Merge branch 'rg/remove-test-case' of https://github.com/Ricagraca/sp…

…ectral-owasp-ruleset into feat/2023
stoplightio · Jan 21, 2024 · f5eed66 · f5eed66
2 parents 8785861 + 12a2b38
commit f5eed66
Show file tree

Hide file tree

Showing 7 changed files with 2,609 additions and 1,158 deletions.
diff --git a/README.md b/README.md
@@ -39,9 +39,9 @@ You should see some output like this:
 
 ```
 /Users/phil/src/protect-earth-api/api/openapi.yaml
-  44:17      warning  owasp:api3:2019-define-error-responses-400:400 response should be defined.. Missing responses[400]  paths./upload.post.responses
-  44:17      warning  owasp:api3:2019-define-error-responses-429:429 response should be defined.. Missing responses[429]  paths./upload.post.responses
-  44:17      warning  owasp:api3:2019-define-error-responses-500:500 response should be defined.. Missing responses[500]  paths./upload.post.responses
+  44:17      warning  owasp:api8:2023-define-error-responses-400:400 response should be defined.. Missing responses[400]  paths./upload.post.responses
+  44:17      warning  owasp:api8:2023-define-error-responses-429:429 response should be defined.. Missing responses[429]  paths./upload.post.responses
+  44:17      warning  owasp:api8:2023-define-error-responses-500:500 response should be defined.. Missing responses[500]  paths./upload.post.responses
   45:15        error  owasp:api4:2019-rate-limit                  All 2XX and 4XX responses should define rate limiting headers.  paths./upload.post.responses[201]
   47:15        error  owasp:api4:2019-rate-limit                  All 2XX and 4XX responses should define rate limiting headers.  paths./upload.post.responses[401]
   53:15        error  owasp:api4:2019-rate-limit                  All 2XX and 4XX responses should define rate limiting headers.  paths./upload.post.responses[403]

diff --git a/UPGRADE.md b/UPGRADE.md
@@ -1,8 +1,13 @@
 
-- Renamed `owasp:api3:2019-define-error-validation` to `owasp:api8:2023-define-error-validation`
-- Renamed `owasp:api3:2019-define-error-responses-401` to `owasp:api8:2023-define-error-responses-401`
-- Renamed `owasp:api3:2019-define-error-responses-500` to `owasp:api8:2023-define-error-responses-500`
+- Renamed `owasp:api3:2019-define-error-validation` to `owasp:api8:2023-define-error-validation`.
+- Renamed `owasp:api3:2019-define-error-responses-401` to `owasp:api8:2023-define-error-responses-401`.
+- Renamed `owasp:api3:2019-define-error-responses-500` to `owasp:api8:2023-define-error-responses-500`.
 
+- Renamed `owasp:api7:2023-security-hosts-https-oas2` to `owasp:api8:2023-security-hosts-https-oas2`.
+- Renamed `owasp:api7:2023-security-hosts-https-oas3` to `owasp:api8:2023-security-hosts-https-oas3`.
+- Renamed `owasp:api7:2023-define-error-validation` to `owasp:api8:2023-define-error-validation`.
+- Renamed `owasp:api7:2023-define-error-responses-401` to `owasp:api8:2023-define-error-responses-401`.
+- Renamed `owasp:api7:2023-define-error-responses-500` to `owasp:api8:2023-define-error-responses-500`.
 
 - Renamed `owasp:api6:2019-no-additionalProperties` to `owasp:api3:2023-no-additionalProperties` and restricted rule to only run the `oas3_0` format.
 - Renamed `owasp:api6:2019-constrained-additionalProperties` to `owasp:api3:2023-constrained-additionalProperties`  and restricted rule to only run the `oas3_0` format.

diff --git a/__tests__/owasp-api4-2019-integer-limit.test.ts b/__tests__/owasp-api4-2019-integer-limit.test.ts
@@ -120,29 +120,6 @@ testRule("owasp:api4:2019-integer-limit", [
     ],
   },
 
-  {
-    name: "invalid case: only maximum",
-    document: {
-      openapi: "3.1.0",
-      info: { version: "1.0" },
-      components: {
-        schemas: {
-          Foo: {
-            type: "integer",
-            maximum: 99,
-          },
-        },
-      },
-    },
-    errors: [
-      {
-        message: "Schema of type integer must specify minimum and maximum.",
-        path: ["components", "schemas", "Foo"],
-        severity: DiagnosticSeverity.Error,
-      },
-    ],
-  },
-
   {
     name: "invalid case: only exclusiveMinimum",
     document: {

diff --git a/__tests__/owasp-api7-2019-security-hosts-https-oas2.test.ts b/__tests__/owasp-api7-2019-security-hosts-https-oas2.test.ts
diff --git a/__tests__/owasp-api7-2019-security-hosts-https-oas3.test.ts b/__tests__/owasp-api7-2019-security-hosts-https-oas3.test.ts