Uploaded image for project: 'SonarQube'
  1. SonarQube
  2. SONAR-13185

Remove hard-coded behavior adding "source" and "sink" prefix on vulnerability issues having a flow

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 8.3
    • Component/s: Issues
    • Labels:
      None
    • Edition:
      Community
    • Production Notes:
      None

      Description

      The concept of "source" and "sink" were hard-coded in SQ for vulneratility issues when issues contain a flow. (see MMF-1530 and SONAR-12399).

      Today, we have cases of vulneratility issues not generated by the SonarSecurity that need to use the flow API. Because things are hard-coded, they are fictive "source" and "sink" labels that mean nothing for these issues.

      The idea is to remove this hard-coded behavior and let SonarSecurity put that information while creating the issue (SONARSEC-1023).

        Attachments

          Activity

            People

            Assignee:
            jeremy.davis Jeremy Davis
            Reporter:
            alexandre.gigleux Alexandre Gigleux
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Dates

              Due:
              Created:
              Updated:
              Resolved: