From 7f7aba7ebe0b239ccbd9578282acea4a49a66fdd Mon Sep 17 00:00:00 2001
From: mary-georgiou-sonarsource <mary.georgiou@sonarsource.com>
Date: Fri, 22 Sep 2023 16:48:31 +0200
Subject: [PATCH 1/5] delete implementation

---
 .../Rules/Hotspots/UsingRegularExpressions.cs |  47 -------
 .../Hotspots/UsingRegularExpressionsBase.cs   |  68 ----------
 .../Rules/Hotspots/UsingRegularExpressions.cs |  47 -------
 .../Hotspots/UsingRegularExpressionsTest.cs   |  62 ---------
 .../UsingRegularExpressions.CSharp10.cs       |  21 ---
 .../UsingRegularExpressions.CSharp11.cs       |  14 --
 .../Hotspots/UsingRegularExpressions.cs       | 120 ------------------
 .../Hotspots/UsingRegularExpressions.vb       | 106 ----------------
 8 files changed, 485 deletions(-)
 delete mode 100644 analyzers/src/SonarAnalyzer.CSharp/Rules/Hotspots/UsingRegularExpressions.cs
 delete mode 100644 analyzers/src/SonarAnalyzer.Common/Rules/Hotspots/UsingRegularExpressionsBase.cs
 delete mode 100644 analyzers/src/SonarAnalyzer.VisualBasic/Rules/Hotspots/UsingRegularExpressions.cs
 delete mode 100644 analyzers/tests/SonarAnalyzer.UnitTest/Rules/Hotspots/UsingRegularExpressionsTest.cs
 delete mode 100644 analyzers/tests/SonarAnalyzer.UnitTest/TestCases/Hotspots/UsingRegularExpressions.CSharp10.cs
 delete mode 100644 analyzers/tests/SonarAnalyzer.UnitTest/TestCases/Hotspots/UsingRegularExpressions.CSharp11.cs
 delete mode 100644 analyzers/tests/SonarAnalyzer.UnitTest/TestCases/Hotspots/UsingRegularExpressions.cs
 delete mode 100644 analyzers/tests/SonarAnalyzer.UnitTest/TestCases/Hotspots/UsingRegularExpressions.vb

diff --git a/analyzers/src/SonarAnalyzer.CSharp/Rules/Hotspots/UsingRegularExpressions.cs b/analyzers/src/SonarAnalyzer.CSharp/Rules/Hotspots/UsingRegularExpressions.cs
deleted file mode 100644
index 084c30d51da..00000000000
--- a/analyzers/src/SonarAnalyzer.CSharp/Rules/Hotspots/UsingRegularExpressions.cs
+++ /dev/null
@@ -1,47 +0,0 @@
-/*
- * SonarAnalyzer for .NET
- * Copyright (C) 2015-2023 SonarSource SA
- * mailto: contact AT sonarsource DOT com
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 3 of the License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public License
- * along with this program; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
- */
-
-namespace SonarAnalyzer.Rules.CSharp
-{
-    [DiagnosticAnalyzer(LanguageNames.CSharp)]
-    public sealed class UsingRegularExpressions : UsingRegularExpressionsBase<SyntaxKind>
-    {
-        protected override ILanguageFacade<SyntaxKind> Language => CSharpFacade.Instance;
-
-        public UsingRegularExpressions() : this(AnalyzerConfiguration.Hotspot) { }
-
-        internal /*for testing*/ UsingRegularExpressions(IAnalyzerConfiguration configuration) : base(configuration) { }
-
-        protected override string GetStringLiteralAtIndex(InvocationContext context, int index) =>
-            context.Node is InvocationExpressionSyntax invocation
-                ? GetStringValue(context.SemanticModel, invocation.ArgumentList, index)
-                : null;
-
-        protected override string GetStringLiteralAtIndex(ObjectCreationContext context, int index) =>
-            context.Node is ObjectCreationExpressionSyntax objectCreation
-                ? GetStringValue(context.SemanticModel, objectCreation.ArgumentList, index)
-                : null;
-
-        private static string GetStringValue(SemanticModel semanticModel, ArgumentListSyntax argumentList, int index) =>
-            argumentList.Get(index) is { } argument
-                ? argument.FindStringConstant(semanticModel)
-                : null;
-    }
-}
diff --git a/analyzers/src/SonarAnalyzer.Common/Rules/Hotspots/UsingRegularExpressionsBase.cs b/analyzers/src/SonarAnalyzer.Common/Rules/Hotspots/UsingRegularExpressionsBase.cs
deleted file mode 100644
index 0c173468936..00000000000
--- a/analyzers/src/SonarAnalyzer.Common/Rules/Hotspots/UsingRegularExpressionsBase.cs
+++ /dev/null
@@ -1,68 +0,0 @@
-/*
- * SonarAnalyzer for .NET
- * Copyright (C) 2015-2023 SonarSource SA
- * mailto: contact AT sonarsource DOT com
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 3 of the License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public License
- * along with this program; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
- */
-
-namespace SonarAnalyzer.Rules
-{
-    public abstract class UsingRegularExpressionsBase<TSyntaxKind> : TrackerHotspotDiagnosticAnalyzer<TSyntaxKind>
-        where TSyntaxKind : struct
-    {
-        protected const string DiagnosticId = "S4784";
-        private const string MessageFormat = "Make sure that using a regular expression is safe here.";
-        private const int MinRegexLength = 3;
-
-        private readonly ISet<char> specialCharacters = new HashSet<char> { '{', '+', '*' };
-
-        protected abstract string GetStringLiteralAtIndex(InvocationContext context, int index);
-        protected abstract string GetStringLiteralAtIndex(ObjectCreationContext context, int index);
-
-        protected UsingRegularExpressionsBase(IAnalyzerConfiguration configuration)
-            : base(configuration, DiagnosticId, MessageFormat) { }
-
-        protected override void Initialize(TrackerInput input)
-        {
-            var inv = Language.Tracker.Invocation;
-            inv.Track(input,
-                inv.MatchMethod(
-                    new MemberDescriptor(KnownType.System_Text_RegularExpressions_Regex, "IsMatch"),
-                    new MemberDescriptor(KnownType.System_Text_RegularExpressions_Regex, "Match"),
-                    new MemberDescriptor(KnownType.System_Text_RegularExpressions_Regex, "Matches"),
-                    new MemberDescriptor(KnownType.System_Text_RegularExpressions_Regex, "Replace"),
-                    new MemberDescriptor(KnownType.System_Text_RegularExpressions_Regex, "Split")),
-                SecondArgumentIsHardcodedRegex(),
-                inv.MethodIsStatic());
-
-            var oc = Language.Tracker.ObjectCreation;
-            oc.Track(input,
-                oc.MatchConstructor(KnownType.System_Text_RegularExpressions_Regex),
-                FirstArgumentIsHardcodedRegex());
-        }
-
-        private TrackerBase<TSyntaxKind, InvocationContext>.Condition SecondArgumentIsHardcodedRegex() =>
-            context => GetStringLiteralAtIndex(context, 1) is string hardcodedString && IsComplexRegex(hardcodedString);
-
-        private TrackerBase<TSyntaxKind, ObjectCreationContext>.Condition FirstArgumentIsHardcodedRegex() =>
-            context => GetStringLiteralAtIndex(context, 0) is string hardcodedString && IsComplexRegex(hardcodedString);
-
-        private bool IsComplexRegex(string s) =>
-            s != null
-            && s.Length >= MinRegexLength
-            && s.ToCharArray().Count(c => specialCharacters.Contains(c)) > 1;
-    }
-}
diff --git a/analyzers/src/SonarAnalyzer.VisualBasic/Rules/Hotspots/UsingRegularExpressions.cs b/analyzers/src/SonarAnalyzer.VisualBasic/Rules/Hotspots/UsingRegularExpressions.cs
deleted file mode 100644
index 6ef57ea7b58..00000000000
--- a/analyzers/src/SonarAnalyzer.VisualBasic/Rules/Hotspots/UsingRegularExpressions.cs
+++ /dev/null
@@ -1,47 +0,0 @@
-/*
- * SonarAnalyzer for .NET
- * Copyright (C) 2015-2023 SonarSource SA
- * mailto: contact AT sonarsource DOT com
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 3 of the License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public License
- * along with this program; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
- */
-
-namespace SonarAnalyzer.Rules.VisualBasic
-{
-    [DiagnosticAnalyzer(LanguageNames.VisualBasic)]
-    public sealed class UsingRegularExpressions : UsingRegularExpressionsBase<SyntaxKind>
-    {
-        protected override ILanguageFacade<SyntaxKind> Language => VisualBasicFacade.Instance;
-
-        public UsingRegularExpressions() : this(AnalyzerConfiguration.Hotspot) { }
-
-        internal /*for testing*/ UsingRegularExpressions(IAnalyzerConfiguration configuration) : base(configuration) { }
-
-        protected override string GetStringLiteralAtIndex(InvocationContext context, int index) =>
-            context.Node is InvocationExpressionSyntax invocation
-                ? GetStringValue(context.SemanticModel, invocation.ArgumentList, index)
-                : null;
-
-        protected override string GetStringLiteralAtIndex(ObjectCreationContext context, int index) =>
-            context.Node is ObjectCreationExpressionSyntax objectCreation
-                ? GetStringValue(context.SemanticModel, objectCreation.ArgumentList, index)
-                : null;
-
-        private static string GetStringValue(SemanticModel semanticModel, ArgumentListSyntax argumentList, int index) =>
-            argumentList.Get(index) is { } argument
-                ? argument.FindStringConstant(semanticModel)
-                : null;
-    }
-}
diff --git a/analyzers/tests/SonarAnalyzer.UnitTest/Rules/Hotspots/UsingRegularExpressionsTest.cs b/analyzers/tests/SonarAnalyzer.UnitTest/Rules/Hotspots/UsingRegularExpressionsTest.cs
deleted file mode 100644
index 3a78cf8d972..00000000000
--- a/analyzers/tests/SonarAnalyzer.UnitTest/Rules/Hotspots/UsingRegularExpressionsTest.cs
+++ /dev/null
@@ -1,62 +0,0 @@
-/*
- * SonarAnalyzer for .NET
- * Copyright (C) 2015-2023 SonarSource SA
- * mailto: contact AT sonarsource DOT com
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 3 of the License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public License
- * along with this program; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
- */
-
-using CS = SonarAnalyzer.Rules.CSharp;
-using VB = SonarAnalyzer.Rules.VisualBasic;
-
-namespace SonarAnalyzer.UnitTest.Rules
-{
-    [TestClass]
-    public class UsingRegularExpressionsTest
-    {
-        private readonly VerifierBuilder builderCS = new VerifierBuilder().WithBasePath("Hotspots").AddAnalyzer(() => new CS.UsingRegularExpressions(AnalyzerConfiguration.AlwaysEnabled));
-        private readonly VerifierBuilder builderVB = new VerifierBuilder().WithBasePath("Hotspots").AddAnalyzer(() => new VB.UsingRegularExpressions(AnalyzerConfiguration.AlwaysEnabled));
-
-        [TestMethod]
-        public void UsingRegularExpressions_CS() =>
-            builderCS.AddPaths("UsingRegularExpressions.cs")
-                .AddReferences(MetadataReferenceFacade.RegularExpressions)
-                .Verify();
-
-#if NET
-
-        [TestMethod]
-        public void UsingRegularExpressions_CSharp10() =>
-            builderCS.AddPaths("UsingRegularExpressions.CSharp10.cs")
-                .AddReferences(MetadataReferenceFacade.RegularExpressions)
-                .WithOptions(ParseOptionsHelper.FromCSharp10)
-                .Verify();
-
-        [TestMethod]
-        public void UsingRegularExpressions_CSharp11() =>
-            builderCS.AddPaths("UsingRegularExpressions.CSharp11.cs")
-                .AddReferences(MetadataReferenceFacade.RegularExpressions)
-                .WithOptions(ParseOptionsHelper.FromCSharp11)
-                .Verify();
-
-#endif
-
-        [TestMethod]
-        public void UsingRegularExpressions_VB() =>
-            builderVB.AddPaths("UsingRegularExpressions.vb")
-                .AddReferences(MetadataReferenceFacade.RegularExpressions)
-                .Verify();
-    }
-}
diff --git a/analyzers/tests/SonarAnalyzer.UnitTest/TestCases/Hotspots/UsingRegularExpressions.CSharp10.cs b/analyzers/tests/SonarAnalyzer.UnitTest/TestCases/Hotspots/UsingRegularExpressions.CSharp10.cs
deleted file mode 100644
index 9943d8610f6..00000000000
--- a/analyzers/tests/SonarAnalyzer.UnitTest/TestCases/Hotspots/UsingRegularExpressions.CSharp10.cs
+++ /dev/null
@@ -1,21 +0,0 @@
-using System;
-using System.Text.RegularExpressions;
-
-namespace Tests.Diagnostics
-{
-    class Program
-    {
-        const string part1 = "a";
-        const string part2 = "b";
-        const string compliant = $"{part1}{part2}";
-        const string plus = "+";
-        const string noncompliant = $"{part1}{plus}{part2}{plus}";
-
-        void Main(string s)
-        {
-            Regex r;
-            r = new Regex(compliant); // Compliant
-            r = new Regex(noncompliant); // Noncompliant
-        }
-    }
-}
diff --git a/analyzers/tests/SonarAnalyzer.UnitTest/TestCases/Hotspots/UsingRegularExpressions.CSharp11.cs b/analyzers/tests/SonarAnalyzer.UnitTest/TestCases/Hotspots/UsingRegularExpressions.CSharp11.cs
deleted file mode 100644
index 47e0882d376..00000000000
--- a/analyzers/tests/SonarAnalyzer.UnitTest/TestCases/Hotspots/UsingRegularExpressions.CSharp11.cs
+++ /dev/null
@@ -1,14 +0,0 @@
-using System;
-using System.Text.RegularExpressions;
-
-namespace Tests.Diagnostics
-{
-    class Program
-    {
-        void Main(string s)
-        {
-            Regex r;
-            r = new Regex("""{abc}+{a}"""); // Noncompliant
-        }
-    }
-}
diff --git a/analyzers/tests/SonarAnalyzer.UnitTest/TestCases/Hotspots/UsingRegularExpressions.cs b/analyzers/tests/SonarAnalyzer.UnitTest/TestCases/Hotspots/UsingRegularExpressions.cs
deleted file mode 100644
index 1e419d25b27..00000000000
--- a/analyzers/tests/SonarAnalyzer.UnitTest/TestCases/Hotspots/UsingRegularExpressions.cs
+++ /dev/null
@@ -1,120 +0,0 @@
-using System;
-using System.Text.RegularExpressions;
-using RE = System.Text.RegularExpressions.Regex;
-using static System.Text.RegularExpressions.Regex;
-
-namespace Tests.Diagnostics
-{
-    class Program
-    {
-        string longField = "a+a+";
-        string shortField = "x";
-
-        void Main(string s)
-        {
-            Regex r;
-            r = new Regex(""); // Compliant, less than 3 characters
-            r = new Regex("**"); // Compliant, less than 3 characters
-            r = new Regex("+*"); // Compliant, less than 3 characters
-            r = new Regex("abcdefghijklmnopqrst"); // Compliant, does not have the special characters
-            r = new Regex("abcdefghijklmnopqrst+"); // Compliant, has only 1 special character
-            r = new Regex("{abc}+defghijklmnopqrst"); // Noncompliant
-            r = new Regex("{abc}+{a}"); // Noncompliant {{Make sure that using a regular expression is safe here.}}
-//              ^^^^^^^^^^^^^^^^^^^^^^
-            r = new Regex("+++"); // Noncompliant
-            r = new Regex(@"\+\+\+"); // Noncompliant FP (escaped special characters)
-            r = new Regex("{{{"); // Noncompliant
-            r = new Regex(@"\{\{\{"); // Noncompliant FP (escaped special characters)
-            r = new Regex("***"); // Noncompliant
-            r = new Regex(@"\*\*\*"); // Noncompliant FP (escaped special characters)
-            r = new Regex("(a+)+s", RegexOptions.Compiled); // Noncompliant
-            r = new Regex("(a+)+s", RegexOptions.Compiled, TimeSpan.Zero); // Noncompliant
-            r = new Regex("{ab}*{ab}+{cd}+foo*"); // Noncompliant
-
-            Regex.IsMatch("", "(a+)+s"); // Noncompliant
-//          ^^^^^^^^^^^^^^^^^^^^^^^^^^^
-            Regex.IsMatch(s, "(a+)+s", RegexOptions.Compiled); // Noncompliant
-            Regex.IsMatch("", "{foo}{bar}", RegexOptions.Compiled, TimeSpan.Zero); // Noncompliant
-
-            Regex.Match(s, "{foo}{bar}"); // Noncompliant
-            Regex.Match("", "{foo}{bar}", RegexOptions.Compiled); // Noncompliant
-            Regex.Match("", "{foo}{bar}", RegexOptions.Compiled, TimeSpan.Zero); // Noncompliant
-
-            Regex.Matches(s, "{foo}{bar}"); // Noncompliant
-            Regex.Matches("", "{foo}{bar}", RegexOptions.Compiled); // Noncompliant
-            Regex.Matches("", "{foo}{bar}", RegexOptions.Compiled, TimeSpan.Zero); // Noncompliant
-
-            Regex.Replace(s, "ab*cd*", match => ""); // Noncompliant
-            Regex.Replace("", "ab*cd*", ""); // Noncompliant
-            Regex.Replace("", "ab*cd*", match => "", RegexOptions.Compiled); // Noncompliant
-            Regex.Replace("", "ab*cd*", s, RegexOptions.Compiled); // Noncompliant
-            Regex.Replace("", "ab*cd*", match => "", RegexOptions.Compiled, TimeSpan.Zero); // Noncompliant
-            Regex.Replace("", "ab*cd*", "", RegexOptions.Compiled, TimeSpan.Zero); // Noncompliant
-            Regex.Replace("", "ab\\*cd\\*", "", RegexOptions.Compiled, TimeSpan.Zero); // Noncompliant FP (escaped special characters)
-
-            Regex.Split("", "a+a+"); // Noncompliant
-            Regex.Split("", "a+a+", RegexOptions.Compiled); // Noncompliant
-            Regex.Split("", "a+a+", RegexOptions.Compiled, TimeSpan.Zero); // Noncompliant
-
-            new System.Text.RegularExpressions.Regex("a+a+"); // Noncompliant
-            new RE("a+b+"); // Noncompliant
-            System.Text.RegularExpressions.Regex.IsMatch("", "{}{}"); // Noncompliant
-            RE.IsMatch("", "a**"); // Noncompliant
-            IsMatch("", "b**"); // Noncompliant
-
-            // Non-static methods are compliant
-            r.IsMatch("a+a+");
-            r.IsMatch("{ab}*{ab}+{cd}+foo*", 0);
-
-            r.Match("{ab}*{ab}+{cd}+foo*");
-            r.Match("{ab}*{ab}+{cd}+foo*", 0);
-            r.Match("{ab}*{ab}+{cd}+foo*", 0, 1);
-
-            r.Matches("{ab}*{ab}+{cd}+foo*");
-            r.Matches("{ab}*{ab}+{cd}+foo*", 0);
-
-            r.Replace("{ab}*{ab}+{cd}+foo*", match => "{ab}*{ab}+{cd}+foo*");
-            r.Replace("{ab}*{ab}+{cd}+foo*", "{ab}*{ab}+{cd}+foo*");
-            r.Replace("{ab}*{ab}+{cd}+foo*", match => "{ab}*{ab}+{cd}+foo*", 0);
-            r.Replace("{ab}*{ab}+{cd}+foo*", "{ab}*{ab}+{cd}+foo*", 0);
-            r.Replace("{ab}*{ab}+{cd}+foo*", match => "{ab}*{ab}+{cd}+foo*", 0, 0);
-            r.Replace("{ab}*{ab}+{cd}+foo*", "{ab}*{ab}+{cd}+foo*", 0, 0);
-
-            r.Split("{ab}*{ab}+{cd}+foo*");
-            r.Split("{ab}*{ab}+{cd}+foo*", 0);
-            r.Split("{ab}*{ab}+{cd}+foo*", 0, 0);
-
-            // not hardcoded strings are compliant
-            r = new Regex(s);
-            r = new Regex(s, RegexOptions.Compiled, TimeSpan.Zero);
-            Regex.Replace("{ab}*{ab}+{cd}+foo*", s, "{ab}*{ab}+{cd}+foo*", RegexOptions.Compiled, TimeSpan.Zero);
-            Regex.Split("{ab}*{ab}+{cd}+foo*", s, RegexOptions.Compiled, TimeSpan.Zero);
-
-            var variable = "a+a+";
-            new Regex(variable);    // Noncompliant
-            new Regex(longField);   // Noncompliant
-            variable = "x";
-            new Regex(variable);    // Compliant, too short
-            new Regex(shortField);  // Compliant, too short
-        }
-    }
-
-    //https://github.com/SonarSource/sonar-dotnet/issues/3298
-    class Repro_3298
-    {
-        private const string ClassUnsafeRegex = @"^([(?>\.\-)*|\w]+)@\w+(?>(([\.-]?\w+)(?!$)))*(\.\w{2,3})+$";
-        private string trackedField = @"^([(?>\.\-)*|\w]+)@\w+(?>(([\.-]?\w+)(?!$)))*(\.\w{2,3})+$";
-
-        void Go()
-        {
-            const string LocalUnsafeRegex = @"^([(?>\.\-)*|\w]+)@\w+(?>(([\.-]?\w+)(?!$)))*(\.\w{2,3})+$";
-            string trackedVariable = @"^([(?>\.\-)*|\w]+)@\w+(?>(([\.-]?\w+)(?!$)))*(\.\w{2,3})+$";
-
-            new Regex(ClassUnsafeRegex);    // Noncompliant
-            new Regex(LocalUnsafeRegex);    // Noncompliant
-
-            new Regex(trackedField);        // Noncompliant
-            new Regex(trackedVariable);     // Noncompliant
-        }
-    }
-}
diff --git a/analyzers/tests/SonarAnalyzer.UnitTest/TestCases/Hotspots/UsingRegularExpressions.vb b/analyzers/tests/SonarAnalyzer.UnitTest/TestCases/Hotspots/UsingRegularExpressions.vb
deleted file mode 100644
index a1a0443f19d..00000000000
--- a/analyzers/tests/SonarAnalyzer.UnitTest/TestCases/Hotspots/UsingRegularExpressions.vb
+++ /dev/null
@@ -1,106 +0,0 @@
-Imports System
-Imports System.Text.RegularExpressions
-Imports RE = System.Text.RegularExpressions.Regex
-
-Namespace Tests.Diagnostics
-
-    Class Program
-
-        Private LongField As String = "a+a+"
-        Private ShortField As String = "x"
-
-        Private Sub Main(ByVal s As String)
-            Dim r As Regex
-            r = New Regex("")
-            r = New Regex("**")
-            r = New Regex("+*")
-            r = New Regex("abcdefghijklmnopqrst")
-            r = New Regex("abcdefghijklmnopqrst+")
-            r = New Regex("{abc}+defghijklmnopqrst") ' Noncompliant {{Make sure that using a regular expression is safe here.}}
-            '   ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-            r = New Regex("{abc}+{a}") ' Noncompliant
-            r = New Regex("+++") ' Noncompliant
-            r = New Regex("\\+\\+\\+") ' Noncompliant FP (escaped special characters)
-            r = New Regex("{{{") ' Noncompliant
-            r = New Regex("\\{\\{\\{") ' Noncompliant FP (escaped special characters)
-            r = New Regex("***") ' Noncompliant
-            r = New Regex("\\*\\*\\*") ' Noncompliant FP (escaped special characters)
-            r = New Regex("(a+)+s", RegexOptions.Compiled) ' Noncompliant
-            r = New Regex("(a+)+s", RegexOptions.Compiled, TimeSpan.Zero) ' Noncompliant
-            r = New Regex("{ab}*{ab}+{cd}+foo*") ' Noncompliant
-            Regex.IsMatch("", "(a+)+s") ' Noncompliant ^13#27
-            Regex.IsMatch(s, "(a+)+s", RegexOptions.Compiled) ' Noncompliant
-            Regex.IsMatch("", "{foo}{bar}", RegexOptions.Compiled, TimeSpan.Zero) ' Noncompliant
-            Regex.Match(s, "{foo}{bar}") ' Noncompliant
-            Regex.Match("", "{foo}{bar}", RegexOptions.Compiled) ' Noncompliant
-            Regex.Match("", "{foo}{bar}", RegexOptions.Compiled, TimeSpan.Zero) ' Noncompliant
-            Regex.Matches(s, "{foo}{bar}") ' Noncompliant
-            Regex.Matches("", "{foo}{bar}", RegexOptions.Compiled) ' Noncompliant
-            Regex.Matches("", "{foo}{bar}", RegexOptions.Compiled, TimeSpan.Zero) ' Noncompliant
-            Regex.Replace(s, "ab*cd*", Function(match) "") ' Noncompliant
-            Regex.Replace("", "ab*cd*", "") ' Noncompliant
-            Regex.Replace("", "ab*cd*", Function(match) "", RegexOptions.Compiled) ' Noncompliant
-            Regex.Replace("", "ab*cd*", s, RegexOptions.Compiled) ' Noncompliant
-            Regex.Replace("", "ab*cd*", Function(match) "", RegexOptions.Compiled, TimeSpan.Zero) ' Noncompliant
-            Regex.Replace("", "ab*cd*", "", RegexOptions.Compiled, TimeSpan.Zero) ' Noncompliant
-            Regex.Split("", "a+a+") ' Noncompliant
-            Regex.Split("", "a+a+", RegexOptions.Compiled) ' Noncompliant
-            Regex.Split("", "a+a+", RegexOptions.Compiled, TimeSpan.Zero) ' Noncompliant
-            Dim x1 = New System.Text.RegularExpressions.Regex("a+a+") ' Noncompliant
-            Dim x2 = New RE("a+b+") ' Noncompliant
-            System.Text.RegularExpressions.Regex.IsMatch("", "{}{}") ' Noncompliant
-            RE.IsMatch("", "a**") ' Noncompliant
-            RE.IsMatch("", "a\\**") ' Noncompliant FP (escaped special character)
-
-            ' Non-static methods are compliant
-            r.IsMatch("a+a+")
-            r.IsMatch("{ab}*{ab}+{cd}+foo*", 0)
-            r.Match("{ab}*{ab}+{cd}+foo*")
-            r.Match("{ab}*{ab}+{cd}+foo*", 0)
-            r.Match("{ab}*{ab}+{cd}+foo*", 0, 1)
-            r.Matches("{ab}*{ab}+{cd}+foo*")
-            r.Matches("{ab}*{ab}+{cd}+foo*", 0)
-            r.Replace("{ab}*{ab}+{cd}+foo*", Function(match) "{ab}*{ab}+{cd}+foo*")
-            r.Replace("{ab}*{ab}+{cd}+foo*", "{ab}*{ab}+{cd}+foo*")
-            r.Replace("{ab}*{ab}+{cd}+foo*", Function(match) "{ab}*{ab}+{cd}+foo*", 0)
-            r.Replace("{ab}*{ab}+{cd}+foo*", "{ab}*{ab}+{cd}+foo*", 0)
-            r.Replace("{ab}*{ab}+{cd}+foo*", Function(match) "{ab}*{ab}+{cd}+foo*", 0, 0)
-            r.Replace("{ab}*{ab}+{cd}+foo*", "{ab}*{ab}+{cd}+foo*", 0, 0)
-            r.Split("{ab}*{ab}+{cd}+foo*")
-            r.Split("{ab}*{ab}+{cd}+foo*", 0)
-            r.Split("{ab}*{ab}+{cd}+foo*", 0, 0)
-
-            ' not hardcoded strings are compliant
-            r = New Regex(s)
-            r = New Regex(s, RegexOptions.Compiled, TimeSpan.Zero)
-            Regex.Replace("{ab}*{ab}+{cd}+foo*", s, "{ab}*{ab}+{cd}+foo*", RegexOptions.Compiled, TimeSpan.Zero)
-            Regex.Split("{ab}*{ab}+{cd}+foo*", s, RegexOptions.Compiled, TimeSpan.Zero)
-
-            Dim Variable As String = "a+a+"
-            r = New Regex(Variable)     ' Noncompliant
-            r = New Regex(LongField)    ' Noncompliant
-            Variable = "x"
-            r = New Regex(Variable)     ' Compliant, too Short
-            r = New Regex(ShortField)   ' Compliant, too Short
-        End Sub
-
-    End Class
-
-    ' https//github.com/SonarSource/sonar-dotnet/issues/3298
-    Class Repro_3298
-
-        Private Const ClassUnsafeRegex As String = "^([(?>\.\-)*|\w]+)@\w+(?>(([\.-]?\w+)(?!$)))*(\.\w{2,3})+$"
-        Private TrackedField As String = "^([(?>\.\-)*|\w]+)@\w+(?>(([\.-]?\w+)(?!$)))*(\.\w{2,3})+$"
-
-        Public Sub Go()
-            Const LocalUnsafeRegex As String = "^([(?>\.\-)*|\w]+)@\w+(?>(([\.-]?\w+)(?!$)))*(\.\w{2,3})+$"
-            Dim TrackedVariable As String = "^([(?>\.\-)*|\w]+)@\w+(?>(([\.-]?\w+)(?!$)))*(\.\w{2,3})+$"
-            Dim a As New Regex(ClassUnsafeRegex)    ' Noncompliant
-            Dim b As New Regex(LocalUnsafeRegex)    ' Noncompliant
-            Dim c As New Regex(TrackedField)        ' Noncompliant
-            Dim d As New Regex(TrackedVariable)     ' Noncompliant
-        End Sub
-
-    End Class
-
-End Namespace

From 2e7feb1a0e0e53eb0a7a28853f879b6b4821d003 Mon Sep 17 00:00:00 2001
From: mary-georgiou-sonarsource <mary.georgiou@sonarsource.com>
Date: Fri, 22 Sep 2023 16:49:15 +0200
Subject: [PATCH 2/5] remove from ruletypemapping

---
 .../SonarAnalyzer.UnitTest/PackagingTests/RuleTypeMappingCS.cs  | 2 +-
 .../SonarAnalyzer.UnitTest/PackagingTests/RuleTypeMappingVB.cs  | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/analyzers/tests/SonarAnalyzer.UnitTest/PackagingTests/RuleTypeMappingCS.cs b/analyzers/tests/SonarAnalyzer.UnitTest/PackagingTests/RuleTypeMappingCS.cs
index 2897f98cd01..e706c7434a1 100644
--- a/analyzers/tests/SonarAnalyzer.UnitTest/PackagingTests/RuleTypeMappingCS.cs
+++ b/analyzers/tests/SonarAnalyzer.UnitTest/PackagingTests/RuleTypeMappingCS.cs
@@ -4708,7 +4708,7 @@ internal static class RuleTypeMappingCS
         // ["S4781"],
         // ["S4782"],
         // ["S4783"],
-        ["S4784"] = "SECURITY_HOTSPOT",
+        // ["S4784"],
         // ["S4785"],
         // ["S4786"],
         // ["S4787"],
diff --git a/analyzers/tests/SonarAnalyzer.UnitTest/PackagingTests/RuleTypeMappingVB.cs b/analyzers/tests/SonarAnalyzer.UnitTest/PackagingTests/RuleTypeMappingVB.cs
index a3bf89cf805..e98c3e279c2 100644
--- a/analyzers/tests/SonarAnalyzer.UnitTest/PackagingTests/RuleTypeMappingVB.cs
+++ b/analyzers/tests/SonarAnalyzer.UnitTest/PackagingTests/RuleTypeMappingVB.cs
@@ -4708,7 +4708,7 @@ internal static class RuleTypeMappingVB
         // ["S4781"],
         // ["S4782"],
         // ["S4783"],
-        ["S4784"] = "SECURITY_HOTSPOT",
+        // ["S4784"],
         // ["S4785"],
         // ["S4786"],
         // ["S4787"],

From 2b0dff814571d147a54b45c91973b89897afc390 Mon Sep 17 00:00:00 2001
From: mary-georgiou-sonarsource <mary.georgiou@sonarsource.com>
Date: Fri, 22 Sep 2023 16:49:50 +0200
Subject: [PATCH 3/5] delete rspec

---
 analyzers/rspec/cs/S4784.html    | 89 --------------------------------
 analyzers/rspec/cs/S4784.json    | 10 ----
 analyzers/rspec/vbnet/S4784.html | 85 ------------------------------
 analyzers/rspec/vbnet/S4784.json | 10 ----
 4 files changed, 194 deletions(-)
 delete mode 100644 analyzers/rspec/cs/S4784.html
 delete mode 100644 analyzers/rspec/cs/S4784.json
 delete mode 100644 analyzers/rspec/vbnet/S4784.html
 delete mode 100644 analyzers/rspec/vbnet/S4784.json

diff --git a/analyzers/rspec/cs/S4784.html b/analyzers/rspec/cs/S4784.html
deleted file mode 100644
index d0809987146..00000000000
--- a/analyzers/rspec/cs/S4784.html
+++ /dev/null
@@ -1,89 +0,0 @@
-<p>This rule is deprecated; use {rule:roslyn.sonaranalyzer.security.cs:S2631} instead.</p>
-<p>Using regular expressions is security-sensitive. It has led in the past to the following vulnerabilities:</p>
-<ul>
-  <li> <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16021">CVE-2017-16021</a> </li>
-  <li> <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13863">CVE-2018-13863</a> </li>
-</ul>
-<p>Evaluating regular expressions against input strings is potentially an extremely CPU-intensive task. Specially crafted regular expressions such as
-<code>(a+)+s</code> will take several seconds to evaluate the input string <code>aaaaaaaaaaaaaaaaaaaaaaaaaaaaabs</code>. The problem is that with
-every additional <code>a</code> character added to the input, the time required to evaluate the regex doubles. However, the equivalent regular
-expression, <code>a+s</code> (without grouping) is efficiently evaluated in milliseconds and scales linearly with the input size.</p>
-<p>Evaluating such regular expressions opens the door to <a
-href="https://owasp.org/www-community/attacks/Regular_expression_Denial_of_Service_-_ReDoS">Regular expression Denial of Service (ReDoS)</a> attacks.
-In the context of a web application, attackers can force the web server to spend all of its resources evaluating regular expressions thereby making
-the service inaccessible to genuine users.</p>
-<p>This rule flags any execution of a hardcoded regular expression which has at least 3 characters and at least two instances of any of the following
-characters: <code>*+{</code>.</p>
-<p>Example: <code>(a+)*</code></p>
-<h2>Ask Yourself Whether</h2>
-<ul>
-  <li> the executed regular expression is sensitive and a user can provide a string which will be analyzed by this regular expression. </li>
-  <li> your regular expression engine performance decrease with specially crafted inputs and regular expressions. </li>
-</ul>
-<p>There is a risk if you answered yes to any of those questions.</p>
-<h2>Recommended Secure Coding Practices</h2>
-<p>Check whether your regular expression engine (the algorithm executing your regular expression) has any known vulnerabilities. Search for
-vulnerability reports mentioning the one engine you’re are using.</p>
-<p>If the regular expression is vulnerable to ReDos attacks, mitigate the risk by using a "match timeout" to limit the time spent running the regular
-expression.</p>
-<p>Remember also that a ReDos attack is possible if a user-provided regular expression is executed. This rule won’t detect this kind of injection.</p>
-<h2>Sensitive Code Example</h2>
-<pre>
-using System;
-using System.Collections.Generic;
-using System.Linq;
-using System.Runtime.Serialization;
-using System.Text.RegularExpressions;
-using System.Web;
-
-namespace N
-{
-    public class RegularExpression
-    {
-        void Foo(RegexOptions options, TimeSpan matchTimeout, string input,
-                 string replacement, MatchEvaluator evaluator)
-        {
-            // All the following instantiations are Sensitive.
-            new System.Text.RegularExpressions.Regex("(a+)+");
-            new System.Text.RegularExpressions.Regex("(a+)+", options);
-            new System.Text.RegularExpressions.Regex("(a+)+", options, matchTimeout);
-
-            // All the following static methods are Sensitive.
-            System.Text.RegularExpressions.Regex.IsMatch(input, "(a+)+");
-            System.Text.RegularExpressions.Regex.IsMatch(input, "(a+)+", options);
-            System.Text.RegularExpressions.Regex.IsMatch(input, "(a+)+", options, matchTimeout);
-
-            System.Text.RegularExpressions.Regex.Match(input, "(a+)+");
-            System.Text.RegularExpressions.Regex.Match(input, "(a+)+", options);
-            System.Text.RegularExpressions.Regex.Match(input, "(a+)+", options, matchTimeout);
-
-            System.Text.RegularExpressions.Regex.Matches(input, "(a+)+");
-            System.Text.RegularExpressions.Regex.Matches(input, "(a+)+", options);
-            System.Text.RegularExpressions.Regex.Matches(input, "(a+)+", options, matchTimeout);
-
-            System.Text.RegularExpressions.Regex.Replace(input, "(a+)+", evaluator);
-            System.Text.RegularExpressions.Regex.Replace(input, "(a+)+", evaluator, options);
-            System.Text.RegularExpressions.Regex.Replace(input, "(a+)+", evaluator, options, matchTimeout);
-            System.Text.RegularExpressions.Regex.Replace(input, "(a+)+", replacement);
-            System.Text.RegularExpressions.Regex.Replace(input, "(a+)+", replacement, options);
-            System.Text.RegularExpressions.Regex.Replace(input, "(a+)+", replacement, options, matchTimeout);
-
-            System.Text.RegularExpressions.Regex.Split(input, "(a+)+");
-            System.Text.RegularExpressions.Regex.Split(input, "(a+)+", options);
-            System.Text.RegularExpressions.Regex.Split(input, "(a+)+", options, matchTimeout);
-        }
-    }
-}
-</pre>
-<h2>Exceptions</h2>
-<p>Some corner-case regular expressions will not raise an issue even though they might be vulnerable. For example: <code>(a|aa)+</code>,
-<code>(a|a?)+</code>.</p>
-<p>It is a good idea to test your regular expression if it has the same pattern on both side of a "<code>|</code>".</p>
-<h2>See</h2>
-<ul>
-  <li> <a href="https://owasp.org/www-project-top-ten/2017/A1_2017-Injection">OWASP Top 10 2017 Category A1</a> - Injection </li>
-  <li> <a href="https://owasp.org/www-community/attacks/Regular_expression_Denial_of_Service_-_ReDoS">MITRE, CWE-624</a> - Executable Regular
-  Expression Error </li>
-  <li> OWASP Regular expression Denial of Service - ReDoS </li>
-</ul>
-
diff --git a/analyzers/rspec/cs/S4784.json b/analyzers/rspec/cs/S4784.json
deleted file mode 100644
index 30dd19f4504..00000000000
--- a/analyzers/rspec/cs/S4784.json
+++ /dev/null
@@ -1,10 +0,0 @@
-{
-  "title": "Using regular expressions is security-sensitive",
-  "type": "SECURITY_HOTSPOT",
-  "status": "deprecated",
-  "tags": [],
-  "defaultSeverity": "Critical",
-  "ruleSpecification": "RSPEC-4784",
-  "sqKey": "S4784",
-  "scope": "Main"
-}
diff --git a/analyzers/rspec/vbnet/S4784.html b/analyzers/rspec/vbnet/S4784.html
deleted file mode 100644
index a67b5c18960..00000000000
--- a/analyzers/rspec/vbnet/S4784.html
+++ /dev/null
@@ -1,85 +0,0 @@
-<p>Using regular expressions is security-sensitive. It has led in the past to the following vulnerabilities:</p>
-<ul>
-  <li> <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16021">CVE-2017-16021</a> </li>
-  <li> <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13863">CVE-2018-13863</a> </li>
-</ul>
-<p>Evaluating regular expressions against input strings is potentially an extremely CPU-intensive task. Specially crafted regular expressions such as
-<code>(a+)+s</code> will take several seconds to evaluate the input string <code>aaaaaaaaaaaaaaaaaaaaaaaaaaaaabs</code>. The problem is that with
-every additional <code>a</code> character added to the input, the time required to evaluate the regex doubles. However, the equivalent regular
-expression, <code>a+s</code> (without grouping) is efficiently evaluated in milliseconds and scales linearly with the input size.</p>
-<p>Evaluating such regular expressions opens the door to <a
-href="https://owasp.org/www-community/attacks/Regular_expression_Denial_of_Service_-_ReDoS">Regular expression Denial of Service (ReDoS)</a> attacks.
-In the context of a web application, attackers can force the web server to spend all of its resources evaluating regular expressions thereby making
-the service inaccessible to genuine users.</p>
-<p>This rule flags any execution of a hardcoded regular expression which has at least 3 characters and at least two instances of any of the following
-characters: <code>*+{</code>.</p>
-<p>Example: <code>(a+)*</code></p>
-<h2>Ask Yourself Whether</h2>
-<ul>
-  <li> the executed regular expression is sensitive and a user can provide a string which will be analyzed by this regular expression. </li>
-  <li> your regular expression engine performance decrease with specially crafted inputs and regular expressions. </li>
-</ul>
-<p>There is a risk if you answered yes to any of those questions.</p>
-<h2>Recommended Secure Coding Practices</h2>
-<p>Check whether your regular expression engine (the algorithm executing your regular expression) has any known vulnerabilities. Search for
-vulnerability reports mentioning the one engine you’re are using.</p>
-<p>If the regular expression is vulnerable to ReDos attacks, mitigate the risk by using a "match timeout" to limit the time spent running the regular
-expression.</p>
-<p>Remember also that a ReDos attack is possible if a user-provided regular expression is executed. This rule won’t detect this kind of injection.</p>
-<h2>Sensitive Code Example</h2>
-<pre>
-Imports System
-Imports System.Collections.Generic
-Imports System.Linq
-Imports System.Runtime.Serialization
-Imports System.Text.RegularExpressions
-Imports System.Web
-
-Namespace N
-    Public Class RegularExpression
-        Private Sub Foo(ByVal pattern As String, ByVal options As RegexOptions, ByVal matchTimeout As TimeSpan,
-                        ByVal input As String, ByVal replacement As String, ByVal evaluator As MatchEvaluator)
-            ' All the following instantiations are Sensitive. Validate the regular expression and matched input.
-            Dim r As Regex = New System.Text.RegularExpressions.Regex("(a+)+b")
-            r = New System.Text.RegularExpressions.Regex("(a+)+b", options)
-            r = New System.Text.RegularExpressions.Regex("(a+)+b", options, matchTimeout)
-
-            ' All the following static methods are Sensitive.
-            System.Text.RegularExpressions.Regex.IsMatch(input, "(a+)+b")
-            System.Text.RegularExpressions.Regex.IsMatch(input, "(a+)+b", options)
-            System.Text.RegularExpressions.Regex.IsMatch(input, "(a+)+b", options, matchTimeout)
-
-            System.Text.RegularExpressions.Regex.Match(input, "(a+)+b")
-            System.Text.RegularExpressions.Regex.Match(input, "(a+)+b", options)
-            System.Text.RegularExpressions.Regex.Match(input, "(a+)+b", options, matchTimeout)
-
-            System.Text.RegularExpressions.Regex.Matches(input, "(a+)+b")
-            System.Text.RegularExpressions.Regex.Matches(input, "(a+)+b", options)
-            System.Text.RegularExpressions.Regex.Matches(input, "(a+)+b", options, matchTimeout)
-
-            System.Text.RegularExpressions.Regex.Replace(input, "(a+)+b", evaluator)
-            System.Text.RegularExpressions.Regex.Replace(input, "(a+)+b", evaluator, options)
-            System.Text.RegularExpressions.Regex.Replace(input, "(a+)+b", evaluator, options, matchTimeout)
-            System.Text.RegularExpressions.Regex.Replace(input, "(a+)+b", replacement)
-            System.Text.RegularExpressions.Regex.Replace(input, "(a+)+b", replacement, options)
-            System.Text.RegularExpressions.Regex.Replace(input, "(a+)+b", replacement, options, matchTimeout)
-
-            System.Text.RegularExpressions.Regex.Split(input, "(a+)+b")
-            System.Text.RegularExpressions.Regex.Split(input, "(a+)+b", options)
-            System.Text.RegularExpressions.Regex.Split(input, "(a+)+b", options, matchTimeout)
-        End Sub
-    End Class
-End Namespace
-</pre>
-<h2>Exceptions</h2>
-<p>Some corner-case regular expressions will not raise an issue even though they might be vulnerable. For example: <code>(a|aa)+</code>,
-<code>(a|a?)+</code>.</p>
-<p>It is a good idea to test your regular expression if it has the same pattern on both side of a "<code>|</code>".</p>
-<h2>See</h2>
-<ul>
-  <li> <a href="https://owasp.org/www-project-top-ten/2017/A1_2017-Injection">OWASP Top 10 2017 Category A1</a> - Injection </li>
-  <li> <a href="https://owasp.org/www-community/attacks/Regular_expression_Denial_of_Service_-_ReDoS">MITRE, CWE-624</a> - Executable Regular
-  Expression Error </li>
-  <li> OWASP Regular expression Denial of Service - ReDoS </li>
-</ul>
-
diff --git a/analyzers/rspec/vbnet/S4784.json b/analyzers/rspec/vbnet/S4784.json
deleted file mode 100644
index 8e9f094db8f..00000000000
--- a/analyzers/rspec/vbnet/S4784.json
+++ /dev/null
@@ -1,10 +0,0 @@
-{
-  "title": "Using regular expressions is security-sensitive",
-  "type": "SECURITY_HOTSPOT",
-  "status": "ready",
-  "tags": [],
-  "defaultSeverity": "Critical",
-  "ruleSpecification": "RSPEC-4784",
-  "sqKey": "S4784",
-  "scope": "Main"
-}

From bdc0755a095ce01bf8c48ce4c826fbd6d8e5853a Mon Sep 17 00:00:00 2001
From: mary-georgiou-sonarsource <mary.georgiou@sonarsource.com>
Date: Fri, 22 Sep 2023 16:51:11 +0200
Subject: [PATCH 4/5] remove deleted rule reference in the code

---
 .../tests/SonarAnalyzer.UnitTest/Common/SecurityHotspotTest.cs   | 1 -
 1 file changed, 1 deletion(-)

diff --git a/analyzers/tests/SonarAnalyzer.UnitTest/Common/SecurityHotspotTest.cs b/analyzers/tests/SonarAnalyzer.UnitTest/Common/SecurityHotspotTest.cs
index c593475040d..12d56c86756 100644
--- a/analyzers/tests/SonarAnalyzer.UnitTest/Common/SecurityHotspotTest.cs
+++ b/analyzers/tests/SonarAnalyzer.UnitTest/Common/SecurityHotspotTest.cs
@@ -106,7 +106,6 @@ private static IEnumerable<MetadataReference> GetAdditionalReferences(string ana
                 nameof(DoNotUseRandom) => MetadataReferenceFacade.SystemSecurityCryptography,
                 nameof(ExpandingArchives) => ExpandingArchivesTest.AdditionalReferences,
                 nameof(RequestsWithExcessiveLength) => RequestsWithExcessiveLengthTest.GetAdditionalReferences(),
-                nameof(UsingRegularExpressions) => MetadataReferenceFacade.RegularExpressions,
                 nameof(SpecifyTimeoutOnRegex) => MetadataReferenceFacade.RegularExpressions
                     .Concat(NuGetMetadataReference.SystemComponentModelAnnotations()),
 

From d1278bed3ae96aef12af8e47effac65a992274e0 Mon Sep 17 00:00:00 2001
From: mary-georgiou-sonarsource <mary.georgiou@sonarsource.com>
Date: Fri, 22 Sep 2023 16:57:41 +0200
Subject: [PATCH 5/5] update ITs

---
 .../Automapper/AutoMapper--net461-S4784.json  |  30 -
 .../AutoMapper--netstandard2.0-S4784.json     |  30 -
 ...AB-AF12-4012-B945-284C2448DC81}-S4784.json | 277 ---------
 ...5E-C6AE-4D2D-A9DD-B6EFD19A4279}-S4784.json |  95 ---
 ...3A-D04F-4262-923D-21AEDF86E2B7}-S4784.json |  17 -
 ...0E-DD76-4F4D-8250-8598140F828B}-S4784.json | 563 ------------------
 ...31-1F7B-4637-9B3A-806988DE50CF}-S4784.json | 173 ------
 .../expected/Nancy/Nancy--net452-S4784.json   | 147 -----
 .../Nancy/Nancy--netstandard2.0-S4784.json    | 147 -----
 .../akka.net/Akka--netstandard2.0-S4784.json  |  30 -
 ...Cluster.TestKit--netstandard2.0-S4784.json |  30 -
 ...a.Cluster.Tools--netstandard2.0-S4784.json |  17 -
 .../Akka.Discovery--netstandard2.0-S4784.json |  30 -
 ...stRunner.Shared--netstandard2.0-S4784.json |  56 --
 ...kka.Persistence--netstandard2.0-S4784.json |  17 -
 15 files changed, 1659 deletions(-)
 delete mode 100644 analyzers/its/expected/Automapper/AutoMapper--net461-S4784.json
 delete mode 100644 analyzers/its/expected/Automapper/AutoMapper--netstandard2.0-S4784.json
 delete mode 100644 analyzers/its/expected/Ember-MM/Ember Media Manager-{9B57D3AB-AF12-4012-B945-284C2448DC81}-S4784.json
 delete mode 100644 analyzers/its/expected/Ember-MM/EmberAPI-{208AA35E-C6AE-4D2D-A9DD-B6EFD19A4279}-S4784.json
 delete mode 100644 analyzers/its/expected/Ember-MM/generic.EmberCore.NMT-{84B2143A-D04F-4262-923D-21AEDF86E2B7}-S4784.json
 delete mode 100644 analyzers/its/expected/Ember-MM/scraper.EmberCore-{EF6A550E-DD76-4F4D-8250-8598140F828B}-S4784.json
 delete mode 100644 analyzers/its/expected/Ember-MM/scraper.EmberCore.XML-{E567C031-1F7B-4637-9B3A-806988DE50CF}-S4784.json
 delete mode 100644 analyzers/its/expected/Nancy/Nancy--net452-S4784.json
 delete mode 100644 analyzers/its/expected/Nancy/Nancy--netstandard2.0-S4784.json
 delete mode 100644 analyzers/its/expected/akka.net/Akka--netstandard2.0-S4784.json
 delete mode 100644 analyzers/its/expected/akka.net/Akka.Cluster.TestKit--netstandard2.0-S4784.json
 delete mode 100644 analyzers/its/expected/akka.net/Akka.Cluster.Tools--netstandard2.0-S4784.json
 delete mode 100644 analyzers/its/expected/akka.net/Akka.Discovery--netstandard2.0-S4784.json
 delete mode 100644 analyzers/its/expected/akka.net/Akka.MultiNodeTestRunner.Shared--netstandard2.0-S4784.json
 delete mode 100644 analyzers/its/expected/akka.net/Akka.Persistence--netstandard2.0-S4784.json

diff --git a/analyzers/its/expected/Automapper/AutoMapper--net461-S4784.json b/analyzers/its/expected/Automapper/AutoMapper--net461-S4784.json
deleted file mode 100644
index cec13d57dc2..00000000000
--- a/analyzers/its/expected/Automapper/AutoMapper--net461-S4784.json
+++ /dev/null
@@ -1,30 +0,0 @@
-{
-"issues":  [
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/AutoMapper/src/AutoMapper/Configuration/INamingConvention.cs#L25",
-"region":  {
-"startLine":  25,
-"startColumn":  52,
-"endLine":  25,
-"endColumn":  118
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/AutoMapper/src/AutoMapper/Configuration/INamingConvention.cs#L33",
-"region":  {
-"startLine":  33,
-"startColumn":  57,
-"endLine":  33,
-"endColumn":  95
-}
-}
-}
-]
-}
diff --git a/analyzers/its/expected/Automapper/AutoMapper--netstandard2.0-S4784.json b/analyzers/its/expected/Automapper/AutoMapper--netstandard2.0-S4784.json
deleted file mode 100644
index cec13d57dc2..00000000000
--- a/analyzers/its/expected/Automapper/AutoMapper--netstandard2.0-S4784.json
+++ /dev/null
@@ -1,30 +0,0 @@
-{
-"issues":  [
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/AutoMapper/src/AutoMapper/Configuration/INamingConvention.cs#L25",
-"region":  {
-"startLine":  25,
-"startColumn":  52,
-"endLine":  25,
-"endColumn":  118
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/AutoMapper/src/AutoMapper/Configuration/INamingConvention.cs#L33",
-"region":  {
-"startLine":  33,
-"startColumn":  57,
-"endLine":  33,
-"endColumn":  95
-}
-}
-}
-]
-}
diff --git a/analyzers/its/expected/Ember-MM/Ember Media Manager-{9B57D3AB-AF12-4012-B945-284C2448DC81}-S4784.json b/analyzers/its/expected/Ember-MM/Ember Media Manager-{9B57D3AB-AF12-4012-B945-284C2448DC81}-S4784.json
deleted file mode 100644
index 9e4b2d80f01..00000000000
--- a/analyzers/its/expected/Ember-MM/Ember Media Manager-{9B57D3AB-AF12-4012-B945-284C2448DC81}-S4784.json	
+++ /dev/null
@@ -1,277 +0,0 @@
-{
-"issues":  [
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Ember%20Media%20Manager/clsTheming.vb#L161",
-"region":  {
-"startLine":  161,
-"startColumn":  16,
-"endLine":  161,
-"endColumn":  68
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Ember%20Media%20Manager/clsTheming.vb#L303",
-"region":  {
-"startLine":  303,
-"startColumn":  39,
-"endLine":  303,
-"endColumn":  127
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Ember%20Media%20Manager/dlgManualEdit.vb#L154",
-"region":  {
-"startLine":  154,
-"startColumn":  28,
-"endLine":  154,
-"endColumn":  106
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Ember%20Media%20Manager/dlgManualEdit.vb#L155",
-"region":  {
-"startLine":  155,
-"startColumn":  31,
-"endLine":  155,
-"endColumn":  106
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Ember%20Media%20Manager/dlgManualEdit.vb#L160",
-"region":  {
-"startLine":  160,
-"startColumn":  32,
-"endLine":  160,
-"endColumn":  124
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Ember%20Media%20Manager/dlgManualEdit.vb#L161",
-"region":  {
-"startLine":  161,
-"startColumn":  35,
-"endLine":  161,
-"endColumn":  117
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Ember%20Media%20Manager/dlgManualEdit.vb#L178",
-"region":  {
-"startLine":  178,
-"startColumn":  28,
-"endLine":  178,
-"endColumn":  83
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Ember%20Media%20Manager/dlgManualEdit.vb#L179",
-"region":  {
-"startLine":  179,
-"startColumn":  31,
-"endLine":  179,
-"endColumn":  82
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Ember%20Media%20Manager/dlgManualEdit.vb#L186",
-"region":  {
-"startLine":  186,
-"startColumn":  25,
-"endLine":  186,
-"endColumn":  83
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Ember%20Media%20Manager/dlgManualEdit.vb#L188",
-"region":  {
-"startLine":  188,
-"startColumn":  32,
-"endLine":  188,
-"endColumn":  111
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Ember%20Media%20Manager/dlgManualEdit.vb#L190",
-"region":  {
-"startLine":  190,
-"startColumn":  35,
-"endLine":  190,
-"endColumn":  105
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Ember%20Media%20Manager/dlgManualEdit.vb#L197",
-"region":  {
-"startLine":  197,
-"startColumn":  29,
-"endLine":  197,
-"endColumn":  71
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Ember%20Media%20Manager/dlgManualEdit.vb#L200",
-"region":  {
-"startLine":  200,
-"startColumn":  36,
-"endLine":  200,
-"endColumn":  89
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Ember%20Media%20Manager/dlgManualEdit.vb#L201",
-"region":  {
-"startLine":  201,
-"startColumn":  39,
-"endLine":  201,
-"endColumn":  89
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Ember%20Media%20Manager/dlgManualEdit.vb#L211",
-"region":  {
-"startLine":  211,
-"startColumn":  33,
-"endLine":  211,
-"endColumn":  73
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Ember%20Media%20Manager/dlgManualEdit.vb#L213",
-"region":  {
-"startLine":  213,
-"startColumn":  40,
-"endLine":  213,
-"endColumn":  90
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Ember%20Media%20Manager/dlgManualEdit.vb#L214",
-"region":  {
-"startLine":  214,
-"startColumn":  43,
-"endLine":  214,
-"endColumn":  91
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Ember%20Media%20Manager/dlgManualEdit.vb#L225",
-"region":  {
-"startLine":  225,
-"startColumn":  44,
-"endLine":  225,
-"endColumn":  90
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Ember%20Media%20Manager/dlgManualEdit.vb#L227",
-"region":  {
-"startLine":  227,
-"startColumn":  47,
-"endLine":  227,
-"endColumn":  94
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Ember%20Media%20Manager/dlgManualEdit.vb#L278",
-"region":  {
-"startLine":  278,
-"startColumn":  26,
-"endLine":  278,
-"endColumn":  80
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Ember%20Media%20Manager/dlgManualEdit.vb#L279",
-"region":  {
-"startLine":  279,
-"startColumn":  26,
-"endLine":  279,
-"endColumn":  80
-}
-}
-}
-]
-}
diff --git a/analyzers/its/expected/Ember-MM/EmberAPI-{208AA35E-C6AE-4D2D-A9DD-B6EFD19A4279}-S4784.json b/analyzers/its/expected/Ember-MM/EmberAPI-{208AA35E-C6AE-4D2D-A9DD-B6EFD19A4279}-S4784.json
deleted file mode 100644
index 0ee3904b8e9..00000000000
--- a/analyzers/its/expected/Ember-MM/EmberAPI-{208AA35E-C6AE-4D2D-A9DD-B6EFD19A4279}-S4784.json
+++ /dev/null
@@ -1,95 +0,0 @@
-{
-"issues":  [
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/EmberAPI/clsAPIMediaInfo.vb#L393",
-"region":  {
-"startLine":  393,
-"startColumn":  42,
-"endLine":  393,
-"endColumn":  110
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/EmberAPI/clsAPIMediaInfo.vb#L527",
-"region":  {
-"startLine":  527,
-"startColumn":  34,
-"endLine":  527,
-"endColumn":  98
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/EmberAPI/clsAPINFO.vb#L441",
-"region":  {
-"startLine":  441,
-"startColumn":  55,
-"endLine":  441,
-"endColumn":  211
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/EmberAPI/clsAPINFO.vb#L616",
-"region":  {
-"startLine":  616,
-"startColumn":  59,
-"endLine":  616,
-"endColumn":  215
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/EmberAPI/clsAPIStringUtils.vb#L308",
-"region":  {
-"startLine":  308,
-"startColumn":  169,
-"endLine":  308,
-"endColumn":  236
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/EmberAPI/clsAPIStringUtils.vb#L317",
-"region":  {
-"startLine":  317,
-"startColumn":  16,
-"endLine":  317,
-"endColumn":  119
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/EmberAPI/clsAPIStringUtils.vb#L349",
-"region":  {
-"startLine":  349,
-"startColumn":  12,
-"endLine":  349,
-"endColumn":  78
-}
-}
-}
-]
-}
diff --git a/analyzers/its/expected/Ember-MM/generic.EmberCore.NMT-{84B2143A-D04F-4262-923D-21AEDF86E2B7}-S4784.json b/analyzers/its/expected/Ember-MM/generic.EmberCore.NMT-{84B2143A-D04F-4262-923D-21AEDF86E2B7}-S4784.json
deleted file mode 100644
index 13d9edba457..00000000000
--- a/analyzers/its/expected/Ember-MM/generic.EmberCore.NMT-{84B2143A-D04F-4262-923D-21AEDF86E2B7}-S4784.json
+++ /dev/null
@@ -1,17 +0,0 @@
-{
-"issues":  [
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/generic.EmberCore.NMT/dlgNMTMovies.vb#L280",
-"region":  {
-"startLine":  280,
-"startColumn":  46,
-"endLine":  280,
-"endColumn":  110
-}
-}
-}
-]
-}
diff --git a/analyzers/its/expected/Ember-MM/scraper.EmberCore-{EF6A550E-DD76-4F4D-8250-8598140F828B}-S4784.json b/analyzers/its/expected/Ember-MM/scraper.EmberCore-{EF6A550E-DD76-4F4D-8250-8598140F828B}-S4784.json
deleted file mode 100644
index 27c37374f59..00000000000
--- a/analyzers/its/expected/Ember-MM/scraper.EmberCore-{EF6A550E-DD76-4F4D-8250-8598140F828B}-S4784.json
+++ /dev/null
@@ -1,563 +0,0 @@
-{
-"issues":  [
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/clsScrapeIMDB.vb#L175",
-"region":  {
-"startLine":  175,
-"startColumn":  85,
-"endLine":  175,
-"endColumn":  133
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/clsScrapeIMDB.vb#L200",
-"region":  {
-"startLine":  200,
-"startColumn":  56,
-"endLine":  200,
-"endColumn":  130
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/clsScrapeIMDB.vb#L222",
-"region":  {
-"startLine":  222,
-"startColumn":  56,
-"endLine":  222,
-"endColumn":  111
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/clsScrapeIMDB.vb#L248",
-"region":  {
-"startLine":  248,
-"startColumn":  46,
-"endLine":  248,
-"endColumn":  87
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/clsScrapeIMDB.vb#L312",
-"region":  {
-"startLine":  312,
-"startColumn":  52,
-"endLine":  312,
-"endColumn":  90
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/clsScrapeIMDB.vb#L315",
-"region":  {
-"startLine":  315,
-"startColumn":  42,
-"endLine":  315,
-"endColumn":  115
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/clsScrapeIMDB.vb#L316",
-"region":  {
-"startLine":  316,
-"startColumn":  42,
-"endLine":  316,
-"endColumn":  79
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/clsScrapeIMDB.vb#L317",
-"region":  {
-"startLine":  317,
-"startColumn":  42,
-"endLine":  317,
-"endColumn":  114
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/clsScrapeIMDB.vb#L331",
-"region":  {
-"startLine":  331,
-"startColumn":  53,
-"endLine":  331,
-"endColumn":  89
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/clsScrapeIMDB.vb#L367",
-"region":  {
-"startLine":  367,
-"startColumn":  55,
-"endLine":  367,
-"endColumn":  108
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/clsScrapeIMDB.vb#L387",
-"region":  {
-"startLine":  387,
-"startColumn":  55,
-"endLine":  387,
-"endColumn":  108
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/clsScrapeIMDB.vb#L411",
-"region":  {
-"startLine":  411,
-"startColumn":  66,
-"endLine":  411,
-"endColumn":  119
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/clsScrapeIMDB.vb#L461",
-"region":  {
-"startLine":  461,
-"startColumn":  61,
-"endLine":  461,
-"endColumn":  103
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/clsScrapeIMDB.vb#L464",
-"region":  {
-"startLine":  464,
-"startColumn":  53,
-"endLine":  464,
-"endColumn":  107
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/clsScrapeIMDB.vb#L487",
-"region":  {
-"startLine":  487,
-"startColumn":  57,
-"endLine":  487,
-"endColumn":  96
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/clsScrapeIMDB.vb#L503",
-"region":  {
-"startLine":  503,
-"startColumn":  89,
-"endLine":  503,
-"endColumn":  141
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/clsScrapeIMDB.vb#L513",
-"region":  {
-"startLine":  513,
-"startColumn":  49,
-"endLine":  513,
-"endColumn":  102
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/clsScrapeIMDB.vb#L522",
-"region":  {
-"startLine":  522,
-"startColumn":  75,
-"endLine":  522,
-"endColumn":  126
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/clsScrapeIMDB.vb#L535",
-"region":  {
-"startLine":  535,
-"startColumn":  43,
-"endLine":  535,
-"endColumn":  96
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/clsScrapeIMDB.vb#L557",
-"region":  {
-"startLine":  557,
-"startColumn":  58,
-"endLine":  557,
-"endColumn":  112
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/clsScrapeIMDB.vb#L567",
-"region":  {
-"startLine":  567,
-"startColumn":  42,
-"endLine":  567,
-"endColumn":  82
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/clsScrapeIMDB.vb#L579",
-"region":  {
-"startLine":  579,
-"startColumn":  42,
-"endLine":  579,
-"endColumn":  80
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/clsScrapeIMDB.vb#L598",
-"region":  {
-"startLine":  598,
-"startColumn":  49,
-"endLine":  598,
-"endColumn":  102
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/clsScrapeIMDB.vb#L626",
-"region":  {
-"startLine":  626,
-"startColumn":  37,
-"endLine":  626,
-"endColumn":  90
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/clsScrapeIMDB.vb#L856",
-"region":  {
-"startLine":  856,
-"startColumn":  57,
-"endLine":  856,
-"endColumn":  139
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/clsScrapeIMDB.vb#L865",
-"region":  {
-"startLine":  865,
-"startColumn":  39,
-"endLine":  865,
-"endColumn":  91
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/clsScrapeIMDB.vb#L867",
-"region":  {
-"startLine":  867,
-"startColumn":  44,
-"endLine":  867,
-"endColumn":  79
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/clsScrapeIMDB.vb#L879",
-"region":  {
-"startLine":  879,
-"startColumn":  25,
-"endLine":  879,
-"endColumn":  78
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/clsScrapeIMDB.vb#L880",
-"region":  {
-"startLine":  880,
-"startColumn":  44,
-"endLine":  880,
-"endColumn":  79
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/clsScrapeIMDB.vb#L893",
-"region":  {
-"startLine":  893,
-"startColumn":  25,
-"endLine":  893,
-"endColumn":  77
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/clsScrapeIMDB.vb#L895",
-"region":  {
-"startLine":  895,
-"startColumn":  43,
-"endLine":  895,
-"endColumn":  78
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/clsScrapeIMDB.vb#L913",
-"region":  {
-"startLine":  913,
-"startColumn":  25,
-"endLine":  913,
-"endColumn":  78
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/clsScrapeIMDB.vb#L915",
-"region":  {
-"startLine":  915,
-"startColumn":  42,
-"endLine":  915,
-"endColumn":  77
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/clsScrapeIMPA.vb#L85",
-"region":  {
-"startLine":  85,
-"startColumn":  55,
-"endLine":  85,
-"endColumn":  135
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/clsScrapeIMPA.vb#L135",
-"region":  {
-"startLine":  135,
-"startColumn":  49,
-"endLine":  135,
-"endColumn":  109
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/clsScrapeMPDB.vb#L87",
-"region":  {
-"startLine":  87,
-"startColumn":  55,
-"endLine":  87,
-"endColumn":  167
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/clsScrapeOFDB.vb#L200",
-"region":  {
-"startLine":  200,
-"startColumn":  66,
-"endLine":  200,
-"endColumn":  160
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/clsScrapeTrailers.vb#L101",
-"region":  {
-"startLine":  101,
-"startColumn":  24,
-"endLine":  101,
-"endColumn":  117
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/clsScrapeYouTube.vb#L126",
-"region":  {
-"startLine":  126,
-"startColumn":  16,
-"endLine":  126,
-"endColumn":  47
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/clsScrapeYouTube.vb#L127",
-"region":  {
-"startLine":  127,
-"startColumn":  26,
-"endLine":  127,
-"endColumn":  55
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/clsScrapeYouTube.vb#L149",
-"region":  {
-"startLine":  149,
-"startColumn":  30,
-"endLine":  149,
-"endColumn":  74
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/dlgTrailer.vb#L111",
-"region":  {
-"startLine":  111,
-"startColumn":  16,
-"endLine":  111,
-"endColumn":  95
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore/Scraper/dlgTrailer.vb#L130",
-"region":  {
-"startLine":  130,
-"startColumn":  16,
-"endLine":  130,
-"endColumn":  112
-}
-}
-}
-]
-}
diff --git a/analyzers/its/expected/Ember-MM/scraper.EmberCore.XML-{E567C031-1F7B-4637-9B3A-806988DE50CF}-S4784.json b/analyzers/its/expected/Ember-MM/scraper.EmberCore.XML-{E567C031-1F7B-4637-9B3A-806988DE50CF}-S4784.json
deleted file mode 100644
index 97c1d2a945d..00000000000
--- a/analyzers/its/expected/Ember-MM/scraper.EmberCore.XML-{E567C031-1F7B-4637-9B3A-806988DE50CF}-S4784.json
+++ /dev/null
@@ -1,173 +0,0 @@
-{
-"issues":  [
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore.XML/XMLScraper/ScraperLib/Scraper.vb#L283",
-"region":  {
-"startLine":  283,
-"startColumn":  42,
-"endLine":  283,
-"endColumn":  112
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore.XML/XMLScraper/ScraperLib/ScraperFunction.vb#L338",
-"region":  {
-"startLine":  338,
-"startColumn":  36,
-"endLine":  338,
-"endColumn":  76
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore.XML/XMLScraper/ScraperLib/ScraperFunction.vb#L347",
-"region":  {
-"startLine":  347,
-"startColumn":  36,
-"endLine":  347,
-"endColumn":  76
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore.XML/XMLScraper/ScraperLib/ScraperFunction.vb#L358",
-"region":  {
-"startLine":  358,
-"startColumn":  40,
-"endLine":  358,
-"endColumn":  84
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore.XML/XMLScraper/ScraperLib/ScraperFunction.vb#L366",
-"region":  {
-"startLine":  366,
-"startColumn":  40,
-"endLine":  366,
-"endColumn":  88
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore.XML/XMLScraper/ScraperLib/ScraperFunction.vb#L375",
-"region":  {
-"startLine":  375,
-"startColumn":  36,
-"endLine":  375,
-"endColumn":  94
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore.XML/XMLScraper/ScraperLib/ScraperRegExp.vb#L453",
-"region":  {
-"startLine":  453,
-"startColumn":  30,
-"endLine":  453,
-"endColumn":  61
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore.XML/XMLScraper/ScraperLib/ScraperRegExp.vb#L500",
-"region":  {
-"startLine":  500,
-"startColumn":  39,
-"endLine":  500,
-"endColumn":  90
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore.XML/XMLScraper/ScraperLib/ScraperRegExp.vb#L501",
-"region":  {
-"startLine":  501,
-"startColumn":  39,
-"endLine":  501,
-"endColumn":  88
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore.XML/XMLScraper/ScraperLib/ScraperRegExp.vb#L546",
-"region":  {
-"startLine":  546,
-"startColumn":  39,
-"endLine":  546,
-"endColumn":  90
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore.XML/XMLScraper/ScraperLib/ScraperRegExp.vb#L547",
-"region":  {
-"startLine":  547,
-"startColumn":  39,
-"endLine":  547,
-"endColumn":  88
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore.XML/XMLScraper/Utilities/Util.vb#L167",
-"region":  {
-"startLine":  167,
-"startColumn":  40,
-"endLine":  167,
-"endColumn":  80
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Ember-MM/Addons/scraper.EmberCore.XML/XMLScraper/Utilities/Util.vb#L208",
-"region":  {
-"startLine":  208,
-"startColumn":  40,
-"endLine":  208,
-"endColumn":  80
-}
-}
-}
-]
-}
diff --git a/analyzers/its/expected/Nancy/Nancy--net452-S4784.json b/analyzers/its/expected/Nancy/Nancy--net452-S4784.json
deleted file mode 100644
index c32571816a3..00000000000
--- a/analyzers/its/expected/Nancy/Nancy--net452-S4784.json
+++ /dev/null
@@ -1,147 +0,0 @@
-{
-"issues":  [
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Nancy/src/Nancy/Extensions/StringExtensions.cs#L23",
-"region":  {
-"startLine":  23,
-"startColumn":  13,
-"endLine":  23,
-"endColumn":  107
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Nancy/src/Nancy/HttpMultipartBoundary.cs#L67",
-"region":  {
-"startLine":  67,
-"startColumn":  37,
-"endLine":  67,
-"endColumn":  122
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Nancy/src/Nancy/Routing/Trie/Nodes/CaptureNodeWithMultipleParameters.cs#L19",
-"region":  {
-"startLine":  19,
-"startColumn":  52,
-"endLine":  19,
-"endColumn":  101
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Nancy/src/Nancy/ViewEngines/SuperSimpleViewEngine/SuperSimpleViewEngine.cs#L23",
-"region":  {
-"startLine":  23,
-"startColumn":  67,
-"endLine":  23,
-"endColumn":  166
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Nancy/src/Nancy/ViewEngines/SuperSimpleViewEngine/SuperSimpleViewEngine.cs#L28",
-"region":  {
-"startLine":  28,
-"startColumn":  66,
-"endLine":  28,
-"endColumn":  163
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Nancy/src/Nancy/ViewEngines/SuperSimpleViewEngine/SuperSimpleViewEngine.cs#L33",
-"region":  {
-"startLine":  33,
-"startColumn":  67,
-"endLine":  33,
-"endColumn":  166
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Nancy/src/Nancy/ViewEngines/SuperSimpleViewEngine/SuperSimpleViewEngine.cs#L38",
-"region":  {
-"startLine":  38,
-"startColumn":  63,
-"endLine":  38,
-"endColumn":  237
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Nancy/src/Nancy/ViewEngines/SuperSimpleViewEngine/SuperSimpleViewEngine.cs#L43",
-"region":  {
-"startLine":  43,
-"startColumn":  67,
-"endLine":  43,
-"endColumn":  166
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Nancy/src/Nancy/ViewEngines/SuperSimpleViewEngine/SuperSimpleViewEngine.cs#L63",
-"region":  {
-"startLine":  63,
-"startColumn":  66,
-"endLine":  63,
-"endColumn":  214
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Nancy/src/Nancy/ViewEngines/SuperSimpleViewEngine/SuperSimpleViewEngine.cs#L73",
-"region":  {
-"startLine":  73,
-"startColumn":  62,
-"endLine":  73,
-"endColumn":  202
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Nancy/src/Nancy/ViewEngines/SuperSimpleViewEngine/SuperSimpleViewEngine.cs#L88",
-"region":  {
-"startLine":  88,
-"startColumn":  74,
-"endLine":  88,
-"endColumn":  172
-}
-}
-}
-]
-}
diff --git a/analyzers/its/expected/Nancy/Nancy--netstandard2.0-S4784.json b/analyzers/its/expected/Nancy/Nancy--netstandard2.0-S4784.json
deleted file mode 100644
index c32571816a3..00000000000
--- a/analyzers/its/expected/Nancy/Nancy--netstandard2.0-S4784.json
+++ /dev/null
@@ -1,147 +0,0 @@
-{
-"issues":  [
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Nancy/src/Nancy/Extensions/StringExtensions.cs#L23",
-"region":  {
-"startLine":  23,
-"startColumn":  13,
-"endLine":  23,
-"endColumn":  107
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Nancy/src/Nancy/HttpMultipartBoundary.cs#L67",
-"region":  {
-"startLine":  67,
-"startColumn":  37,
-"endLine":  67,
-"endColumn":  122
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Nancy/src/Nancy/Routing/Trie/Nodes/CaptureNodeWithMultipleParameters.cs#L19",
-"region":  {
-"startLine":  19,
-"startColumn":  52,
-"endLine":  19,
-"endColumn":  101
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Nancy/src/Nancy/ViewEngines/SuperSimpleViewEngine/SuperSimpleViewEngine.cs#L23",
-"region":  {
-"startLine":  23,
-"startColumn":  67,
-"endLine":  23,
-"endColumn":  166
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Nancy/src/Nancy/ViewEngines/SuperSimpleViewEngine/SuperSimpleViewEngine.cs#L28",
-"region":  {
-"startLine":  28,
-"startColumn":  66,
-"endLine":  28,
-"endColumn":  163
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Nancy/src/Nancy/ViewEngines/SuperSimpleViewEngine/SuperSimpleViewEngine.cs#L33",
-"region":  {
-"startLine":  33,
-"startColumn":  67,
-"endLine":  33,
-"endColumn":  166
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Nancy/src/Nancy/ViewEngines/SuperSimpleViewEngine/SuperSimpleViewEngine.cs#L38",
-"region":  {
-"startLine":  38,
-"startColumn":  63,
-"endLine":  38,
-"endColumn":  237
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Nancy/src/Nancy/ViewEngines/SuperSimpleViewEngine/SuperSimpleViewEngine.cs#L43",
-"region":  {
-"startLine":  43,
-"startColumn":  67,
-"endLine":  43,
-"endColumn":  166
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Nancy/src/Nancy/ViewEngines/SuperSimpleViewEngine/SuperSimpleViewEngine.cs#L63",
-"region":  {
-"startLine":  63,
-"startColumn":  66,
-"endLine":  63,
-"endColumn":  214
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Nancy/src/Nancy/ViewEngines/SuperSimpleViewEngine/SuperSimpleViewEngine.cs#L73",
-"region":  {
-"startLine":  73,
-"startColumn":  62,
-"endLine":  73,
-"endColumn":  202
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/Nancy/src/Nancy/ViewEngines/SuperSimpleViewEngine/SuperSimpleViewEngine.cs#L88",
-"region":  {
-"startLine":  88,
-"startColumn":  74,
-"endLine":  88,
-"endColumn":  172
-}
-}
-}
-]
-}
diff --git a/analyzers/its/expected/akka.net/Akka--netstandard2.0-S4784.json b/analyzers/its/expected/akka.net/Akka--netstandard2.0-S4784.json
deleted file mode 100644
index 782912230a8..00000000000
--- a/analyzers/its/expected/akka.net/Akka--netstandard2.0-S4784.json
+++ /dev/null
@@ -1,30 +0,0 @@
-{
-"issues":  [
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/akka.net/src/core/Akka/Configuration/Hocon/HoconValue.cs#L24",
-"region":  {
-"startLine":  24,
-"startColumn":  55,
-"endLine":  24,
-"endColumn":  313
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/akka.net/src/core/Akka/Util/TypeExtensions.cs#L47-L49",
-"region":  {
-"startLine":  47,
-"startColumn":  67,
-"endLine":  49,
-"endColumn":  93
-}
-}
-}
-]
-}
diff --git a/analyzers/its/expected/akka.net/Akka.Cluster.TestKit--netstandard2.0-S4784.json b/analyzers/its/expected/akka.net/Akka.Cluster.TestKit--netstandard2.0-S4784.json
deleted file mode 100644
index 7abdd5896f3..00000000000
--- a/analyzers/its/expected/akka.net/Akka.Cluster.TestKit--netstandard2.0-S4784.json
+++ /dev/null
@@ -1,30 +0,0 @@
-{
-"issues":  [
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/akka.net/src/core/Akka.Cluster.TestKit/MultiNodeClusterSpec.cs#L214",
-"region":  {
-"startLine":  214,
-"startColumn":  35,
-"endLine":  214,
-"endColumn":  76
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/akka.net/src/core/Akka.Cluster.TestKit/MultiNodeClusterSpec.cs#L221",
-"region":  {
-"startLine":  221,
-"startColumn":  34,
-"endLine":  221,
-"endColumn":  73
-}
-}
-}
-]
-}
diff --git a/analyzers/its/expected/akka.net/Akka.Cluster.Tools--netstandard2.0-S4784.json b/analyzers/its/expected/akka.net/Akka.Cluster.Tools--netstandard2.0-S4784.json
deleted file mode 100644
index e7da64f75ed..00000000000
--- a/analyzers/its/expected/akka.net/Akka.Cluster.Tools--netstandard2.0-S4784.json
+++ /dev/null
@@ -1,17 +0,0 @@
-{
-"issues":  [
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/akka.net/src/contrib/cluster/Akka.Cluster.Tools/PublishSubscribe/Internal/Topics.cs#L291",
-"region":  {
-"startLine":  291,
-"startColumn":  74,
-"endLine":  291,
-"endColumn":  139
-}
-}
-}
-]
-}
diff --git a/analyzers/its/expected/akka.net/Akka.Discovery--netstandard2.0-S4784.json b/analyzers/its/expected/akka.net/Akka.Discovery--netstandard2.0-S4784.json
deleted file mode 100644
index c32039295fc..00000000000
--- a/analyzers/its/expected/akka.net/Akka.Discovery--netstandard2.0-S4784.json
+++ /dev/null
@@ -1,30 +0,0 @@
-{
-"issues":  [
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/akka.net/src/core/Akka.Discovery/ServiceDiscovery.cs#L139-L140",
-"region":  {
-"startLine":  139,
-"startColumn":  55,
-"endLine":  140,
-"endColumn":  93
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/akka.net/src/core/Akka.Discovery/ServiceDiscovery.cs#L163-L164",
-"region":  {
-"startLine":  163,
-"startColumn":  57,
-"endLine":  164,
-"endColumn":  93
-}
-}
-}
-]
-}
diff --git a/analyzers/its/expected/akka.net/Akka.MultiNodeTestRunner.Shared--netstandard2.0-S4784.json b/analyzers/its/expected/akka.net/Akka.MultiNodeTestRunner.Shared--netstandard2.0-S4784.json
deleted file mode 100644
index 305db80aadf..00000000000
--- a/analyzers/its/expected/akka.net/Akka.MultiNodeTestRunner.Shared--netstandard2.0-S4784.json
+++ /dev/null
@@ -1,56 +0,0 @@
-{
-"issues":  [
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/akka.net/src/core/Akka.MultiNodeTestRunner.Shared/Sinks/MessageSink.cs#L93",
-"region":  {
-"startLine":  93,
-"startColumn":  63,
-"endLine":  93,
-"endColumn":  99
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/akka.net/src/core/Akka.MultiNodeTestRunner.Shared/Sinks/MessageSink.cs#L101",
-"region":  {
-"startLine":  101,
-"startColumn":  66,
-"endLine":  101,
-"endColumn":  105
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/akka.net/src/core/Akka.MultiNodeTestRunner.Shared/Sinks/MessageSink.cs#L107",
-"region":  {
-"startLine":  107,
-"startColumn":  65,
-"endLine":  107,
-"endColumn":  103
-}
-}
-},
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/akka.net/src/core/Akka.MultiNodeTestRunner.Shared/Sinks/MessageSink.cs#L110",
-"region":  {
-"startLine":  110,
-"startColumn":  64,
-"endLine":  110,
-"endColumn":  101
-}
-}
-}
-]
-}
diff --git a/analyzers/its/expected/akka.net/Akka.Persistence--netstandard2.0-S4784.json b/analyzers/its/expected/akka.net/Akka.Persistence--netstandard2.0-S4784.json
deleted file mode 100644
index 19f1402c629..00000000000
--- a/analyzers/its/expected/akka.net/Akka.Persistence--netstandard2.0-S4784.json
+++ /dev/null
@@ -1,17 +0,0 @@
-{
-"issues":  [
-{
-"id":  "S4784",
-"message":  "Make sure that using a regular expression is safe here.",
-"location":  {
-"uri":  "https://github.com/SonarSource/sonar-dotnet/blob/master/analyzers/its/sources/akka.net/src/core/Akka.Persistence/Snapshot/LocalSnapshotStore.cs#L30",
-"region":  {
-"startLine":  30,
-"startColumn":  55,
-"endLine":  30,
-"endColumn":  118
-}
-}
-}
-]
-}