{ab}+{cd}+foo*");
- r.Replace("{ab}*{ab}+{cd}+foo*", "{ab}*{ab}+{cd}+foo*");
- r.Replace("{ab}*{ab}+{cd}+foo*", match => "{ab}*{ab}+{cd}+foo*", 0);
- r.Replace("{ab}*{ab}+{cd}+foo*", "{ab}*{ab}+{cd}+foo*", 0);
- r.Replace("{ab}*{ab}+{cd}+foo*", match => "{ab}*{ab}+{cd}+foo*", 0, 0);
- r.Replace("{ab}*{ab}+{cd}+foo*", "{ab}*{ab}+{cd}+foo*", 0, 0);
-
- r.Split("{ab}*{ab}+{cd}+foo*");
- r.Split("{ab}*{ab}+{cd}+foo*", 0);
- r.Split("{ab}*{ab}+{cd}+foo*", 0, 0);
-
- // not hardcoded strings are compliant
- r = new Regex(s);
- r = new Regex(s, RegexOptions.Compiled, TimeSpan.Zero);
- Regex.Replace("{ab}*{ab}+{cd}+foo*", s, "{ab}*{ab}+{cd}+foo*", RegexOptions.Compiled, TimeSpan.Zero);
- Regex.Split("{ab}*{ab}+{cd}+foo*", s, RegexOptions.Compiled, TimeSpan.Zero);
-
- var variable = "a+a+";
- new Regex(variable); // Noncompliant
- new Regex(longField); // Noncompliant
- variable = "x";
- new Regex(variable); // Compliant, too short
- new Regex(shortField); // Compliant, too short
- }
- }
-
- //https://github.com/SonarSource/sonar-dotnet/issues/3298
- class Repro_3298
- {
- private const string ClassUnsafeRegex = @"^([(?>\.\-)*|\w]+)@\w+(?>(([\.-]?\w+)(?!$)))*(\.\w{2,3})+$";
- private string trackedField = @"^([(?>\.\-)*|\w]+)@\w+(?>(([\.-]?\w+)(?!$)))*(\.\w{2,3})+$";
-
- void Go()
- {
- const string LocalUnsafeRegex = @"^([(?>\.\-)*|\w]+)@\w+(?>(([\.-]?\w+)(?!$)))*(\.\w{2,3})+$";
- string trackedVariable = @"^([(?>\.\-)*|\w]+)@\w+(?>(([\.-]?\w+)(?!$)))*(\.\w{2,3})+$";
-
- new Regex(ClassUnsafeRegex); // Noncompliant
- new Regex(LocalUnsafeRegex); // Noncompliant
-
- new Regex(trackedField); // Noncompliant
- new Regex(trackedVariable); // Noncompliant
- }
- }
-}
diff --git a/analyzers/tests/SonarAnalyzer.UnitTest/TestCases/Hotspots/UsingRegularExpressions.vb b/analyzers/tests/SonarAnalyzer.UnitTest/TestCases/Hotspots/UsingRegularExpressions.vb
deleted file mode 100644
index a1a0443f19d..00000000000
--- a/analyzers/tests/SonarAnalyzer.UnitTest/TestCases/Hotspots/UsingRegularExpressions.vb
+++ /dev/null
@@ -1,106 +0,0 @@
-Imports System
-Imports System.Text.RegularExpressions
-Imports RE = System.Text.RegularExpressions.Regex
-
-Namespace Tests.Diagnostics
-
- Class Program
-
- Private LongField As String = "a+a+"
- Private ShortField As String = "x"
-
- Private Sub Main(ByVal s As String)
- Dim r As Regex
- r = New Regex("")
- r = New Regex("**")
- r = New Regex("+*")
- r = New Regex("abcdefghijklmnopqrst")
- r = New Regex("abcdefghijklmnopqrst+")
- r = New Regex("{abc}+defghijklmnopqrst") ' Noncompliant {{Make sure that using a regular expression is safe here.}}
- ' ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
- r = New Regex("{abc}+{a}") ' Noncompliant
- r = New Regex("+++") ' Noncompliant
- r = New Regex("\\+\\+\\+") ' Noncompliant FP (escaped special characters)
- r = New Regex("{{{") ' Noncompliant
- r = New Regex("\\{\\{\\{") ' Noncompliant FP (escaped special characters)
- r = New Regex("***") ' Noncompliant
- r = New Regex("\\*\\*\\*") ' Noncompliant FP (escaped special characters)
- r = New Regex("(a+)+s", RegexOptions.Compiled) ' Noncompliant
- r = New Regex("(a+)+s", RegexOptions.Compiled, TimeSpan.Zero) ' Noncompliant
- r = New Regex("{ab}*{ab}+{cd}+foo*") ' Noncompliant
- Regex.IsMatch("", "(a+)+s") ' Noncompliant ^13#27
- Regex.IsMatch(s, "(a+)+s", RegexOptions.Compiled) ' Noncompliant
- Regex.IsMatch("", "{foo}{bar}", RegexOptions.Compiled, TimeSpan.Zero) ' Noncompliant
- Regex.Match(s, "{foo}{bar}") ' Noncompliant
- Regex.Match("", "{foo}{bar}", RegexOptions.Compiled) ' Noncompliant
- Regex.Match("", "{foo}{bar}", RegexOptions.Compiled, TimeSpan.Zero) ' Noncompliant
- Regex.Matches(s, "{foo}{bar}") ' Noncompliant
- Regex.Matches("", "{foo}{bar}", RegexOptions.Compiled) ' Noncompliant
- Regex.Matches("", "{foo}{bar}", RegexOptions.Compiled, TimeSpan.Zero) ' Noncompliant
- Regex.Replace(s, "ab*cd*", Function(match) "") ' Noncompliant
- Regex.Replace("", "ab*cd*", "") ' Noncompliant
- Regex.Replace("", "ab*cd*", Function(match) "", RegexOptions.Compiled) ' Noncompliant
- Regex.Replace("", "ab*cd*", s, RegexOptions.Compiled) ' Noncompliant
- Regex.Replace("", "ab*cd*", Function(match) "", RegexOptions.Compiled, TimeSpan.Zero) ' Noncompliant
- Regex.Replace("", "ab*cd*", "", RegexOptions.Compiled, TimeSpan.Zero) ' Noncompliant
- Regex.Split("", "a+a+") ' Noncompliant
- Regex.Split("", "a+a+", RegexOptions.Compiled) ' Noncompliant
- Regex.Split("", "a+a+", RegexOptions.Compiled, TimeSpan.Zero) ' Noncompliant
- Dim x1 = New System.Text.RegularExpressions.Regex("a+a+") ' Noncompliant
- Dim x2 = New RE("a+b+") ' Noncompliant
- System.Text.RegularExpressions.Regex.IsMatch("", "{}{}") ' Noncompliant
- RE.IsMatch("", "a**") ' Noncompliant
- RE.IsMatch("", "a\\**") ' Noncompliant FP (escaped special character)
-
- ' Non-static methods are compliant
- r.IsMatch("a+a+")
- r.IsMatch("{ab}*{ab}+{cd}+foo*", 0)
- r.Match("{ab}*{ab}+{cd}+foo*")
- r.Match("{ab}*{ab}+{cd}+foo*", 0)
- r.Match("{ab}*{ab}+{cd}+foo*", 0, 1)
- r.Matches("{ab}*{ab}+{cd}+foo*")
- r.Matches("{ab}*{ab}+{cd}+foo*", 0)
- r.Replace("{ab}*{ab}+{cd}+foo*", Function(match) "{ab}*{ab}+{cd}+foo*")
- r.Replace("{ab}*{ab}+{cd}+foo*", "{ab}*{ab}+{cd}+foo*")
- r.Replace("{ab}*{ab}+{cd}+foo*", Function(match) "{ab}*{ab}+{cd}+foo*", 0)
- r.Replace("{ab}*{ab}+{cd}+foo*", "{ab}*{ab}+{cd}+foo*", 0)
- r.Replace("{ab}*{ab}+{cd}+foo*", Function(match) "{ab}*{ab}+{cd}+foo*", 0, 0)
- r.Replace("{ab}*{ab}+{cd}+foo*", "{ab}*{ab}+{cd}+foo*", 0, 0)
- r.Split("{ab}*{ab}+{cd}+foo*")
- r.Split("{ab}*{ab}+{cd}+foo*", 0)
- r.Split("{ab}*{ab}+{cd}+foo*", 0, 0)
-
- ' not hardcoded strings are compliant
- r = New Regex(s)
- r = New Regex(s, RegexOptions.Compiled, TimeSpan.Zero)
- Regex.Replace("{ab}*{ab}+{cd}+foo*", s, "{ab}*{ab}+{cd}+foo*", RegexOptions.Compiled, TimeSpan.Zero)
- Regex.Split("{ab}*{ab}+{cd}+foo*", s, RegexOptions.Compiled, TimeSpan.Zero)
-
- Dim Variable As String = "a+a+"
- r = New Regex(Variable) ' Noncompliant
- r = New Regex(LongField) ' Noncompliant
- Variable = "x"
- r = New Regex(Variable) ' Compliant, too Short
- r = New Regex(ShortField) ' Compliant, too Short
- End Sub
-
- End Class
-
- ' https//github.com/SonarSource/sonar-dotnet/issues/3298
- Class Repro_3298
-
- Private Const ClassUnsafeRegex As String = "^([(?>\.\-)*|\w]+)@\w+(?>(([\.-]?\w+)(?!$)))*(\.\w{2,3})+$"
- Private TrackedField As String = "^([(?>\.\-)*|\w]+)@\w+(?>(([\.-]?\w+)(?!$)))*(\.\w{2,3})+$"
-
- Public Sub Go()
- Const LocalUnsafeRegex As String = "^([(?>\.\-)*|\w]+)@\w+(?>(([\.-]?\w+)(?!$)))*(\.\w{2,3})+$"
- Dim TrackedVariable As String = "^([(?>\.\-)*|\w]+)@\w+(?>(([\.-]?\w+)(?!$)))*(\.\w{2,3})+$"
- Dim a As New Regex(ClassUnsafeRegex) ' Noncompliant
- Dim b As New Regex(LocalUnsafeRegex) ' Noncompliant
- Dim c As New Regex(TrackedField) ' Noncompliant
- Dim d As New Regex(TrackedVariable) ' Noncompliant
- End Sub
-
- End Class
-
-End Namespace