From e65d456d234f0ed50e973991ddf8170e81b3fe40 Mon Sep 17 00:00:00 2001 From: Victor <106590915+victor-diez-sonarsource@users.noreply.github.com> Date: Wed, 11 Oct 2023 19:48:17 +0200 Subject: [PATCH] Modify S1874: Migrate to LayC (#3241) --- rules/S1874/cfamily/rule.adoc | 41 ++++++---------------- rules/S1874/comments-and-links.adoc | 16 --------- rules/S1874/description.adoc | 8 ++++- rules/S1874/java/rule.adoc | 53 +++++++++++++++++------------ rules/S1874/javascript/rule.adoc | 34 ++++++------------ rules/S1874/kotlin/rule.adoc | 25 ++++++-------- rules/S1874/message.adoc | 7 ---- rules/S1874/noncompliant.adoc | 32 ----------------- rules/S1874/rule.adoc | 7 ---- rules/S1874/see.adoc | 2 +- 10 files changed, 71 insertions(+), 154 deletions(-) delete mode 100644 rules/S1874/comments-and-links.adoc delete mode 100644 rules/S1874/message.adoc delete mode 100644 rules/S1874/noncompliant.adoc delete mode 100644 rules/S1874/rule.adoc diff --git a/rules/S1874/cfamily/rule.adoc b/rules/S1874/cfamily/rule.adoc index 9155d66981e..8e1027a17af 100644 --- a/rules/S1874/cfamily/rule.adoc +++ b/rules/S1874/cfamily/rule.adoc @@ -1,45 +1,26 @@ == Why is this an issue? -Code annotated as deprecated should not be used since it will be removed sooner or later. - -=== Noncompliant code example +include::../description.adoc[] [source,cpp] ---- // C++14 attribute -[[deprecated]] -void fun(); +[[deprecated("Use newFunction instead.")]] +void oldFunction(); // GNU attribute -__attribute__((deprecated)) -void fun(); +__attribute__((deprecated("Use newFunction instead."))) +void oldFunction(); // Microsoft attribute -__declspec(deprecated) -void fun(); +__declspec(deprecated("Use newFunction instead.")) +void oldFunction(); + +void newFunction(); void example() { - fun(); // Noncompliant + oldFunction(); // Noncompliant } ---- -== Resources - -* https://cwe.mitre.org/data/definitions/477[MITRE, CWE-477] - Use of Obsolete Functions -* https://wiki.sei.cmu.edu/confluence/x/6TdGBQ[CERT, MET02-J.] - Do not use deprecated or obsolete classes or methods - -ifdef::env-github,rspecator-view[] - -''' -== Implementation Specification -(visible only on this page) - -include::../message.adoc[] - -''' -== Comments And Links -(visible only on this page) - -include::../comments-and-links.adoc[] - -endif::env-github,rspecator-view[] +include::../see.adoc[] diff --git a/rules/S1874/comments-and-links.adoc b/rules/S1874/comments-and-links.adoc deleted file mode 100644 index 42f2cbf2d1c..00000000000 --- a/rules/S1874/comments-and-links.adoc +++ /dev/null @@ -1,16 +0,0 @@ -=== deprecates: S1724 - -=== is related to: S5738 - -=== on 11 Feb 2015, 12:36:25 Sébastien Gioria wrote: -This rule is related to OWASP Top10 A9 - -=== on 11 Feb 2015, 12:53:22 Ann Campbell wrote: -Thanks [~sebastien.gioria] - -=== on 5 Sep 2016, 17:20:14 Alban Auzeill wrote: -@Ann Could you check the new message? - -=== on 6 Sep 2016, 08:50:34 Ann Campbell wrote: -It's fine [~alban.auzeill] - diff --git a/rules/S1874/description.adoc b/rules/S1874/description.adoc index dff1c9d5c37..3a705bb7214 100644 --- a/rules/S1874/description.adoc +++ b/rules/S1874/description.adoc @@ -1 +1,7 @@ -Once deprecated, classes, and interfaces, and their members should be avoided, rather than used, inherited or extended. Deprecation is a warning that the class or interface has been superseded, and will eventually be removed. The deprecation period allows you to make a smooth transition away from the aging, soon-to-be-retired technology. +Code is sometimes annotated as deprecated by developers maintaining libraries or APIs to indicate that the method, class, or other programming element is no longer recommended for use. This is typically due to the introduction of a newer or more effective alternative. For example, when a better solution has been identified, or when the existing code presents potential errors or security risks. + +Deprecation is a good practice because it helps to phase out obsolete code in a controlled manner, without breaking existing software that may still depend on it. It is a way to warn other developers not to use the deprecated element in new code, and to replace it in existing code when possible. + +Deprecated classes, interfaces, and their members should not be used, inherited or extended because they will eventually be removed. The deprecation period allows you to make a smooth transition away from the aging, soon-to-be-retired technology. + +Check the documentation or the deprecation message to understand why the code was deprecated and what the recommended alternative is. \ No newline at end of file diff --git a/rules/S1874/java/rule.adoc b/rules/S1874/java/rule.adoc index cc9a983ab20..89ebdc3bc9d 100644 --- a/rules/S1874/java/rule.adoc +++ b/rules/S1874/java/rule.adoc @@ -2,25 +2,34 @@ include::../description.adoc[] -include::../noncompliant.adoc[] - -== Resources - -* https://cwe.mitre.org/data/definitions/477[MITRE, CWE-477] - Use of Obsolete Functions -* https://wiki.sei.cmu.edu/confluence/x/6TdGBQ[CERT, MET02-J.] - Do not use deprecated or obsolete classes or methods - -ifdef::env-github,rspecator-view[] - -''' -== Implementation Specification -(visible only on this page) - -include::../message.adoc[] - -''' -== Comments And Links -(visible only on this page) - -include::../comments-and-links.adoc[] - -endif::env-github,rspecator-view[] +[source,java] +---- +/** + * @deprecated As of release 1.3, replaced by {@link #Foo} + */ +@Deprecated +public class Fum { ... } + +public class Foo { + /** + * @deprecated As of release 1.7, replaced by {@link #newMethod()} + */ + @Deprecated + public void oldMethod() { ... } + + public void newMethod() { ... } +} + +public class Bar extends Foo { + public void oldMethod() { ... } // Noncompliant; don't override a deprecated method +} + +public class Baz extends Fum { // Noncompliant; Fum is deprecated + public void myMethod() { + Foo foo = new Foo(); + foo.oldMethod(); // Noncompliant; oldMethod method is deprecated + } +} +---- + +include::../see.adoc[] diff --git a/rules/S1874/javascript/rule.adoc b/rules/S1874/javascript/rule.adoc index c0dbd2282b0..5b5e783461e 100644 --- a/rules/S1874/javascript/rule.adoc +++ b/rules/S1874/javascript/rule.adoc @@ -2,34 +2,20 @@ include::../description.adoc[] -=== Noncompliant code example - [source,javascript] ---- -export interface LanguageService { - /** - * @deprecated Use getEncodedSyntacticClassifications instead. - */ - getSyntacticClassifications(fileName: string, span: TextSpan): ClassifiedSpan[]; +/** + * @deprecated Use newFunction instead. + */ +function oldFunction() { + console.log("This is the old function."); } -const syntacticClassifications = getLanguageService().getSyntacticClassifications(file, span); // Noncompliant +function newFunction() { + console.log("This is the new function."); +} +oldFunction(); // Noncompliant: "oldFunction is deprecated" ---- -include::../see.adoc[] - -ifdef::env-github,rspecator-view[] - -''' -== Implementation Specification -(visible only on this page) -include::../message.adoc[] - -''' -== Comments And Links -(visible only on this page) - -include::../comments-and-links.adoc[] - -endif::env-github,rspecator-view[] +include::../see.adoc[] diff --git a/rules/S1874/kotlin/rule.adoc b/rules/S1874/kotlin/rule.adoc index a388d8c3bea..e6f2db0b48d 100644 --- a/rules/S1874/kotlin/rule.adoc +++ b/rules/S1874/kotlin/rule.adoc @@ -1,22 +1,19 @@ == Why is this an issue? -Code annotated as deprecated should not be used since it will be removed sooner or later. - -=== Noncompliant code example +include::../description.adoc[] [source,kotlin] ---- -@Deprecated("") -interface Old - -class Example : Old // Noncompliant ----- -ifdef::env-github,rspecator-view[] +@Deprecated("This function is deprecated, use newFunction instead", ReplaceWith("newFunction()")) +fun oldFunction() { + println("This is the old function.") +} -''' -== Implementation Specification -(visible only on this page) +fun newFunction() { + println("This is the new function.") +} -include::../message.adoc[] +oldFunction() // Noncompliant: "oldFunction is deprecated" +---- -endif::env-github,rspecator-view[] +include::../see.adoc[] diff --git a/rules/S1874/message.adoc b/rules/S1874/message.adoc deleted file mode 100644 index 69a316b5eaa..00000000000 --- a/rules/S1874/message.adoc +++ /dev/null @@ -1,7 +0,0 @@ -=== Message - -* Remove this call to a deprecated method. -* Remove this use of a deprecated [class|field]. -* Remove this use of "xxx"; it is deprecated. -* Don't override a deprecated method or explicitly mark it as "@Deprecated". - diff --git a/rules/S1874/noncompliant.adoc b/rules/S1874/noncompliant.adoc deleted file mode 100644 index 0e206be4286..00000000000 --- a/rules/S1874/noncompliant.adoc +++ /dev/null @@ -1,32 +0,0 @@ -=== Noncompliant code example - -[source,text] ----- -/** - * @deprecated As of release 1.3, replaced by {@link #Fee} - */ -@Deprecated -public class Fum { ... } - -public class Foo { - /** - * @deprecated As of release 1.7, replaced by {@link #doTheThingBetter()} - */ - @Deprecated - public void doTheThing() { ... } - - public void doTheThingBetter() { ... } -} - -public class Bar extends Foo { - public void doTheThing() { ... } // Noncompliant; don't override a deprecated method or explicitly mark it as @Deprecated -} - -public class Bar extends Fum { // Noncompliant; Fum is deprecated - - public void myMethod() { - Foo foo = new Foo(); // okay; the class isn't deprecated - foo.doTheThing(); // Noncompliant; doTheThing method is deprecated - } -} ----- diff --git a/rules/S1874/rule.adoc b/rules/S1874/rule.adoc deleted file mode 100644 index 5b75b7aed06..00000000000 --- a/rules/S1874/rule.adoc +++ /dev/null @@ -1,7 +0,0 @@ -== Why is this an issue? - -include::description.adoc[] - -include::noncompliant.adoc[] - -include::see.adoc[] diff --git a/rules/S1874/see.adoc b/rules/S1874/see.adoc index d2cb8ca2347..94078077a9d 100644 --- a/rules/S1874/see.adoc +++ b/rules/S1874/see.adoc @@ -1,3 +1,3 @@ == Resources - +=== Documentation * https://cwe.mitre.org/data/definitions/477[MITRE, CWE-477] - Use of Obsolete Functions