There is a risk if you answered yes to this question.
Use noopener to prevent untrusted pages from abusing window.opener.
Note: In Chrome 88+, Firefox 79+ or Safari 12.1+ target=_blank on anchors implies rel=noopener which make the protection
-enabled by default.
window.open("https://example.com/dangerous"); // Sensitive
diff --git a/sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S6299.html b/sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S6299.html
index f8b6f5d2ee6..1c85f26b736 100644
--- a/sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S6299.html
+++ b/sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S6299.html
@@ -1,3 +1,4 @@
+This rule is deprecated, and will eventually be removed.
Vue.js framework prevents XSS vulnerabilities by automatically escaping HTML contents with the use of native API browsers like
innerText instead of innerHtml.
It’s still possible to explicity use innerHtml and similar APIs to render HTML. Accidentally rendering malicious HTML data will
diff --git a/sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S6299.json b/sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S6299.json
index 0a0562743ea..634e06e0ef5 100644
--- a/sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S6299.json
+++ b/sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S6299.json
@@ -7,7 +7,7 @@
},
"attribute": "CONVENTIONAL"
},
- "status": "ready",
+ "status": "deprecated",
"tags": [
"cwe"
],
diff --git a/sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S6327.html b/sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S6327.html
index 0347f7cd43d..07671205f1f 100644
--- a/sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S6327.html
+++ b/sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S6327.html
@@ -9,8 +9,17 @@
Ask Yourself Whether
There is a risk if you answered yes to any of those questions.
Recommended Secure Coding Practices
-It’s recommended to encrypt SNS topics that contain sensitive information. Encryption and decryption are handled transparently by SNS, so no
-further modifications to the application are necessary.
+It is recommended to encrypt SNS topics that contain sensitive information.
+To do so, create a master key and assign the SNS topic to it. Note that this system does not encrypt the following:
+Then, make sure that any publishers have the kms:GenerateDataKey* and kms:Decrypt permissions for the AWS KMS key.
See AWS SNS Key Management +Documentation for more information.
diff --git a/sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S6327.json b/sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S6327.json
index 2bb7f758430..e4cea9ccf69 100644
--- a/sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S6327.json
+++ b/sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S6327.json
@@ -10,7 +10,7 @@
"status": "ready",
"remediation": {
"func": "Constant\/Issue",
- "constantCost": "10min"
+ "constantCost": "45min"
},
"tags": [
"aws",
diff --git a/sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S6661.json b/sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S6661.json
index 49f7c20a576..d885ad729f0 100644
--- a/sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S6661.json
+++ b/sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S6661.json
@@ -9,7 +9,7 @@
"tags": [
"es2018"
],
- "defaultSeverity": "Minor",
+ "defaultSeverity": "Major",
"ruleSpecification": "RSPEC-6661",
"sqKey": "S6661",
"scope": "All",
diff --git a/sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S6666.json b/sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S6666.json
index 566307647e6..095a5d22f37 100644
--- a/sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S6666.json
+++ b/sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S6666.json
@@ -7,7 +7,7 @@
"constantCost": "5min"
},
"tags": [],
- "defaultSeverity": "Minor",
+ "defaultSeverity": "Major",
"ruleSpecification": "RSPEC-6666",
"sqKey": "S6666",
"scope": "All",
diff --git a/sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S6671.json b/sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S6671.json
index cba3b34d8e5..4fa4a94814b 100644
--- a/sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S6671.json
+++ b/sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S6671.json
@@ -7,7 +7,7 @@
"constantCost": "5min"
},
"tags": [],
- "defaultSeverity": "Minor",
+ "defaultSeverity": "Major",
"ruleSpecification": "RSPEC-6671",
"sqKey": "S6671",
"scope": "All",
diff --git a/sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S6676.json b/sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S6676.json
index 429acbcb1b7..0ced28b2df0 100644
--- a/sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S6676.json
+++ b/sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S6676.json
@@ -7,7 +7,7 @@
"constantCost": "5min"
},
"tags": [],
- "defaultSeverity": "Minor",
+ "defaultSeverity": "Major",
"ruleSpecification": "RSPEC-6676",
"sqKey": "S6676",
"scope": "All",
diff --git a/sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S6679.json b/sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S6679.json
index daa908a5c14..918ca7e2c52 100644
--- a/sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S6679.json
+++ b/sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S6679.json
@@ -7,7 +7,7 @@
"constantCost": "5min"
},
"tags": [],
- "defaultSeverity": "Minor",
+ "defaultSeverity": "Major",
"ruleSpecification": "RSPEC-6679",
"sqKey": "S6679",
"scope": "All",
diff --git a/sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S6749.json b/sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S6749.json
index 13ca797011c..ebed25c7aeb 100644
--- a/sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S6749.json
+++ b/sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S6749.json
@@ -9,7 +9,7 @@
"tags": [
"react"
],
- "defaultSeverity": "Major",
+ "defaultSeverity": "Minor",
"ruleSpecification": "RSPEC-6749",
"sqKey": "S6749",
"scope": "All",
diff --git a/sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S6754.json b/sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S6754.json
index b2d9dcab4e3..ca03e0efdf7 100644
--- a/sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S6754.json
+++ b/sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S6754.json
@@ -7,7 +7,7 @@
"constantCost": "5min"
},
"tags": [],
- "defaultSeverity": "Major",
+ "defaultSeverity": "Minor",
"ruleSpecification": "RSPEC-6754",
"sqKey": "S6754",
"scope": "All",
diff --git a/sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S6759.json b/sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S6759.json
index 4d1389ee1dc..2d422393cf6 100644
--- a/sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S6759.json
+++ b/sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S6759.json
@@ -10,7 +10,7 @@
"react",
"type-dependent"
],
- "defaultSeverity": "Major",
+ "defaultSeverity": "Minor",
"ruleSpecification": "RSPEC-6759",
"sqKey": "S6759",
"scope": "All",
diff --git a/sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S6767.json b/sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S6767.json
index a7ebfe91244..87672b7b8da 100644
--- a/sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S6767.json
+++ b/sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S6767.json
@@ -9,7 +9,7 @@
"tags": [
"react"
],
- "defaultSeverity": "Major",
+ "defaultSeverity": "Minor",
"ruleSpecification": "RSPEC-6767",
"sqKey": "S6767",
"scope": "All",
diff --git a/sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S6770.json b/sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S6770.json
index 81bf54f7fce..c370ac3e932 100644
--- a/sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S6770.json
+++ b/sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S6770.json
@@ -9,7 +9,7 @@
"tags": [
"react"
],
- "defaultSeverity": "Major",
+ "defaultSeverity": "Minor",
"ruleSpecification": "RSPEC-6770",
"sqKey": "S6770",
"scope": "All",
diff --git a/sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S6775.json b/sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S6775.json
index 5695703f7de..90cb1ace1b4 100644
--- a/sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S6775.json
+++ b/sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S6775.json
@@ -9,7 +9,7 @@
"tags": [
"react"
],
- "defaultSeverity": "Major",
+ "defaultSeverity": "Minor",
"ruleSpecification": "RSPEC-6775",
"sqKey": "S6775",
"scope": "All",
diff --git a/sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S6836.json b/sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S6836.json
index 5fd042302a0..7150c0c4b46 100644
--- a/sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S6836.json
+++ b/sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S6836.json
@@ -7,7 +7,7 @@
"constantCost": "5min"
},
"tags": [],
- "defaultSeverity": "Minor",
+ "defaultSeverity": "Major",
"ruleSpecification": "RSPEC-6836",
"sqKey": "S6836",
"scope": "All",
diff --git a/sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/Sonar_way_profile.json b/sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/Sonar_way_profile.json
index 00fedabfa7f..6bdf859b050 100644
--- a/sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/Sonar_way_profile.json
+++ b/sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/Sonar_way_profile.json
@@ -215,7 +215,6 @@
"S6270",
"S6275",
"S6281",
- "S6299",
"S6302",
"S6303",
"S6308",
diff --git a/sonar-plugin/sonar-javascript-plugin/src/test/java/org/sonar/plugins/javascript/utils/RulesMetadataForSonarLintTest.java b/sonar-plugin/sonar-javascript-plugin/src/test/java/org/sonar/plugins/javascript/utils/RulesMetadataForSonarLintTest.java
index 9cd78bc7d64..da81cc4ae7d 100644
--- a/sonar-plugin/sonar-javascript-plugin/src/test/java/org/sonar/plugins/javascript/utils/RulesMetadataForSonarLintTest.java
+++ b/sonar-plugin/sonar-javascript-plugin/src/test/java/org/sonar/plugins/javascript/utils/RulesMetadataForSonarLintTest.java
@@ -65,7 +65,7 @@ void test() throws Exception {
" \"type\": \"CODE_SMELL\",\n" +
" \"name\": \"Quotes for string literals should be used consistently\",\n" +
" \"htmlDescription\": \"\\u003cp\\u003eThis rule is deprecated, and will eventually be removed.\\u003c/p\\u003e\\n\\u003ch2\\u003eWhy is this an issue?\\u003c/h2\\u003e\\n\\u003cp\\u003eThis rule checks that all string literals use the same kind of quotes.\\u003c/p\\u003e\\n\\u003ch3\\u003eNoncompliant code example\\u003c/h3\\u003e\\n\\u003cp\\u003eUsing the parameter default (forcing single quotes):\\u003c/p\\u003e\\n\\u003cpre\\u003e\\nvar firstParameter \\u003d \\\"something\\\"; // Noncompliant\\n\\u003c/pre\\u003e\\n\\u003ch3\\u003eCompliant solution\\u003c/h3\\u003e\\n\\u003cpre\\u003e\\nvar firstParameter \\u003d \\u0027something\\u0027;\\n\\u003c/pre\\u003e\\n\\u003ch3\\u003eExceptions\\u003c/h3\\u003e\\n\\u003cp\\u003eStrings that contain quotes are ignored.\\u003c/p\\u003e\\n\\u003cpre\\u003e\\nlet heSaid \\u003d \\\"Then he said \\u0027What?\\u0027.\\\" // ignored\\nlet sheSaid \\u003d \\u0027\\\"Whatever!\\\" she replied.\\u0027 // ignored\\n\\u003c/pre\\u003e\",\n" +
- " \"severity\": \"MINOR\",\n" +
+ " \"severity\": \"MAJOR\",\n" +
" \"status\": \"DEPRECATED\",\n" +
" \"tags\": [],\n" +
" \"params\": [\n" +
diff --git a/sonarpedia.json b/sonarpedia.json
index 92a65de1646..1f4b9501ff5 100644
--- a/sonarpedia.json
+++ b/sonarpedia.json
@@ -3,7 +3,7 @@
"languages": [
"JS"
],
- "latest-update": "2024-11-15T08:36:20.934286Z",
+ "latest-update": "2024-11-28T13:46:14.829734Z",
"options": {
"no-language-in-filenames": true,
"preserve-filenames": true