Uploaded image for project: 'SonarJava'
  1. SonarJava
  2. SONARJAVA-3445

Deprecate S4787 in favor of cryptography rules

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 6.5
    • Component/s: Rules
    • Labels:
      None

      Description

      Rule S4787 is deprecated in favor of cryptography rules:

      • RSPEC-4423 Weak SSL and TLS protocols should not be used
      • RSPEC-4830 Server certificates should be verified during SSL⁄TLS connections
      • RSPEC-5527 Server hostnames should be verified during SSL⁄TLS connections
      • RSPEC-5542 Encryption algorithms should be used with secure mode and padding scheme
      • RSPEC-5547 Cipher algorithms should be robust
      • RSPEC-3330 Creating cookies without the "HttpOnly" flag is security-sensitive
      • RSPEC-2092 Creating cookies without the "secure" flag is security-sensitive
      • RSPEC-4426 Cryptographic keys should be robust

        Attachments

          Activity

            People

            • Assignee:
              alban.auzeill Alban Auzeill
              Reporter:
              alban.auzeill Alban Auzeill
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Due:
                Created:
                Updated:
                Resolved: