Given the following from the EPIC linked to the MMF :
We believe that our taint analysis engine is able to detect many injection issues, which means that corresponding Security Hotspot rules become unnecessary duplicates. The first step is to remove rules which only highlight injection sources with no additional value.
The following rules will be removed:
- RSPEC-4797 Handling files is security-sensitive
- RSPEC-4721 Executing OS commands is security-sensitive
- RSPEC-4825 Sending HTTP requests is security-sensitive (will be replaced by RSPEC-5332 and the taint analysis rules using HTTP requests as sources and sinks)
- RSPEC-4817 Executing XPath expressions is security-sensitive
- RSPEC-4529 Exposing HTTP endpoints is security-sensitive