SONARJAVA-3533 Update rule metadata

java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S1215_java.html

@@ -6,7 +6,8 @@
   <li> Will the JVM simply ignore the call? </li>
   <li> ... </li>
 </ul>
-<p>Like for <code>System.gc()</code>, there is no reason to manually call <code>runFinalization()</code> to force the call of finalization methods of any objects pending finalization.</p>
-<p>An application relying on these unpredictable methods is also unpredictable and therefore broken. The task of running the garbage collector and calling <code>finalize()</code> methods should
-be left exclusively to the JVM.</p>
+<p>Like for <code>System.gc()</code>, there is no reason to manually call <code>runFinalization()</code> to force the call of finalization methods of
+any objects pending finalization.</p>
+<p>An application relying on these unpredictable methods is also unpredictable and therefore broken. The task of running the garbage collector and
+calling <code>finalize()</code> methods should be left exclusively to the JVM.</p>
 

java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S2391_java.json

@@ -7,8 +7,7 @@
     "constantCost": "5min"
   },
   "tags": [
-    "junit",
-    "tests"
+
   ],
   "defaultSeverity": "Blocker",
   "ruleSpecification": "RSPEC-2391",

java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S3358_java.html

@@ -4,17 +4,17 @@
 <p>Instead, err on the side of clarity, and use another line to express the nested operation as a separate statement.</p>
 <h2>Noncompliant Code Example</h2>
 <pre>
-public String getTitle(Person p) {
-  return p.gender == Person.MALE ? "Mr. " : p.isMarried() ? "Mrs. " : "Miss ";  // Noncompliant
+public String getReadableStatus(Job j) {
+  return j.isRunning() ? "Running" : j.hasErrors() ? "Failed" : "Succeeded";  // Noncompliant
 }
 </pre>
 <h2>Compliant Solution</h2>
 <pre>
-public String getTitle(Person p) {
-  if (p.gender == Person.MALE) {
-    return "Mr. ";
+public String getReadableStatus(Job j) {
+  if (j.isRunning()) {
+    return "Running";
   }
-  return p.isMarried() ? "Mrs. " : "Miss ";
+  return j.hasErrors() ? "Failed" : "Succeeded";
 }
 </pre>
 

java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S4507_java.json

@@ -10,6 +10,7 @@
     "cwe",
     "error-handling",
     "spring",
+    "debug",
     "user-experience",
     "owasp-a3"
   ],

java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S4784_java.html

@@ -80,5 +80,5 @@ <h2>See</h2>
   <li> OWASP Regular expression Denial of Service - ReDoS </li>
 </ul>
 <h2>Deprecated</h2>
-<p>This rule is deprecated; use {rule:squid:S5852} instead.</p>
+<p>This rule is deprecated; use {rule:java:S5852} instead.</p>
 

java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S5361_java.html

@@ -24,6 +24,6 @@ <h2>Compliant Solution</h2>
 </pre>
 <h2>See</h2>
 <ul>
-  <li> {rule:squid:S4248} - Regex patterns should not be created needlessly </li>
+  <li> {rule:java:S4248} - Regex patterns should not be created needlessly </li>
 </ul>
 

java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S5547_java.html

@@ -1,6 +1,6 @@
 <p><a href="https://en.wikipedia.org/wiki/Strong_cryptography">Strong cipher algorithms</a> are cryptographic systems resistant to cryptanalysis, they
-are not vulnerable to well-known attacks like brute force attacks for example. </p>
-<p>A general recomandation is to only use cipher algorithms intensively tested and promoted by the cryptographic community.</p>
+are not vulnerable to well-known attacks like brute force attacks for example.</p>
+<p>A general recommendation is to only use cipher algorithms intensively tested and promoted by the cryptographic community.</p>
 <p>More specifically for block cipher, it's not recommended to use algorithm with a block size inferior than 128 bits.</p>
 <h2>Noncompliant Code Example</h2>
 <pre>

java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S5777_java.html

@@ -30,27 +30,24 @@ <h2>Compliant Solution</h2>
     Object obj = get();
     Assert.assertThrows(IndexOutOfBoundsException.class, () -&gt; obj.toString());
     Assert.assertEquals(0, 1);
-} {code}
-
-* For JUnit &lt; 4.13, use the [try-catch idiom|https://github.com/junit-team/junit4/wiki/Exception-testing#trycatch-idiom]:
-{code:java}
-<p>@Test</p>
-<p>public void testShouldFail() {</p>
-<p>    Object obj = get();</p>
-<p>    try {</p>
-<p>        obj.toString();</p>
-<p>        Assert.fail("Expected an IndexOutOfBoundsException to be thrown");</p>
-<p>    } catch (IndexOutOfBoundsException e) {}</p>
-<p>    Assert.assertEquals(0, 1); // Correctly fails.</p>
-<p>}</p>
+}
+</pre>
+<ul>
+  <li> For JUnit &lt; 4.13, use the <a href="https://github.com/junit-team/junit4/wiki/Exception-testing#trycatch-idiom">try-catch idiom</a>: </li>
+</ul>
 <pre>
+@Test
+public void testShouldFail() {
+    Object obj = get();
+    try {
+        obj.toString();
+        Assert.fail("Expected an IndexOutOfBoundsException to be thrown");
+    } catch (IndexOutOfBoundsException e) {}
+    Assert.assertEquals(0, 1); // Correctly fails.
+}
 </pre>
-
 <h2>See</h2>
-
-  <ul>
-
-    <li> <a href="https://github.com/junit-team/junit4/wiki/Exception-testing">JUnit exception testing documentation</a> </li>
-  </ul>
-</pre>
+<ul>
+  <li> <a href="https://github.com/junit-team/junit4/wiki/Exception-testing">JUnit exception testing documentation</a> </li>
+</ul>
 

java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S5838_java.json

@@ -3,7 +3,8 @@
   "type": "CODE_SMELL",
   "status": "ready",
   "tags": [
-    "tests"
+    "tests",
+    "assertj"
   ],
   "defaultSeverity": "Minor",
   "ruleSpecification": "RSPEC-5838",

java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S5841_java.json

@@ -3,7 +3,8 @@
   "type": "BUG",
   "status": "ready",
   "tags": [
-    "tests"
+    "tests",
+    "assertj"
   ],
   "defaultSeverity": "Minor",
   "ruleSpecification": "RSPEC-5841",

java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S5853_java.json

@@ -3,7 +3,8 @@
   "type": "CODE_SMELL",
   "status": "ready",
   "tags": [
-    "tests"
+    "tests",
+    "assertj"
   ],
   "defaultSeverity": "Minor",
   "ruleSpecification": "RSPEC-5853",

java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S5958_java.json

@@ -3,7 +3,8 @@
   "type": "CODE_SMELL",
   "status": "ready",
   "tags": [
-    "tests"
+    "tests",
+    "assertj"
   ],
   "defaultSeverity": "Major",
   "ruleSpecification": "RSPEC-5958",

java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S5967_java.html

@@ -1,6 +1,6 @@
-<p>Annotating unit test with more than one test related annotation is not only useless, but could also result in unexpected behavior like failing unit
-test or unwanted side-effects.</p>
-<p>This rule report an issue when a test method is annotated with more than one of the following competing annotation:</p>
+<p>Annotating unit tests with more than one test-related annotation is not only useless but could also result in unexpected behavior like failing
+tests or unwanted side-effects.</p>
+<p>This rule reports an issue when a test method is annotated with more than one of the following competing annotation:</p>
 <ul>
   <li> @Test </li>
   <li> @RepeatedTest </li>

java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S5976_java.html

@@ -76,7 +76,7 @@ <h2>Compliant Solution</h2>
         "2, 200",
         "3, 300",
     })
-    void testLevels(int level, int health) {  // Similar test
+    void testLevels(int level, int health) {
         setLevel(level);
         runGame();
         assertEquals(playerHealth(), health);

java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S5976_java.json

@@ -4,7 +4,7 @@
   "status": "ready",
   "remediation": {
     "func": "Constant\/Issue",
-    "constantCost": "5min"
+    "constantCost": "10min"
   },
   "tags": [
     "tests",

java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S5977_java.html

@@ -3,12 +3,12 @@
   <li> Make sure that production code behaves as expected, including edge cases. </li>
   <li> Be easy to debug, i.e. understandable and reproducible. </li>
 </ul>
-<p>Using random values in tests will not necessarily check edge cases, and it will make test logs a lot harder to read. If you don't use a seed your
-test will not be reproducible, and if you do use a seed there is no point in using random data. Use instead easily readable hardcoded values. If this
-makes your code bigger you can use helper functions.</p>
-<p>Note that there is one valid use cases for randomized data in tests: detect cases which you didn't think of. However when you do this you need to
-be sure that you can retrieve the generated values and add new failing cases to the test suite. It is easier to do so with a property-based testing
-library, such as <a href="https://github.com/jlink/jqwik">jqwik</a>.</p>
+<p>Using random values in tests will not necessarily check edge cases, and it will make test logs a lot harder to read. It is better to use easily
+readable hardcoded values. If this makes your code bigger you can use helper functions.</p>
+<p>There is one valid use case for random data in tests: when testing every value would make tests impractically slow. In this case the best you can
+do is use random to test every value on the long run. You should however make sure that random values are logged so that you can reproduce failures.
+Some libraries exist to make all this easier. You can for example use property-based testing libraries such as <a
+href="https://github.com/jlink/jqwik">jqwik</a>.</p>
 <p>This rule raises an issue when <code>new Random()</code> or <code>UUID.randomUUID()</code> are called in test code.</p>
 <h2>Noncompliant Code Example</h2>
 <pre>
@@ -22,8 +22,8 @@ <h2>Compliant Solution</h2>
 </pre>
 <h2>See</h2>
 <ul>
-  <li> <a href="https://phauer.com/2019/modern-best-practices-testing-java/#use-parameterized-tests">Modern Best Practices for Testing in Java -
-  Philipp Hauer</a> </li>
+  <li> <a href="https://phauer.com/2019/modern-best-practices-testing-java/#use-fixed-data-instead-of-randomized-data">Modern Best Practices for
+  Testing in Java - Philipp Hauer</a> </li>
   <li> <a href="https://jqwik.net/">Jqwik test engine</a> </li>
 </ul>
 

java-checks/src/main/resources/org/sonar/l10n/java/rules/java/S5977_java.json

@@ -4,7 +4,7 @@
   "status": "ready",
   "remediation": {
     "func": "Constant\/Issue",
-    "constantCost": "20min"
+    "constantCost": "10min"
   },
   "tags": [
     "tests",

java-checks/src/main/resources/org/sonar/l10n/java/rules/java/Sonar_way_profile.json

@@ -417,7 +417,6 @@
     "S5967",
     "S5969",
     "S5973",
-    "S5976",
-    "S5977"
+    "S5976"
   ]
 }

sonarpedia.json

@@ -3,7 +3,7 @@
   "languages": [
     "JAVA"
   ],
-  "latest-update": "2020-08-27T14:58:46.476813600Z",
+  "latest-update": "2020-09-22T14:57:07.001725Z",
   "options": {
     "no-language-in-filenames": false,
     "preserve-filenames": false