Merge branch 'master' into rule/S1990-cfamily-quickfix

SonarSource · Oct 16, 2024 · 25a3e55 · 25a3e55
2 parents 0ca105a + 5570d7f
commit 25a3e55
Show file tree

Hide file tree

Showing 4 changed files with 41 additions and 6 deletions.
diff --git a/docs/description.adoc b/docs/description.adoc
@@ -271,6 +271,16 @@ tsql:: use `sql`
 
 In case no language is appropriate for a code block (for example shared examples between multiple languages), you can use `text` as the language.
 
+=== References within code blocks
+
+When referencing a name within a comment in a code example, use double quotes to make it clear it refers to an existing element in the code.
+
+[source,cpp]
+----
+int i = 0;
+cout << noexcept(++i); // Noncompliant, "i" is not incremented
+----
+
 === Diff view
 
 Additionally, you can also use two attributes to let the products know your code examples should be highlighted with a diff view when possible

diff --git a/docs/styling_guide.adoc b/docs/styling_guide.adoc
@@ -109,3 +109,17 @@ Use it when referencing variable names, file names, tokens, and all kinds of spe
 Write:: Compiling source file `src/generic_file.py` breaks an `assert` call in pytest framework.
 Avoid:: Compiling source file "src/generic_file.py" breaks an `assert` call in `pytest` framework.
 
+== Referencing elements from the code
+
+When referencing elements from the code within a normal sentence, use the `backticks` (```) to format it. This includes variable names, function names, class names, and so on.
+
+When referencing the same elements within a comment in a code block, surrpond it with double quotes.
+[source,cpp]
+----
+int i = 0;
+// Write
+cout << noexcept(++i); // Noncompliant, "i" is not incremented -> Double quotes
+// Avoid
+cout << noexcept(++i); // Noncompliant, i is not incremented -> No quotes
+cout << noexcept(++i); // Noncompliant, `i` is not incremented -> Backticks
+----
diff --git a/frontend/public/covered_rules.json b/frontend/public/covered_rules.json
@@ -101,7 +101,8 @@
   },
   "ANSIBLE": {
     "S1135": "sonar-iac-enterprise 1.37.0.12742",
-    "S2260": "sonar-iac-enterprise 1.37.0.12742"
+    "S2260": "sonar-iac-enterprise 1.37.0.12742",
+    "S6321": "sonar-iac-enterprise master"
   },
   "APEX": {
     "S100": "sonar-apex 1.17.0.87",
@@ -3318,7 +3319,7 @@
     "S6646": "sonar-dataflow-bug-detection 1.17.0.4892",
     "S6649": "sonar-dataflow-bug-detection 1.17.0.4892",
     "S6651": "sonar-dataflow-bug-detection 1.17.0.4892",
-    "S6665": "sonar-java master",
+    "S6665": "sonar-java 8.5.0.37199",
     "S6707": "sonar-dataflow-bug-detection 1.17.0.4892",
     "S6780": "sonar-dataflow-bug-detection 1.19.0.6564",
     "S6804": "sonar-java 7.27.0.33463",

diff --git a/rules/S7007/secrets/rule.adoc b/rules/S7007/secrets/rule.adoc
@@ -27,11 +27,21 @@ include::../../../shared_content/secrets/fix/vault.adoc[]
 
 === Code examples
 
-:example_secret: 6YPElC5Wip6ECQcMHwv350RjkgONEMTn
-:example_name: tencent.secret-key
-:example_env: TENCENT_SECRET_KEY
+==== Noncompliant code example
 
-include::../../../shared_content/secrets/examples.adoc[]
+[source,java,diff-id=1,diff-type=noncompliant,subs="attributes"]
+----
+props.set("tencent.secret-id", "AKID6CtdYzpITwVpVj8rPUbVYoh8VexW0WOv");
+props.set("tencent.secret-key", "zPdkmi5UUKjqkXgJFsHf6HMOZsxNrgRk"); // Noncompliant
+----
+
+==== Compliant solution
+
+[source,java,diff-id=1,diff-type=compliant,subs="attributes"]
+----
+props.set("tencent.secret-id", System.getenv("TENCENT_SECRET_ID"));
+props.set("tencent.secret-key", System.getenv("TENCENT_SECRET_KEY"));
+----
 
 //=== How does this work?