diff --git a/java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S2095_java.html b/java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S2095_java.html
index e47884846a9..5fc41197f66 100644
--- a/java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S2095_java.html
+++ b/java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S2095_java.html
@@ -2,8 +2,8 @@
 <code>AutoCloseable</code>, needs to be closed after use. Further, that <code>close</code> call must be made in a <code>finally</code> block otherwise
 an exception could keep the call from being made. Preferably, when class implements <code>AutoCloseable</code>, resource should be created using
 "try-with-resources" pattern and will be closed automatically.</p>
-<p>Failure to properly close resources will result in a resource leak which could bring first the application and then perhaps the box it's on to
-their knees.</p>
+<p>Failure to properly close resources will result in a resource leak which could bring first the application and then perhaps the box the application
+is on to their knees.</p>
 <h2>Noncompliant Code Example</h2>
 <pre>
 private void readTheFile() throws IOException {
diff --git a/java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S2277_java.json b/java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S2277_java.json
index 9b3846af1b7..a0d03f9d0a8 100644
--- a/java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S2277_java.json
+++ b/java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S2277_java.json
@@ -7,10 +7,23 @@
     "constantCost": "20min"
   },
   "tags": [
-    
+    "cwe",
+    "owasp-a6",
+    "sans-top25-porous",
+    "owasp-a3"
   ],
   "defaultSeverity": "Critical",
   "ruleSpecification": "RSPEC-2277",
   "sqKey": "S2277",
-  "scope": "Main"
+  "scope": "Main",
+  "securityStandards": {
+    "CWE": [
+      780,
+      327
+    ],
+    "OWASP": [
+      "A3",
+      "A6"
+    ]
+  }
 }
diff --git a/java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S2278_java.json b/java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S2278_java.json
index 95b5a670ae5..e88538b3008 100644
--- a/java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S2278_java.json
+++ b/java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S2278_java.json
@@ -7,10 +7,22 @@
     "constantCost": "20min"
   },
   "tags": [
-    
+    "cwe",
+    "cert",
+    "owasp-a6",
+    "sans-top25-porous"
   ],
   "defaultSeverity": "Blocker",
   "ruleSpecification": "RSPEC-2278",
   "sqKey": "S2278",
-  "scope": "Main"
+  "scope": "Main",
+  "securityStandards": {
+    "CWE": [
+      326,
+      327
+    ],
+    "OWASP": [
+      "A6"
+    ]
+  }
 }
diff --git a/java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S2647_java.json b/java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S2647_java.json
index e32e482b9f2..f85fe66ea4a 100644
--- a/java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S2647_java.json
+++ b/java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S2647_java.json
@@ -8,7 +8,6 @@
   },
   "tags": [
     "cwe",
-    "owasp-a6",
     "sans-top25-porous",
     "owasp-a3"
   ],
@@ -22,7 +21,6 @@
       311
     ],
     "OWASP": [
-      "A6",
       "A3"
     ]
   }
diff --git a/java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S3011_java.json b/java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S3011_java.json
index f928270f3f6..e9e8a631ade 100644
--- a/java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S3011_java.json
+++ b/java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S3011_java.json
@@ -7,16 +7,10 @@
     "constantCost": "30min"
   },
   "tags": [
-    "cert",
-    "owasp-a3"
+    "cert"
   ],
   "defaultSeverity": "Major",
   "ruleSpecification": "RSPEC-3011",
   "sqKey": "S3011",
-  "scope": "Main",
-  "securityStandards": {
-    "OWASP": [
-      "A3"
-    ]
-  }
+  "scope": "Main"
 }
diff --git a/java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S3400_java.html b/java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S3400_java.html
index e3f46b74fc5..70bb176fc4b 100644
--- a/java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S3400_java.html
+++ b/java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S3400_java.html
@@ -9,7 +9,7 @@ <h2>Noncompliant Code Example</h2>
 </pre>
 <h2>Compliant Solution</h2>
 <pre>
-static int bestNumber = 12;
+static final int BEST_NUMBER = 12;
 </pre>
 <h2>Exceptions</h2>
 <p>Methods with annotations, such as <code>@Override</code> and Spring's <code>@RequestMapping</code>, are ignored.</p>
diff --git a/java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S4426_java.html b/java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S4426_java.html
index 4acb0ce6f0f..256be4741fd 100644
--- a/java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S4426_java.html
+++ b/java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S4426_java.html
@@ -12,9 +12,9 @@
   <li> n ≥ 224 for ECDH and ECMQV (Examples: <code>secp192r1</code> is a non-compliant curve (<code>n</code> &lt; 224) but <code>secp224k1</code> is
   compliant (<code>n</code> &gt;= 224)) </li>
 </ul>
-<p><strong>Encryption and Decryption</strong>: </p>
+<p><strong>Symmetric keys</strong>: </p>
 <ul>
-  <li> AES-128, 192, 256 </li>
+  <li> key length ≥ 128 bits </li>
 </ul>
 <p>This rule will not raise issues for ciphers that are considered weak (no matter the key size) like <code>DES</code>, <code>Blowfish</code>.</p>
 <h2>Noncompliant Code Example</h2>
diff --git a/java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S4784_java.json b/java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S4784_java.json
index 44001dab7f1..98da3e66c1c 100644
--- a/java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S4784_java.json
+++ b/java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S4784_java.json
@@ -3,21 +3,10 @@
   "type": "SECURITY_HOTSPOT",
   "status": "ready",
   "tags": [
-    "cwe",
-    "owasp-a1",
-    "regex"
+    
   ],
   "defaultSeverity": "Critical",
   "ruleSpecification": "RSPEC-4784",
   "sqKey": "S4784",
-  "scope": "Main",
-  "securityStandards": {
-    "CWE": [
-      624,
-      185
-    ],
-    "OWASP": [
-      "A1"
-    ]
-  }
+  "scope": "Main"
 }
diff --git a/java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S4830_java.json b/java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S4830_java.json
index d6c80c7ff8d..a05b2fa6755 100644
--- a/java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S4830_java.json
+++ b/java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S4830_java.json
@@ -11,7 +11,6 @@
     "privacy",
     "cert",
     "owasp-a6",
-    "sans-top25-porous",
     "ssl",
     "owasp-a3"
   ],
diff --git a/java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S5344_java.html b/java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S5344_java.html
index c4ae8d2e9d5..aa1ddad59eb 100644
--- a/java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S5344_java.html
+++ b/java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S5344_java.html
@@ -58,6 +58,7 @@ <h2>See</h2>
   <li> <a href="http://cwe.mitre.org/data/definitions/328">MITRE, CWE-328</a> - Reversible One-Way Hash </li>
   <li> <a href="http://cwe.mitre.org/data/definitions/327">MITRE, CWE-327</a> - Use of a Broken or Risky Cryptographic Algorithm </li>
   <li> <a href="https://www.sans.org/top25-software-errors/#cat3">SANS Top 25</a> - Porous Defenses </li>
-  <li> https://blog.ircmaxell.com/2014/03/why-i-dont-recommend-scrypt.html </li>
+  <li> <a href="https://blog.ircmaxell.com/2014/03/why-i-dont-recommend-scrypt.html
+  ">https://blog.ircmaxell.com/2014/03/why-i-dont-recommend-scrypt.html</a> </li>
 </ul>
 
diff --git a/java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S5344_java.json b/java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S5344_java.json
index 031359f3c30..2e120a9bf1b 100644
--- a/java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S5344_java.json
+++ b/java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S5344_java.json
@@ -11,8 +11,7 @@
     "spring",
     "owasp-a6",
     "sans-top25-porous",
-    "owasp-a2",
-    "owasp-a3"
+    "owasp-a2"
   ],
   "defaultSeverity": "Critical",
   "ruleSpecification": "RSPEC-5344",
@@ -25,8 +24,7 @@
     ],
     "OWASP": [
       "A2",
-      "A6",
-      "A3"
+      "A6"
     ]
   }
 }
diff --git a/java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S5527_java.json b/java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S5527_java.json
index a1a6d85e31d..81cb79edaac 100644
--- a/java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S5527_java.json
+++ b/java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S5527_java.json
@@ -10,7 +10,6 @@
     "cwe",
     "privacy",
     "owasp-a6",
-    "sans-top25-porous",
     "ssl",
     "owasp-a3"
   ],
diff --git a/java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S5542_java.html b/java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S5542_java.html
index e55b0224e7c..1be640c2541 100644
--- a/java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S5542_java.html
+++ b/java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S5542_java.html
@@ -7,7 +7,7 @@
     <ul>
       <li> Electronic Codebook (ECB) mode is vulnerable because it doesn't provide serious message confidentiality: under a given key any given
       plaintext block always gets encrypted to the same ciphertext block. </li>
-      <li> Cipher Block Chaining (CBC) with PKCS#5 padding (or PKCS#7) is susceptible to padding oracle attacks. </li>
+      <li> Cipher Block Chaining (CBC) with PKCS#5 padding (or PKCS#7) is vulnerable to padding oracle attacks. </li>
     </ul> </li>
   <li> RSA encryption algorithm should be used with the recommended padding scheme (OAEP) </li>
 </ul>
diff --git a/java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S5547_java.html b/java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S5547_java.html
index b87c604eff4..b5a067317ca 100644
--- a/java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S5547_java.html
+++ b/java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S5547_java.html
@@ -1,6 +1,7 @@
 <p><a href="https://en.wikipedia.org/wiki/Strong_cryptography">Strong cipher algorithms</a> are cryptographic systems resistant to cryptanalysis, they
 are not vulnerable to well-known attacks like brute force attacks for example. </p>
-<p>It is recommended to use only cipher algorithms intensively tested and promoted by the cryptographic community.</p>
+<p>A general recomandation is to only use cipher algorithms intensively tested and promoted by the cryptographic community.</p>
+<p>More specifically for block cipher, it's not recommended to use algorithm with a block size inferior than 128 bits.</p>
 <h2>Noncompliant Code Example</h2>
 <pre>
 import javax.crypto.Cipher;
diff --git a/java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S5841_java.html b/java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S5841_java.html
index d017b1257a1..280dc2801f1 100644
--- a/java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S5841_java.html
+++ b/java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S5841_java.html
@@ -1,8 +1,9 @@
 <p>AssertJ assertions <code>allMatch</code> and <code>doesNotContains</code> on an empty list always&nbsp;returns true whatever the content of the
 predicate. Despite being correct, you should make explicit if you expect an empty list or not, by adding
-<code>isEmpty()</code>/<code>isNotEmpty()</code> before calling the assertion. It will justify the useless predicate to improve clarity or increase
-the reliability of the test.</p>
-<p>This rule raises an issue when any of the methods listed are used without asserting that the list is empty or not.</p>
+<code>isEmpty()</code>/<code>isNotEmpty()</code> in addition to calling the assertion, or by testing the list's content further. It will justify the
+useless predicate to improve clarity or increase the reliability of the test.</p>
+<p>This rule raises an issue when any of the methods listed are used without asserting that the list is empty or not and without testing the
+content.</p>
 <p>Targetted methods:</p>
 <ul>
   <li> <code>allMatch</code> </li>
@@ -30,6 +31,8 @@ <h2>Compliant Solution</h2>
 assertThat(logs).isEmpty();
 
 // Despite being redundant, this is also acceptable since it explains why you expect an empty list
-assertThat(logs).isEmpty().doesNotContain("error");
+assertThat(logs).doesNotContain("error").isEmpty();
+// or test the content of the list further
+assertThat(logs).contains("warning").doesNotContain("error");
 </pre>
 
diff --git a/java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S5852_java.html b/java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S5852_java.html
index c63d9303b7c..74e42364f66 100644
--- a/java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S5852_java.html
+++ b/java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S5852_java.html
@@ -61,6 +61,7 @@ <h2>Compliant Solution</h2>
 </pre>
 <h2>See</h2>
 <ul>
+  <li> <a href="https://www.owasp.org/index.php/Top_10-2017_A1-Injection">OWASP Top 10 2017 Category A1</a> - Injection </li>
   <li> <a href="https://cwe.mitre.org/data/definitions/400.html">MITRE, CWE-400</a> - Uncontrolled Resource Consumption </li>
   <li> <a href="https://owasp.org/www-community/attacks/Regular_expression_Denial_of_Service_-_ReDoS">owasp.org</a> - OWASP Regular expression Denial
   of Service - ReDoS </li>
diff --git a/java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S5852_java.json b/java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S5852_java.json
index 06a8ef0ea92..8ad0e55721b 100644
--- a/java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S5852_java.json
+++ b/java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S5852_java.json
@@ -8,8 +8,8 @@
   },
   "tags": [
     "cwe",
-    "regex",
-    "owasp-a6"
+    "owasp-a1",
+    "regex"
   ],
   "defaultSeverity": "Critical",
   "ruleSpecification": "RSPEC-5852",
@@ -20,7 +20,7 @@
       400
     ],
     "OWASP": [
-      "A6"
+      "A1"
     ]
   }
 }
diff --git a/java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S5854_java.html b/java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S5854_java.html
index 5ea0f910245..e97c23e096d 100644
--- a/java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S5854_java.html
+++ b/java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S5854_java.html
@@ -4,12 +4,12 @@ <h2>Noncompliant Code Example</h2>
 <pre>
 String s = "e\u0300";
 Pattern p = Pattern.compile("é|ë|è"); // Noncompliant
-System.out.println(p.matcher(s).replaceAll("e")); // print ‘é’
+System.out.println(p.matcher(s).replaceAll("e")); // print 'é'
 </pre>
 <h2>Compliant Solution</h2>
 <pre>
 String s = "e\u0300";
 Pattern p = Pattern.compile("é|ë|è", Pattern.CANON_EQ);
-System.out.println(p.matcher(s).replaceAll("e")); // print ‘e’
+System.out.println(p.matcher(s).replaceAll("e")); // print 'e'
 </pre>
 
diff --git a/java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S5869_java.html b/java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S5869_java.html
index 5959803c6b4..199ab6ffc88 100644
--- a/java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S5869_java.html
+++ b/java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S5869_java.html
@@ -1,15 +1,19 @@
 <p>Character classes in regular expressions are a convenient way to match one of several possible characters by listing the allowed characters or
 ranges of characters. If the same character is listed twice in the same character class or if the character class contains overlapping ranges, this
 has no effect.</p>
-<p>Thus duplicate characters in a character class are either a simple oversight or a sign that the author misunderstood how character classes work and
-wanted to match more than one character. A common example of the latter mistake is trying to use a range like <code>[0-99]</code> to match numbers of
-up to two digits, when in fact it is equivalent to <code>[0-9]</code>.</p>
+<p>Thus duplicate characters in a character class are either a simple oversight or a sign that a range in the character class matches more than is
+intended or that the author misunderstood how character classes work and wanted to match more than one character. A common example of the latter
+mistake is trying to use a range like <code>[0-99]</code> to match numbers of up to two digits, when in fact it is equivalent to <code>[0-9]</code>.
+Another common cause is forgetting to escape the `-` character, creating an unintended range that overlaps with other characters in the character
+class.</p>
 <h2>Noncompliant Code Example</h2>
 <pre>
 str.matches("[0-99]") // Noncompliant, this won't actually match strings with two digits
+str.matches("[0-9.-_]") // Noncompliant, .-_ is a range that already contains 0-9 (as well as various other characters such as capital letters)
 </pre>
 <h2>Compliant Solution</h2>
 <pre>
 str.matches("[0-9]{1,2}")
+str.matches("[0-9.\\-_]")
 </pre>
 
diff --git a/java-checks/src/main/resources/org/sonar/l10n/java/rules/java/Sonar_way_profile.json b/java-checks/src/main/resources/org/sonar/l10n/java/rules/java/Sonar_way_profile.json
index 4a981b98ab9..5e189ce3890 100644
--- a/java-checks/src/main/resources/org/sonar/l10n/java/rules/java/Sonar_way_profile.json
+++ b/java-checks/src/main/resources/org/sonar/l10n/java/rules/java/Sonar_way_profile.json
@@ -352,7 +352,6 @@
     "S4684",
     "S4719",
     "S4738",
-    "S4784",
     "S4790",
     "S4792",
     "S4830",
diff --git a/sonarpedia.json b/sonarpedia.json
index 2fc68a14c3d..c8cbc8f2365 100644
--- a/sonarpedia.json
+++ b/sonarpedia.json
@@ -3,7 +3,7 @@
   "languages": [
     "JAVA"
   ],
-  "latest-update": "2020-06-18T14:34:25.059019Z",
+  "latest-update": "2020-07-15T12:00:39.489532200Z",
   "options": {
     "no-language-in-filenames": false,
     "preserve-filenames": false