SONARJAVA-5102 Update SE rule metadata (#4852)

java-symbolic-execution/java-symbolic-execution-plugin/src/main/resources/org/sonar/l10n/java/rules/javase/S2259.html

@@ -1,3 +1,4 @@
+<p>This rule is deprecated; use {rule:java:S6555} instead.</p>
 <h2>Why is this an issue?</h2>
 <p>A reference to <code>null</code> should never be dereferenced/accessed. Doing so will cause a <code>NullPointerException</code> to be thrown. At
 best, such an exception will cause abrupt program termination. At worst, it could expose debugging information that would be useful to an attacker, or

java-symbolic-execution/java-symbolic-execution-plugin/src/main/resources/org/sonar/l10n/java/rules/javase/S2259.json

@@ -7,16 +7,12 @@
     },
     "attribute": "LOGICAL"
   },
-  "status": "ready",
+  "status": "deprecated",
   "remediation": {
     "func": "Constant\/Issue",
     "constantCost": "10min"
   },
-  "tags": [
-    "cwe",
-    "cert",
-    "symbolic-execution"
-  ],
+  "tags": [],
   "defaultSeverity": "Major",
   "ruleSpecification": "RSPEC-2259",
   "sqKey": "S2259",

java-symbolic-execution/java-symbolic-execution-plugin/src/main/resources/org/sonar/l10n/java/rules/javase/S2583.html

@@ -1,3 +1,4 @@
+<p>This rule is deprecated; use {rule:java:S6651} instead.</p>
 <h2>Why is this an issue?</h2>
 <p>Conditional expressions which are always <code>true</code> or <code>false</code> can lead to <a
 href="https://en.wikipedia.org/wiki/Unreachable_code">unreachable code</a>.</p>

java-symbolic-execution/java-symbolic-execution-plugin/src/main/resources/org/sonar/l10n/java/rules/javase/S2583.json

@@ -7,19 +7,12 @@
     },
     "attribute": "LOGICAL"
   },
-  "status": "ready",
+  "status": "deprecated",
   "remediation": {
     "func": "Constant\/Issue",
     "constantCost": "15min"
   },
-  "tags": [
-    "cwe",
-    "cert",
-    "unused",
-    "suspicious",
-    "pitfall",
-    "symbolic-execution"
-  ],
+  "tags": [],
   "defaultSeverity": "Major",
   "ruleSpecification": "RSPEC-2583",
   "sqKey": "S2583",

java-symbolic-execution/java-symbolic-execution-plugin/src/main/resources/org/sonar/l10n/java/rules/javase/S2589.html

@@ -1,3 +1,4 @@
+<p>This rule is deprecated; use {rule:java:S6646} instead.</p>
 <p>Gratuitous boolean expressions are conditions that do not change the evaluation of a program. This issue can indicate logical errors and affect the
 correctness of an application, as well as its maintainability.</p>
 <h2>Why is this an issue?</h2>

java-symbolic-execution/java-symbolic-execution-plugin/src/main/resources/org/sonar/l10n/java/rules/javase/S2589.json

@@ -7,17 +7,12 @@
     },
     "attribute": "LOGICAL"
   },
-  "status": "ready",
+  "status": "deprecated",
   "remediation": {
     "func": "Constant\/Issue",
     "constantCost": "10min"
   },
-  "tags": [
-    "cwe",
-    "suspicious",
-    "redundant",
-    "symbolic-execution"
-  ],
+  "tags": [],
   "defaultSeverity": "Major",
   "ruleSpecification": "RSPEC-2589",
   "sqKey": "S2589",

java-symbolic-execution/java-symbolic-execution-plugin/src/main/resources/org/sonar/l10n/java/rules/javase/S2755.json

@@ -40,7 +40,7 @@
     "ASVS 4.0": [
       "5.5.2"
     ],
-    "STIG ASD 2023-06-08": [
+    "STIG ASD_V5R3": [
       "V-222608"
     ]
   },

java-symbolic-execution/java-symbolic-execution-plugin/src/main/resources/org/sonar/l10n/java/rules/javase/S3518.html

@@ -1,3 +1,4 @@
+<p>This rule is deprecated; use {rule:java:S6649} instead.</p>
 <p>If the denominator to an integer division or remainder operation is zero, a <code>ArithmeticException</code> is thrown.</p>
 <p>This error will crash your program in most cases. To fix it, you need to ensure that the denominator value in all division operations is always
 non-zero, or check the value against zero before performing the division.</p>

java-symbolic-execution/java-symbolic-execution-plugin/src/main/resources/org/sonar/l10n/java/rules/javase/S3518.json

@@ -7,17 +7,12 @@
     },
     "attribute": "LOGICAL"
   },
-  "status": "ready",
+  "status": "deprecated",
   "remediation": {
     "func": "Constant\/Issue",
     "constantCost": "5 min"
   },
-  "tags": [
-    "cwe",
-    "denial-of-service",
-    "cert",
-    "symbolic-execution"
-  ],
+  "tags": [],
   "defaultSeverity": "Critical",
   "ruleSpecification": "RSPEC-3518",
   "sqKey": "S3518",
@@ -30,7 +25,7 @@
     "CWE": [
       369
     ],
-    "STIG ASD 2023-06-08": [
+    "STIG ASD_V5R3": [
       "V-222612"
     ]
   },

java-symbolic-execution/java-symbolic-execution-plugin/src/main/resources/org/sonar/l10n/java/rules/javase/S3655.html

@@ -1,3 +1,4 @@
+<p>This rule is deprecated; use {rule:java:S6707} instead.</p>
 <h2>Why is this an issue?</h2>
 <p><code>Optional</code> value can hold either a value or not. The value held in the <code>Optional</code> can be accessed using the
 <code>get()</code> method, but it will throw a</p>

java-symbolic-execution/java-symbolic-execution-plugin/src/main/resources/org/sonar/l10n/java/rules/javase/S3655.json

@@ -7,15 +7,12 @@
     },
     "attribute": "COMPLETE"
   },
-  "status": "ready",
+  "status": "deprecated",
   "remediation": {
     "func": "Constant\/Issue",
     "constantCost": "10min"
   },
-  "tags": [
-    "cwe",
-    "symbolic-execution"
-  ],
+  "tags": [],
   "defaultSeverity": "Major",
   "ruleSpecification": "RSPEC-3655",
   "sqKey": "S3655",

java-symbolic-execution/java-symbolic-execution-plugin/src/main/resources/org/sonar/l10n/java/rules/javase/S3959.html

@@ -1,3 +1,4 @@
+<p>This rule is deprecated; use {rule:java:S6976} instead.</p>
 <h2>Why is this an issue?</h2>
 <p>Stream operations are divided into intermediate and terminal operations, and are combined to form stream pipelines. After the terminal operation is
 performed, the stream pipeline is considered consumed, and cannot be used again. Such a reuse will yield unexpected results.</p>

java-symbolic-execution/java-symbolic-execution-plugin/src/main/resources/org/sonar/l10n/java/rules/javase/S3959.json

@@ -7,15 +7,12 @@
     },
     "attribute": "LOGICAL"
   },
-  "status": "ready",
+  "status": "deprecated",
   "remediation": {
     "func": "Constant\/Issue",
     "constantCost": "10min"
   },
-  "tags": [
-    "java8",
-    "symbolic-execution"
-  ],
+  "tags": [],
   "defaultSeverity": "Major",
   "ruleSpecification": "RSPEC-3959",
   "sqKey": "S3959",

java-symbolic-execution/java-symbolic-execution-plugin/src/main/resources/org/sonar/l10n/java/rules/javase/S6373.json

@@ -39,7 +39,7 @@
     "ASVS 4.0": [
       "5.5.2"
     ],
-    "STIG ASD 2023-06-08": [
+    "STIG ASD_V5R3": [
       "V-222608"
     ]
   },

java-symbolic-execution/java-symbolic-execution-plugin/src/main/resources/org/sonar/l10n/java/rules/javase/S6376.json

@@ -29,7 +29,7 @@
     "OWASP Top 10 2021": [
       "A5"
     ],
-    "STIG ASD 2023-06-08": [
+    "STIG ASD_V5R3": [
       "V-222593",
       "V-222608",
       "V-222667"

java-symbolic-execution/java-symbolic-execution-plugin/src/main/resources/org/sonar/l10n/java/rules/javase/S6377.json

@@ -29,7 +29,7 @@
     "OWASP Top 10 2021": [
       "A2"
     ],
-    "STIG ASD 2023-06-08": [
+    "STIG ASD_V5R3": [
       "V-222608"
     ]
   },

java-symbolic-execution/java-symbolic-execution-plugin/src/main/resources/org/sonar/l10n/java/rules/javase/Sonar_way_profile.json

@@ -4,19 +4,13 @@
     "S2095",
     "S2189",
     "S2222",
-    "S2259",
-    "S2583",
-    "S2589",
     "S2637",
     "S2689",
     "S2755",
     "S3065",
     "S3516",
-    "S3518",
-    "S3655",
     "S3824",
     "S3958",
-    "S3959",
     "S4165",
     "S4449",
     "S6373",

java-symbolic-execution/java-symbolic-execution-plugin/src/test/java/org/sonar/java/se/plugin/JavaSECheckRegistrarTest.java

@@ -46,6 +46,17 @@ class JavaSECheckRegistrarTest {
 
   private static final ActiveRules activeRules = activeRules(getRuleKeysWithRepo());
 
+  private static final List<String> rulesNotActiveByDefault = List.of(
+    "S2259",
+    "S2583",
+    "S2589",
+    "S3518",
+    "S3546",
+    "S3655",
+    "S3959",
+    "S6374"
+  );
+
   @Test
   void register_rules() {
     CheckRegistrar registrar = new JavaSECheckRegistrar(null);
@@ -80,7 +91,7 @@ void rules_definition() {
     assertThat(rules).hasSize(23);
 
     var activeByDefault = rules.stream()
-      .filter(k -> !"S6374".equals(k.key()) && !"S3546".equals(k.key()))
+      .filter(k -> !rulesNotActiveByDefault.contains(k.key()))
       .toList();
     var allRules = rules.stream().map(RulesDefinition.Rule::key).toList();
 

java-symbolic-execution/sonarpedia.json

@@ -3,7 +3,7 @@
   "languages": [
     "JAVA"
   ],
-  "latest-update": "2024-06-04T16:13:16.680708700Z",
+  "latest-update": "2024-08-29T10:04:42.887568058Z",
   "options": {
     "no-language-in-filenames": true,
     "preserve-filenames": false