Uploaded image for project: 'SonarPython'
  1. SonarPython
  2. SONARPY-704

Rule S4790: its content should be replaced by S2070

    Details

    • Type: Improvement
    • Status: Open
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: Rules
    • Labels:
      None

      Description

      For hashing algorithms, several rules exist, in particular these two:

      It's not possible to maintain two rules on exactly the same subject, for us and the end users, so:

      • S2070 will be deprecated
      • the content/implementation of S2070 is more relevant than S4790 because S4790 raises everywhere a hash function is used (even when secure hash function, like SHA-256 is used) and S2070 raises only when a weak hash function is used (like MD5)
      • so the content/implementation of S2070 should "be moved" to S4790 (the key of the rule should be updated in SonarPy), because the type of issue (hotspot) is more relevant

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                eric.therond Eric Therond
                Reporter:
                eric.therond Eric Therond
              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated: