diff --git a/analysis/pr3540_all_findings_table.md b/analysis/pr3540_all_findings_table.md new file mode 100644 index 0000000000..64fcde1bd1 --- /dev/null +++ b/analysis/pr3540_all_findings_table.md @@ -0,0 +1,222 @@ +| ID | Kategorie | Regelcode | Severity | Status | Datei | Zeile | Nachricht | Codebereich | Direkt behebbar | +|---|---|---|---|---|---|---:|---|---|---| +| AZ2NbA47JpYMQiJwV1lh | Issue | cpp:S1066 | MAJOR | OPEN | src/request_body_processor/xml.cc | 331 | Merge this "if" statement with the enclosing one. | Production | Ja | +| AZ2H7l4Bym_e-6l8FQml | Issue | cpp:S6009 | MINOR | OPEN | src/request_body_processor/json.cc | 42 | Replace this const reference to "std::string" by a "std::string_view". | Production | Ja | +| AZ2H7l3vym_e-6l8FQmj | Issue | cpp:S6024 | MINOR | OPEN | src/request_body_processor/json_adapter.cc | 56 | Prefer free functions over member functions when handling objects of generic type "InputType". | Production | Ja | +| AZ2H7l3vym_e-6l8FQmk | Issue | cpp:S995 | MINOR | OPEN | src/request_body_processor/json_adapter.cc | 57 | Make the type of this parameter a pointer-to-const. The current type of "sink" is "class modsecurity::RequestBodyProcessor::JsonEventSink *". | Production | Ja | +| AZ2H7l3jym_e-6l8FQmi | Issue | cpp:S6004 | MINOR | OPEN | src/request_body_processor/json_backend_jsoncons.cc | 623 | Use the init-statement to declare "sync_detail" inside the if statement. | Production | Ja | +| AZ2HqeBsWym3B0O6okyS | Issue | cpp:S5952 | MINOR | OPEN | test/benchmark/json_benchmark.cc | 71 | Add a using-declaration to this derived class to inherit the constructors of "runtime_error", and remove the ones you manually duplicated. Note that this may add other constructors to your derived class. | Benchmark | Ja | +| AZ2HqeBsWym3B0O6okyT | Issue | cpp:S6004 | MINOR | OPEN | test/benchmark/json_benchmark.cc | 144 | Use the init-statement to declare "current" inside the if statement. | Benchmark | Ja | +| AZ2DWE24t-zbsGOGdN_K | Issue | cpp:S4998 | MAJOR | OPEN | test/benchmark/json_benchmark.cc | 316 | Replace this use of "unique_ptr" by a raw pointer or a reference (possibly const). | Benchmark | Ja | +| AZ2DVDgODPiZK5yPV1-J | Issue | cpp:S1188 | MAJOR | OPEN | test/regression/regression_test.cc | 235 | This lambda has 23 lines, which is greater than the 20 lines authorized. Split it into several lambdas or functions, or make it a named function. | Test | Ja | +| AZ2CBI6Kkud7vHWq0tqj | Issue | cpp:S6022 | MAJOR | OPEN | src/operators/validate_byte_range.cc | 157 | Use "std::byte" for byte-oriented data manipulation. | Production | Ja | +| AZ2CA_xuGCkM6OziEPeu | Issue | cpp:S4144 | MAJOR | OPEN | test/unit/json_backend_depth_tests.cc | 50 | Update this method so that its implementation is not identical to on_key. | Test | Ja | +| AZ1-doCWXISY38E6TxpK | Issue | cpp:S6009 | MINOR | OPEN | test/benchmark/json_benchmark.cc | 321 | Replace this const reference to "std::string" by a "std::string_view". | Benchmark | Ja | +| AZ1-doCWXISY38E6TxpR | Issue | cpp:S6009 | MINOR | OPEN | test/benchmark/json_benchmark.cc | 419 | Replace this const reference to "std::string" by a "std::string_view". | Benchmark | Ja | +| AZ1-doCWXISY38E6TxpU | Issue | cpp:S6009 | MINOR | OPEN | test/benchmark/json_benchmark.cc | 486 | Replace this const reference to "std::string" by a "std::string_view". | Benchmark | Ja | +| AZ190QEMSTzC4JOHOn9q | Issue | cpp:S6022 | MAJOR | OPEN | src/operators/validate_byte_range.cc | 73 | Use "std::byte" for byte-oriented data manipulation. | Production | Ja | +| AZ190QFsSTzC4JOHOn9u | Issue | cpp:S3562 | MAJOR | OPEN | src/request_body_processor/json_backend_jsoncons.cc | 220 | 4 enumeration values not handled in switch: 'int64_value', 'uint64_value', 'half_value'... | Production | Ja | +| AZ190QA8STzC4JOHOn9k | Issue | cpp:S5945 | MAJOR | OPEN | src/utils/json_writer.cc | 156 | Use "std::string" instead of a C-style char array. | Production | Ja | +| AZ190QA8STzC4JOHOn9n | Issue | cpp:S6022 | MAJOR | OPEN | src/utils/json_writer.cc | 184 | Use "std::byte" for byte-oriented data manipulation. | Production | Ja | +| AZ190QA8STzC4JOHOn9o | Issue | cpp:S6022 | MAJOR | OPEN | src/utils/json_writer.cc | 185 | Use "std::byte" for byte-oriented data manipulation. | Production | Ja | +| AZ190QIVSTzC4JOHOn-g | Issue | cpp:S2807 | MAJOR | OPEN | test/common/json.h | 78 | Make this member overloaded operator a hidden friend. | Test | Ja | +| AZ190QIVSTzC4JOHOn-h | Issue | cpp:S2807 | MAJOR | OPEN | test/common/json.h | 123 | Make this member overloaded operator a hidden friend. | Test | Ja | +| AZ190QIVSTzC4JOHOn-i | Issue | cpp:S1181 | MAJOR | OPEN | test/common/json.h | 219 | Catch a more specific exception instead of a generic one. | Test | Ja | +| AZ190QIVSTzC4JOHOn-j | Issue | cpp:S995 | MINOR | OPEN | test/common/json.h | 232 | Make the type of this parameter a pointer-to-const. The current type of "error" is "std::string *". | Test | Ja | +| AZ190QIVSTzC4JOHOn-k | Issue | cpp:S995 | MINOR | OPEN | test/common/json.h | 242 | Make the type of this parameter a pointer-to-const. The current type of "error" is "std::string *". | Test | Ja | +| AZ190QIVSTzC4JOHOn-l | Issue | cpp:S995 | MINOR | OPEN | test/common/json.h | 252 | Make the type of this parameter a pointer-to-const. The current type of "error" is "std::string *". | Test | Ja | +| AZ190QIVSTzC4JOHOn-m | Issue | cpp:S995 | MINOR | OPEN | test/common/json.h | 262 | Make the type of this parameter a pointer-to-const. The current type of "error" is "std::string *". | Test | Ja | +| AZ190QIVSTzC4JOHOn-n | Issue | cpp:S995 | MINOR | OPEN | test/common/json.h | 269 | Make the type of this parameter a pointer-to-const. The current type of "error" is "std::string *". | Test | Ja | +| AZ190QIVSTzC4JOHOn-o | Issue | cpp:S995 | MINOR | OPEN | test/common/json.h | 279 | Make the type of this parameter a pointer-to-const. The current type of "error" is "std::string *". | Test | Ja | +| AZ190QIVSTzC4JOHOn-p | Issue | cpp:S1181 | MAJOR | OPEN | test/common/json.h | 309 | Catch a more specific exception instead of a generic one. | Test | Ja | +| AZ190QIVSTzC4JOHOn-q | Issue | cpp:S1181 | MAJOR | OPEN | test/common/json.h | 321 | Catch a more specific exception instead of a generic one. | Test | Ja | +| AZ190QIVSTzC4JOHOn-r | Issue | cpp:S1181 | MAJOR | OPEN | test/common/json.h | 333 | Catch a more specific exception instead of a generic one. | Test | Ja | +| AZ190QKvSTzC4JOHOn-4 | Issue | cpp:S5817 | MAJOR | OPEN | test/regression/regression_test.cc | 431 | This function should be declared "const". | Test | Ja | +| AZ190QIESTzC4JOHOn-d | Issue | cpp:S886 | MINOR | OPEN | src/modsecurity.cc | 232 | Refactor this loop so that it is less error-prone. | Production | Ja | +| AZ190QIESTzC4JOHOn-e | Issue | cpp:S886 | MINOR | OPEN | src/modsecurity.cc | 288 | Refactor this loop so that it is less error-prone. | Production | Ja | +| AZ2NTAUK-fxIQtZsdoYq | Issue | cpp:S134 | CRITICAL | CLOSED | src/request_body_processor/xml.cc | | Refactor this code to not nest more than 3 if|for|do|while|switch statements. | Production | Ja | +| AZ2H7l3jym_e-6l8FQmh | Issue | cpp:S1172 | MAJOR | CLOSED | src/request_body_processor/json_backend_jsoncons.cc | | Remove the unused parameter "sink", make it unnamed, or declare it "[[maybe_unused]]". | Production | Ja | +| AZ2H7l0Nym_e-6l8FQmg | Issue | cpp:S6018 | MAJOR | CLOSED | src/request_body_processor/json_instrumentation.cc | | Use inline variables to define this global variable. | Production | Ja | +| AZ2DWE24t-zbsGOGdN-_ | Issue | cpp:S3776 | CRITICAL | CLOSED | test/benchmark/json_benchmark.cc | | Refactor this function to reduce its Cognitive Complexity from 33 to the 25 allowed. | Benchmark | Ja | +| AZ2DWE24t-zbsGOGdN_A | Issue | cpp:S112 | MAJOR | CLOSED | test/benchmark/json_benchmark.cc | | Define and throw a dedicated exception instead of using a generic one. | Benchmark | Ja | +| AZ2DWE24t-zbsGOGdN_B | Issue | cpp:S112 | MAJOR | CLOSED | test/benchmark/json_benchmark.cc | | Define and throw a dedicated exception instead of using a generic one. | Benchmark | Ja | +| AZ2DWE24t-zbsGOGdN_C | Issue | cpp:S112 | MAJOR | CLOSED | test/benchmark/json_benchmark.cc | | Define and throw a dedicated exception instead of using a generic one. | Benchmark | Ja | +| AZ2DWE24t-zbsGOGdN_D | Issue | cpp:S112 | MAJOR | CLOSED | test/benchmark/json_benchmark.cc | | Define and throw a dedicated exception instead of using a generic one. | Benchmark | Ja | +| AZ2DWE24t-zbsGOGdN_E | Issue | cpp:S112 | MAJOR | CLOSED | test/benchmark/json_benchmark.cc | | Define and throw a dedicated exception instead of using a generic one. | Benchmark | Ja | +| AZ2DWE24t-zbsGOGdN_F | Issue | cpp:S112 | MAJOR | CLOSED | test/benchmark/json_benchmark.cc | | Define and throw a dedicated exception instead of using a generic one. | Benchmark | Ja | +| AZ2DWE24t-zbsGOGdN_G | Issue | cpp:S112 | MAJOR | CLOSED | test/benchmark/json_benchmark.cc | | Define and throw a dedicated exception instead of using a generic one. | Benchmark | Ja | +| AZ2DWE24t-zbsGOGdN_H | Issue | cpp:S112 | MAJOR | CLOSED | test/benchmark/json_benchmark.cc | | Define and throw a dedicated exception instead of using a generic one. | Benchmark | Ja | +| AZ2DWE24t-zbsGOGdN_I | Issue | cpp:S112 | MAJOR | CLOSED | test/benchmark/json_benchmark.cc | | Define and throw a dedicated exception instead of using a generic one. | Benchmark | Ja | +| AZ2DWE24t-zbsGOGdN_J | Issue | cpp:S112 | MAJOR | CLOSED | test/benchmark/json_benchmark.cc | | Define and throw a dedicated exception instead of using a generic one. | Benchmark | Ja | +| AZ2DWE24t-zbsGOGdN_M | Issue | cpp:S112 | MAJOR | CLOSED | test/benchmark/json_benchmark.cc | | Define and throw a dedicated exception instead of using a generic one. | Benchmark | Ja | +| AZ2DWE24t-zbsGOGdN_N | Issue | cpp:S112 | MAJOR | CLOSED | test/benchmark/json_benchmark.cc | | Define and throw a dedicated exception instead of using a generic one. | Benchmark | Ja | +| AZ2DWE24t-zbsGOGdN_O | Issue | cpp:S112 | MAJOR | CLOSED | test/benchmark/json_benchmark.cc | | Define and throw a dedicated exception instead of using a generic one. | Benchmark | Ja | +| AZ2DWE24t-zbsGOGdN_P | Issue | cpp:S112 | MAJOR | CLOSED | test/benchmark/json_benchmark.cc | | Define and throw a dedicated exception instead of using a generic one. | Benchmark | Ja | +| AZ2DR4Fykud7vHWq_QVC | Issue | cpp:S6009 | MINOR | CLOSED | src/request_body_processor/json_adapter.cc | | Replace this const reference to "std::string" by a "std::string_view". | Production | Ja | +| AZ2DR4Fykud7vHWq_QVD | Issue | cpp:S995 | MINOR | CLOSED | src/request_body_processor/json_adapter.cc | | Make the type of this parameter a pointer-to-const. The current type of "sink" is "class modsecurity::RequestBodyProcessor::JsonEventSink *". | Production | Ja | +| AZ2DR4Fykud7vHWq_QVE | Issue | cpp:S995 | MINOR | CLOSED | src/request_body_processor/json_adapter.cc | | Make the type of this parameter a reference-to-const. The current type of "input" is "std::string &". | Production | Ja | +| AZ2DK9KwXISY38E6wMPS | Issue | cpp:S995 | MINOR | CLOSED | src/request_body_processor/json_adapter.cc | | Make the type of this parameter a pointer-to-const. The current type of "sink" is "class modsecurity::RequestBodyProcessor::JsonEventSink *". | Production | Ja | +| AZ2C_aavSTzC4JOHsQM1 | Issue | cpp:S1121 | MAJOR | CLOSED | src/request_body_processor/json_backend_jsoncons.cc | | Extract the assignment from this expression. | Production | Ja | +| AZ2CwcldK0fgB4uOpVKy | Issue | cpp:S995 | MINOR | CLOSED | src/request_body_processor/json_adapter.cc | | Make the type of this parameter a reference-to-const. The current type of "input" is "std::string &". | Production | Ja | +| AZ2CwcldK0fgB4uOpVK0 | Issue | cpp:S995 | MINOR | CLOSED | src/request_body_processor/json_adapter.cc | | Make the type of this parameter a pointer-to-const. The current type of "sink" is "class modsecurity::RequestBodyProcessor::JsonEventSink *". | Production | Ja | +| AZ2CwcldK0fgB4uOpVKz | Issue | cpp:S1172 | MAJOR | CLOSED | src/request_body_processor/json_adapter.cc | | Remove the unused parameter "options", make it unnamed, or declare it "[[maybe_unused]]". | Production | Ja | +| AZ2CwcnoK0fgB4uOpVK1 | Issue | cpp:S6004 | MINOR | CLOSED | src/request_body_processor/json_backend_simdjson.cc | | Use the init-statement to declare "tail" inside the if statement. | Production | Ja | +| AZ2CwcnoK0fgB4uOpVK2 | Issue | cpp:S1117 | MAJOR | CLOSED | src/request_body_processor/json_backend_simdjson.cc | | Declaration shadows a local variable "result" in the outer scope. | Production | Ja | +| AZ2CwcnoK0fgB4uOpVK3 | Issue | cpp:S1117 | MAJOR | CLOSED | src/request_body_processor/json_backend_simdjson.cc | | Declaration shadows a local variable "result" in the outer scope. | Production | Ja | +| AZ2CwcnoK0fgB4uOpVK4 | Issue | cpp:S5817 | MAJOR | CLOSED | src/request_body_processor/json_backend_simdjson.cc | | This function should be declared "const". | Production | Ja | +| AZ2CwcpOK0fgB4uOpVK5 | Issue | cpp:S6004 | MINOR | CLOSED | test/unit/json_backend_depth_tests.cc | | Use the init-statement to declare "result" inside the if statement. | Test | Ja | +| AZ2CwcpOK0fgB4uOpVK6 | Issue | cpp:S6004 | MINOR | CLOSED | test/unit/json_backend_depth_tests.cc | | Use the init-statement to declare "result" inside the if statement. | Test | Ja | +| AZ2CdKxRGCkM6OziHCww | Issue | cpp:S6004 | MINOR | CLOSED | test/unit/json_backend_depth_tests.cc | | Use the init-statement to declare "result" inside the if statement. | Test | Ja | +| AZ2CdKxRGCkM6OziHCwx | Issue | cpp:S5945 | MAJOR | CLOSED | test/unit/json_backend_depth_tests.cc | | Use "std::array" or "std::vector" instead of a C-style array. | Test | Ja | +| AZ2CdKxRGCkM6OziHCwy | Issue | cpp:S3628 | MINOR | CLOSED | test/unit/json_backend_depth_tests.cc | | Convert this string literal to a raw string literal. | Test | Ja | +| AZ2CA_0CGCkM6OziEPex | Issue | shelldre:S7688 | MAJOR | CLOSED | test/run-json-backend-matrix.sh | | Use '[[' instead of '[' for conditional tests. The '[[' construct is safer and more feature-rich. | Test | Ja | +| AZ2CA_xuGCkM6OziEPet | Issue | cpp:S5812 | MINOR | CLOSED | test/unit/json_backend_depth_tests.cc | | Concatenate this namespace with the nested one. | Test | Ja | +| AZ2CA_xuGCkM6OziEPev | Issue | cpp:S6004 | MINOR | CLOSED | test/unit/json_backend_depth_tests.cc | | Use the init-statement to declare "result" inside the if statement. | Test | Ja | +| AZ2CA_xuGCkM6OziEPew | Issue | cpp:S6004 | MINOR | CLOSED | test/unit/json_backend_depth_tests.cc | | Use the init-statement to declare "result" inside the if statement. | Test | Ja | +| AZ2BthMEO-njQfcv_7WG | Issue | cpp:S3776 | CRITICAL | CLOSED | src/request_body_processor/json_backend_jsoncons.cc | | Refactor this function to reduce its Cognitive Complexity from 41 to the 25 allowed. | Production | Ja | +| AZ2BthMEO-njQfcv_7WH | Issue | cpp:S1121 | MAJOR | CLOSED | src/request_body_processor/json_backend_jsoncons.cc | | Extract the assignment from this expression. | Production | Ja | +| AZ2BthMEO-njQfcv_7WI | Issue | cpp:S1121 | MAJOR | CLOSED | src/request_body_processor/json_backend_jsoncons.cc | | Extract the assignment from this expression. | Production | Ja | +| AZ2BthMEO-njQfcv_7WJ | Issue | cpp:S3776 | CRITICAL | CLOSED | src/request_body_processor/json_backend_jsoncons.cc | | Refactor this function to reduce its Cognitive Complexity from 43 to the 25 allowed. | Production | Ja | +| AZ2BthMEO-njQfcv_7WK | Issue | cpp:S6004 | MINOR | CLOSED | src/request_body_processor/json_backend_jsoncons.cc | | Use the init-statement to declare "decoded_number" inside the if statement. | Production | Ja | +| AZ2BthMEO-njQfcv_7WL | Issue | cpp:S134 | CRITICAL | CLOSED | src/request_body_processor/json_backend_jsoncons.cc | | Refactor this code to not nest more than 3 if|for|do|while|switch statements. | Production | Ja | +| AZ2BkKY5XISY38E6k-Ld | Issue | cpp:S1135 | INFO | CLOSED | src/request_body_processor/json_backend_simdjson.cc | | Complete the task associated to this "TODO" comment. | Production | Ja | +| AZ1-dn-nXISY38E6Txop | Issue | cpp:S5025 | CRITICAL | CLOSED | src/request_body_processor/json.cc | | Rewrite the code so that you no longer need this "delete". | Production | Ja | +| AZ1-dn-nXISY38E6Txoq | Issue | cpp:S5827 | MAJOR | CLOSED | src/request_body_processor/json.cc | | Replace the redundant type with "auto". | Production | Ja | +| AZ1-dn9hXISY38E6Txon | Issue | cpp:S5812 | MINOR | CLOSED | src/request_body_processor/json_instrumentation.cc | | Concatenate this namespace with the nested one. | Production | Ja | +| AZ1-dn9hXISY38E6Txoo | Issue | cpp:S5421 | CRITICAL | CLOSED | src/request_body_processor/json_instrumentation.cc | | Global variables should be const. | Production | Ja | +| AZ1-dn9QXISY38E6Txom | Issue | cpp:S5812 | MINOR | CLOSED | src/request_body_processor/json_instrumentation.h | | Concatenate this namespace with the nested one. | Production | Ja | +| AZ1-dn4cXISY38E6Txoh | Issue | cpp:S4962 | CRITICAL | CLOSED | src/utils/msc_tree.cc | | Use the "nullptr" literal. | Production | Ja | +| AZ1-doCWXISY38E6Txoz | Issue | cpp:S5421 | CRITICAL | CLOSED | test/benchmark/json_benchmark.cc | | Global pointers should be const at every level. | Benchmark | Ja | +| AZ1-doCWXISY38E6Txo0 | Issue | cpp:S112 | MAJOR | CLOSED | test/benchmark/json_benchmark.cc | | Define and throw a dedicated exception instead of using a generic one. | Benchmark | Ja | +| AZ1-doCWXISY38E6Txo1 | Issue | cpp:S112 | MAJOR | CLOSED | test/benchmark/json_benchmark.cc | | Define and throw a dedicated exception instead of using a generic one. | Benchmark | Ja | +| AZ1-doCWXISY38E6Txo6 | Issue | cpp:S886 | MINOR | CLOSED | test/benchmark/json_benchmark.cc | | Refactor this loop so that it is less error-prone. | Benchmark | Ja | +| AZ1-doCWXISY38E6Txo3 | Issue | cpp:S6004 | MINOR | CLOSED | test/benchmark/json_benchmark.cc | | Use the init-statement to declare "output_format" inside the if statement. | Benchmark | Ja | +| AZ1-doCWXISY38E6Txo4 | Issue | cpp:S6004 | MINOR | CLOSED | test/benchmark/json_benchmark.cc | | Use the init-statement to declare "is_invalid_scenario" inside the if statement. | Benchmark | Ja | +| AZ1-doCWXISY38E6TxpE | Issue | cpp:S5945 | MAJOR | CLOSED | test/benchmark/json_benchmark.cc | | Use "std::array" or "std::vector" instead of a C-style array. | Benchmark | Ja | +| AZ1-doCWXISY38E6TxpF | Issue | cpp:S5945 | MAJOR | CLOSED | test/benchmark/json_benchmark.cc | | Use "std::array" or "std::vector" instead of a C-style array. | Benchmark | Ja | +| AZ1-doCWXISY38E6TxpG | Issue | cpp:S7127 | CRITICAL | CLOSED | test/benchmark/json_benchmark.cc | | Use "std::size" to get the size of this array. | Benchmark | Ja | +| AZ1-doCWXISY38E6TxpM | Issue | cpp:S7121 | MAJOR | CLOSED | test/benchmark/json_benchmark.cc | | Remove this redundant call to "c_str" when initializing a const "std::string" reference parameter. | Benchmark | Ja | +| AZ1-doCWXISY38E6TxpJ | Issue | cpp:S6004 | MINOR | CLOSED | test/benchmark/json_benchmark.cc | | Use the init-statement to declare "parse_error" inside the if statement. | Benchmark | Ja | +| AZ1-doCWXISY38E6TxpS | Issue | cpp:S3628 | MINOR | CLOSED | test/benchmark/json_benchmark.cc | | Convert this string literal to a raw string literal. | Benchmark | Ja | +| AZ1-doCWXISY38E6TxpT | Issue | cpp:S3628 | MINOR | CLOSED | test/benchmark/json_benchmark.cc | | Convert this string literal to a raw string literal. | Benchmark | Ja | +| AZ1-doCWXISY38E6TxpV | Issue | cpp:S6004 | MINOR | CLOSED | test/benchmark/json_benchmark.cc | | Use the init-statement to declare "rules_path" inside the if statement. | Benchmark | Ja | +| AZ1-doCWXISY38E6Txo2 | Issue | cpp:S112 | MAJOR | CLOSED | test/benchmark/json_benchmark.cc | | Define and throw a dedicated exception instead of using a generic one. | Benchmark | Ja | +| AZ1-doCWXISY38E6Txo5 | Issue | cpp:S3776 | CRITICAL | CLOSED | test/benchmark/json_benchmark.cc | | Refactor this function to reduce its Cognitive Complexity from 33 to the 25 allowed. | Benchmark | Ja | +| AZ1-doCWXISY38E6Txo7 | Issue | cpp:S112 | MAJOR | CLOSED | test/benchmark/json_benchmark.cc | | Define and throw a dedicated exception instead of using a generic one. | Benchmark | Ja | +| AZ1-doCWXISY38E6Txo8 | Issue | cpp:S112 | MAJOR | CLOSED | test/benchmark/json_benchmark.cc | | Define and throw a dedicated exception instead of using a generic one. | Benchmark | Ja | +| AZ1-doCWXISY38E6Txo9 | Issue | cpp:S112 | MAJOR | CLOSED | test/benchmark/json_benchmark.cc | | Define and throw a dedicated exception instead of using a generic one. | Benchmark | Ja | +| AZ1-doCWXISY38E6Txo- | Issue | cpp:S112 | MAJOR | CLOSED | test/benchmark/json_benchmark.cc | | Define and throw a dedicated exception instead of using a generic one. | Benchmark | Ja | +| AZ1-doCWXISY38E6Txo_ | Issue | cpp:S112 | MAJOR | CLOSED | test/benchmark/json_benchmark.cc | | Define and throw a dedicated exception instead of using a generic one. | Benchmark | Ja | +| AZ1-doCWXISY38E6TxpA | Issue | cpp:S112 | MAJOR | CLOSED | test/benchmark/json_benchmark.cc | | Define and throw a dedicated exception instead of using a generic one. | Benchmark | Ja | +| AZ1-doCWXISY38E6TxpB | Issue | cpp:S112 | MAJOR | CLOSED | test/benchmark/json_benchmark.cc | | Define and throw a dedicated exception instead of using a generic one. | Benchmark | Ja | +| AZ1-doCWXISY38E6TxpC | Issue | cpp:S112 | MAJOR | CLOSED | test/benchmark/json_benchmark.cc | | Define and throw a dedicated exception instead of using a generic one. | Benchmark | Ja | +| AZ1-doCWXISY38E6TxpD | Issue | cpp:S112 | MAJOR | CLOSED | test/benchmark/json_benchmark.cc | | Define and throw a dedicated exception instead of using a generic one. | Benchmark | Ja | +| AZ1-doCWXISY38E6TxpH | Issue | cpp:S112 | MAJOR | CLOSED | test/benchmark/json_benchmark.cc | | Define and throw a dedicated exception instead of using a generic one. | Benchmark | Ja | +| AZ1-doCWXISY38E6TxpI | Issue | cpp:S4998 | MAJOR | CLOSED | test/benchmark/json_benchmark.cc | | Replace this use of "unique_ptr" by a raw pointer or a reference (possibly const). | Benchmark | Ja | +| AZ1-doCWXISY38E6TxpN | Issue | cpp:S112 | MAJOR | CLOSED | test/benchmark/json_benchmark.cc | | Define and throw a dedicated exception instead of using a generic one. | Benchmark | Ja | +| AZ1-doCWXISY38E6TxpO | Issue | cpp:S112 | MAJOR | CLOSED | test/benchmark/json_benchmark.cc | | Define and throw a dedicated exception instead of using a generic one. | Benchmark | Ja | +| AZ1-doCWXISY38E6TxpP | Issue | cpp:S112 | MAJOR | CLOSED | test/benchmark/json_benchmark.cc | | Define and throw a dedicated exception instead of using a generic one. | Benchmark | Ja | +| AZ1-doCWXISY38E6TxpQ | Issue | cpp:S112 | MAJOR | CLOSED | test/benchmark/json_benchmark.cc | | Define and throw a dedicated exception instead of using a generic one. | Benchmark | Ja | +| AZ1-doCHXISY38E6Txor | Issue | shelldre:S7682 | MAJOR | CLOSED | test/benchmark/run-json-benchmarks.sh | | Add an explicit return statement at the end of the function. | Benchmark | Ja | +| AZ1-doCHXISY38E6Txos | Issue | shelldre:S7688 | MAJOR | CLOSED | test/benchmark/run-json-benchmarks.sh | | Use '[[' instead of '[' for conditional tests. The '[[' construct is safer and more feature-rich. | Benchmark | Ja | +| AZ1-doCHXISY38E6Txot | Issue | shelldre:S7688 | MAJOR | CLOSED | test/benchmark/run-json-benchmarks.sh | | Use '[[' instead of '[' for conditional tests. The '[[' construct is safer and more feature-rich. | Benchmark | Ja | +| AZ1-doCHXISY38E6Txou | Issue | shelldre:S7688 | MAJOR | CLOSED | test/benchmark/run-json-benchmarks.sh | | Use '[[' instead of '[' for conditional tests. The '[[' construct is safer and more feature-rich. | Benchmark | Ja | +| AZ1-doCHXISY38E6Txov | Issue | shelldre:S7688 | MAJOR | CLOSED | test/benchmark/run-json-benchmarks.sh | | Use '[[' instead of '[' for conditional tests. The '[[' construct is safer and more feature-rich. | Benchmark | Ja | +| AZ1-doCHXISY38E6Txow | Issue | shelldre:S7688 | MAJOR | CLOSED | test/benchmark/run-json-benchmarks.sh | | Use '[[' instead of '[' for conditional tests. The '[[' construct is safer and more feature-rich. | Benchmark | Ja | +| AZ1-doCHXISY38E6Txox | Issue | shelldre:S7688 | MAJOR | CLOSED | test/benchmark/run-json-benchmarks.sh | | Use '[[' instead of '[' for conditional tests. The '[[' construct is safer and more feature-rich. | Benchmark | Ja | +| AZ1-doCHXISY38E6Txoy | Issue | shelldre:S7688 | MAJOR | CLOSED | test/benchmark/run-json-benchmarks.sh | | Use '[[' instead of '[' for conditional tests. The '[[' construct is safer and more feature-rich. | Benchmark | Ja | +| AZ1-doDkXISY38E6TxpW | Issue | shelldre:S7682 | MAJOR | CLOSED | test/run-json-backend-matrix.sh | | Add an explicit return statement at the end of the function. | Test | Ja | +| AZ1-doDkXISY38E6TxpX | Issue | shelldre:S7688 | MAJOR | CLOSED | test/run-json-backend-matrix.sh | | Use '[[' instead of '[' for conditional tests. The '[[' construct is safer and more feature-rich. | Test | Ja | +| AZ1-doDkXISY38E6TxpY | Issue | shelldre:S7688 | MAJOR | CLOSED | test/run-json-backend-matrix.sh | | Use '[[' instead of '[' for conditional tests. The '[[' construct is safer and more feature-rich. | Test | Ja | +| AZ1-doDkXISY38E6TxpZ | Issue | shelldre:S7688 | MAJOR | CLOSED | test/run-json-backend-matrix.sh | | Use '[[' instead of '[' for conditional tests. The '[[' construct is safer and more feature-rich. | Test | Ja | +| AZ1-doDkXISY38E6Txpa | Issue | shelldre:S7688 | MAJOR | CLOSED | test/run-json-backend-matrix.sh | | Use '[[' instead of '[' for conditional tests. The '[[' construct is safer and more feature-rich. | Test | Ja | +| AZ1-doDkXISY38E6Txpb | Issue | shelldre:S7688 | MAJOR | CLOSED | test/run-json-backend-matrix.sh | | Use '[[' instead of '[' for conditional tests. The '[[' construct is safer and more feature-rich. | Test | Ja | +| AZ1-doDkXISY38E6Txpc | Issue | shelldre:S7682 | MAJOR | CLOSED | test/run-json-backend-matrix.sh | | Add an explicit return statement at the end of the function. | Test | Ja | +| AZ1-doDkXISY38E6Txpd | Issue | shelldre:S7688 | MAJOR | CLOSED | test/run-json-backend-matrix.sh | | Use '[[' instead of '[' for conditional tests. The '[[' construct is safer and more feature-rich. | Test | Ja | +| AZ1-doDkXISY38E6Txpe | Issue | shelldre:S7688 | MAJOR | CLOSED | test/run-json-backend-matrix.sh | | Use '[[' instead of '[' for conditional tests. The '[[' construct is safer and more feature-rich. | Test | Ja | +| AZ1-doDkXISY38E6Txpf | Issue | shelldre:S7688 | MAJOR | CLOSED | test/run-json-backend-matrix.sh | | Use '[[' instead of '[' for conditional tests. The '[[' construct is safer and more feature-rich. | Test | Ja | +| AZ1-doDkXISY38E6Txpg | Issue | shelldre:S7688 | MAJOR | CLOSED | test/run-json-backend-matrix.sh | | Use '[[' instead of '[' for conditional tests. The '[[' construct is safer and more feature-rich. | Test | Ja | +| AZ1-doDkXISY38E6Txph | Issue | shelldre:S7688 | MAJOR | CLOSED | test/run-json-backend-matrix.sh | | Use '[[' instead of '[' for conditional tests. The '[[' construct is safer and more feature-rich. | Test | Ja | +| AZ1-doDkXISY38E6Txpi | Issue | shelldre:S7688 | MAJOR | CLOSED | test/run-json-backend-matrix.sh | | Use '[[' instead of '[' for conditional tests. The '[[' construct is safer and more feature-rich. | Test | Ja | +| AZ1-doDkXISY38E6Txpj | Issue | shelldre:S7688 | MAJOR | CLOSED | test/run-json-backend-matrix.sh | | Use '[[' instead of '[' for conditional tests. The '[[' construct is safer and more feature-rich. | Test | Ja | +| AZ1-doDkXISY38E6Txpk | Issue | shelldre:S7688 | MAJOR | CLOSED | test/run-json-backend-matrix.sh | | Use '[[' instead of '[' for conditional tests. The '[[' construct is safer and more feature-rich. | Test | Ja | +| AZ1-doDkXISY38E6Txpl | Issue | shelldre:S7688 | MAJOR | CLOSED | test/run-json-backend-matrix.sh | | Use '[[' instead of '[' for conditional tests. The '[[' construct is safer and more feature-rich. | Test | Ja | +| AZ190QEMSTzC4JOHOn9r | Issue | cpp:S6004 | MINOR | CLOSED | src/operators/validate_byte_range.cc | | Use the init-statement to declare "token" inside the if statement. | Production | Ja | +| AZ190QGTSTzC4JOHOn-H | Issue | cpp:S3776 | CRITICAL | CLOSED | src/request_body_processor/json.cc | | Refactor this function to reduce its Cognitive Complexity from 37 to the 25 allowed. | Production | Ja | +| AZ190QGTSTzC4JOHOn-D | Issue | cpp:S3230 | MAJOR | CLOSED | src/request_body_processor/json.cc | | Do not use the constructor's initializer list for data member "m_data". Use the in-class initializer instead. | Production | Ja | +| AZ190QGTSTzC4JOHOn-G | Issue | cpp:S6004 | MINOR | CLOSED | src/request_body_processor/json.cc | | Use the init-statement to declare "result" inside the if statement. | Production | Ja | +| AZ190QGTSTzC4JOHOn-I | Issue | cpp:S134 | CRITICAL | CLOSED | src/request_body_processor/json.cc | | Refactor this code to not nest more than 3 if|for|do|while|switch statements. | Production | Ja | +| AZ190QGTSTzC4JOHOn-J | Issue | cpp:S134 | CRITICAL | CLOSED | src/request_body_processor/json.cc | | Refactor this code to not nest more than 3 if|for|do|while|switch statements. | Production | Ja | +| AZ190QGTSTzC4JOHOn-K | Issue | cpp:S134 | CRITICAL | CLOSED | src/request_body_processor/json.cc | | Refactor this code to not nest more than 3 if|for|do|while|switch statements. | Production | Ja | +| AZ190QGTSTzC4JOHOn-L | Issue | cpp:S134 | CRITICAL | CLOSED | src/request_body_processor/json.cc | | Refactor this code to not nest more than 3 if|for|do|while|switch statements. | Production | Ja | +| AZ190QGTSTzC4JOHOn-M | Issue | cpp:S134 | CRITICAL | CLOSED | src/request_body_processor/json.cc | | Refactor this code to not nest more than 3 if|for|do|while|switch statements. | Production | Ja | +| AZ190QGTSTzC4JOHOn-E | Issue | cpp:S4144 | MAJOR | CLOSED | src/request_body_processor/json.cc | | Update this method so that its implementation is not identical to on_end_object. | Production | Ja | +| AZ190QGTSTzC4JOHOn-N | Issue | cpp:S1155 | MINOR | CLOSED | src/request_body_processor/json.cc | | Use "empty()" to check whether the container is empty or not. | Production | Ja | +| AZ190QGTSTzC4JOHOn-O | Issue | cpp:S1155 | MINOR | CLOSED | src/request_body_processor/json.cc | | Use "empty()" to check whether the container is empty or not. | Production | Ja | +| AZ190QEtSTzC4JOHOn9t | Issue | cpp:S3624 | CRITICAL | CLOSED | src/request_body_processor/json.h | | Customize this class' copy constructor to participate in resource management. Customize or delete its copy assignment operator. Also consider whether move operations should be customized. | Production | Ja | +| AZ190QF1STzC4JOHOn9- | Issue | cpp:S5812 | MINOR | CLOSED | src/request_body_processor/json_adapter.cc | | Concatenate this namespace with the nested one. | Production | Ja | +| AZ190QF1STzC4JOHOn-A | Issue | cpp:S1172 | MAJOR | CLOSED | src/request_body_processor/json_adapter.cc | | Remove the unused parameter "options", make it unnamed, or declare it "[[maybe_unused]]". | Production | Ja | +| AZ190QF1STzC4JOHOn-B | Issue | cpp:S995 | MINOR | CLOSED | src/request_body_processor/json_adapter.cc | | Make the type of this parameter a pointer-to-const. The current type of "sink" is "class modsecurity::RequestBodyProcessor::JsonEventSink *". | Production | Ja | +| AZ190QF1STzC4JOHOn9_ | Issue | cpp:S6009 | MINOR | CLOSED | src/request_body_processor/json_adapter.cc | | Replace this const reference to "std::string" by a "std::string_view". | Production | Ja | +| AZ190QF8STzC4JOHOn-C | Issue | cpp:S5812 | MINOR | CLOSED | src/request_body_processor/json_adapter.h | | Concatenate this namespace with the nested one. | Production | Ja | +| AZ190QGbSTzC4JOHOn-P | Issue | cpp:S5812 | MINOR | CLOSED | src/request_body_processor/json_backend.h | | Concatenate this namespace with the nested one. | Production | Ja | +| AZ190QFsSTzC4JOHOn9v | Issue | cpp:S5812 | MINOR | CLOSED | src/request_body_processor/json_backend_jsoncons.cc | | Concatenate this namespace with the nested one. | Production | Ja | +| AZ190QFsSTzC4JOHOn9w | Issue | cpp:S3776 | CRITICAL | CLOSED | src/request_body_processor/json_backend_jsoncons.cc | | Refactor this function to reduce its Cognitive Complexity from 33 to the 25 allowed. | Production | Ja | +| AZ190QFsSTzC4JOHOn9z | Issue | cpp:S3776 | CRITICAL | CLOSED | src/request_body_processor/json_backend_jsoncons.cc | | Refactor this function to reduce its Cognitive Complexity from 41 to the 25 allowed. | Production | Ja | +| AZ190QFsSTzC4JOHOn92 | Issue | cpp:S1121 | MAJOR | CLOSED | src/request_body_processor/json_backend_jsoncons.cc | | Extract the assignment from this expression. | Production | Ja | +| AZ190QFsSTzC4JOHOn9x | Issue | cpp:S6004 | MINOR | CLOSED | src/request_body_processor/json_backend_jsoncons.cc | | Use the init-statement to declare "current" inside the if statement. | Production | Ja | +| AZ190QFsSTzC4JOHOn93 | Issue | cpp:S1121 | MAJOR | CLOSED | src/request_body_processor/json_backend_jsoncons.cc | | Extract the assignment from this expression. | Production | Ja | +| AZ190QFsSTzC4JOHOn94 | Issue | cpp:S3776 | CRITICAL | CLOSED | src/request_body_processor/json_backend_jsoncons.cc | | Refactor this function to reduce its Cognitive Complexity from 43 to the 25 allowed. | Production | Ja | +| AZ190QFsSTzC4JOHOn90 | Issue | cpp:S134 | CRITICAL | CLOSED | src/request_body_processor/json_backend_jsoncons.cc | | Refactor this code to not nest more than 3 if|for|do|while|switch statements. | Production | Ja | +| AZ190QFsSTzC4JOHOn91 | Issue | cpp:S134 | CRITICAL | CLOSED | src/request_body_processor/json_backend_jsoncons.cc | | Refactor this code to not nest more than 3 if|for|do|while|switch statements. | Production | Ja | +| AZ190QFsSTzC4JOHOn9y | Issue | cpp:S6004 | MINOR | CLOSED | src/request_body_processor/json_backend_jsoncons.cc | | Use the init-statement to declare "escaped" inside the if statement. | Production | Ja | +| AZ190QFsSTzC4JOHOn97 | Issue | cpp:S6004 | MINOR | CLOSED | src/request_body_processor/json_backend_jsoncons.cc | | Use the init-statement to declare "sync_detail" inside the if statement. | Production | Ja | +| AZ190QFsSTzC4JOHOn96 | Issue | cpp:S6009 | MINOR | CLOSED | src/request_body_processor/json_backend_jsoncons.cc | | Replace this const reference to "std::string" by a "std::string_view". | Production | Ja | +| AZ190QFsSTzC4JOHOn95 | Issue | cpp:S6004 | MINOR | CLOSED | src/request_body_processor/json_backend_jsoncons.cc | | Use the init-statement to declare "end" inside the if statement. | Production | Ja | +| AZ190QFsSTzC4JOHOn98 | Issue | cpp:S3776 | CRITICAL | CLOSED | src/request_body_processor/json_backend_jsoncons.cc | | Refactor this function to reduce its Cognitive Complexity from 48 to the 25 allowed. | Production | Ja | +| AZ190QFsSTzC4JOHOn99 | Issue | cpp:S6004 | MINOR | CLOSED | src/request_body_processor/json_backend_jsoncons.cc | | Use the init-statement to declare "result" inside the if statement. | Production | Ja | +| AZ190QGkSTzC4JOHOn-Q | Issue | cpp:S5812 | MINOR | CLOSED | src/request_body_processor/json_backend_simdjson.cc | | Concatenate this namespace with the nested one. | Production | Ja | +| AZ190QGkSTzC4JOHOn-R | Issue | cpp:S6004 | MINOR | CLOSED | src/request_body_processor/json_backend_simdjson.cc | | Use the init-statement to declare "sink_status" inside the if statement. | Production | Ja | +| AZ190QGkSTzC4JOHOn-S | Issue | cpp:S6004 | MINOR | CLOSED | src/request_body_processor/json_backend_simdjson.cc | | Use the init-statement to declare "sink_status" inside the if statement. | Production | Ja | +| AZ190QGkSTzC4JOHOn-T | Issue | cpp:S6004 | MINOR | CLOSED | src/request_body_processor/json_backend_simdjson.cc | | Use the init-statement to declare "sink_status" inside the if statement. | Production | Ja | +| AZ190QGkSTzC4JOHOn-U | Issue | cpp:S6004 | MINOR | CLOSED | src/request_body_processor/json_backend_simdjson.cc | | Use the init-statement to declare "sink_status" inside the if statement. | Production | Ja | +| AZ190QGkSTzC4JOHOn-V | Issue | cpp:S6004 | MINOR | CLOSED | src/request_body_processor/json_backend_simdjson.cc | | Use the init-statement to declare "result" inside the if statement. | Production | Ja | +| AZ190QGkSTzC4JOHOn-W | Issue | cpp:S6004 | MINOR | CLOSED | src/request_body_processor/json_backend_simdjson.cc | | Use the init-statement to declare "sink_status" inside the if statement. | Production | Ja | +| AZ190QGkSTzC4JOHOn-X | Issue | cpp:S6004 | MINOR | CLOSED | src/request_body_processor/json_backend_simdjson.cc | | Use the init-statement to declare "result" inside the if statement. | Production | Ja | +| AZ190QGkSTzC4JOHOn-Y | Issue | cpp:S6004 | MINOR | CLOSED | src/request_body_processor/json_backend_simdjson.cc | | Use the init-statement to declare "sink_status" inside the if statement. | Production | Ja | +| AZ190QGkSTzC4JOHOn-Z | Issue | cpp:S6004 | MINOR | CLOSED | src/request_body_processor/json_backend_simdjson.cc | | Use the init-statement to declare "sink_status" inside the if statement. | Production | Ja | +| AZ190QGkSTzC4JOHOn-a | Issue | cpp:S6004 | MINOR | CLOSED | src/request_body_processor/json_backend_simdjson.cc | | Use the init-statement to declare "result" inside the if statement. | Production | Ja | +| AZ190QGkSTzC4JOHOn-b | Issue | cpp:S6004 | MINOR | CLOSED | src/request_body_processor/json_backend_simdjson.cc | | Use the init-statement to declare "sink_status" inside the if statement. | Production | Ja | +| AZ190QHkSTzC4JOHOn-c | Issue | cpp:S7121 | MAJOR | CLOSED | src/transaction.cc | | Remove this redundant call to "c_str" when initializing a const "std::string" reference parameter. | Production | Ja | +| AZ190QA8STzC4JOHOn9j | Issue | cpp:S5812 | MINOR | CLOSED | src/utils/json_writer.cc | | Concatenate this namespace with the nested one. | Production | Ja | +| AZ190QA8STzC4JOHOn9h | Issue | cpp:S3230 | MAJOR | CLOSED | src/utils/json_writer.cc | | Remove this use of the constructor's initializer list for data member "m_output". It is redundant with default initialization behavior. | Production | Ja | +| AZ190QA8STzC4JOHOn9i | Issue | cpp:S3230 | MAJOR | CLOSED | src/utils/json_writer.cc | | Remove this use of the constructor's initializer list for data member "m_stack". It is redundant with default initialization behavior. | Production | Ja | +| AZ190QA8STzC4JOHOn9l | Issue | cpp:S3628 | MINOR | CLOSED | src/utils/json_writer.cc | | Convert this string literal to a raw string literal. | Production | Ja | +| AZ190QA8STzC4JOHOn9m | Issue | cpp:S3628 | MINOR | CLOSED | src/utils/json_writer.cc | | Convert this string literal to a raw string literal. | Production | Ja | +| AZ190QD4STzC4JOHOn9p | Issue | cpp:S5812 | MINOR | CLOSED | src/utils/json_writer.h | | Concatenate this namespace with the nested one. | Production | Ja | +| AZ190QIVSTzC4JOHOn-f | Issue | cpp:S5812 | MINOR | CLOSED | test/common/json.h | | Concatenate this namespace with the nested one. | Test | Ja | +| AZ190QI2STzC4JOHOn-s | Issue | cpp:S134 | CRITICAL | CLOSED | test/common/modsecurity_test.cc | | Refactor this code to not nest more than 3 if|for|do|while|switch statements. | Test | Ja | +| AZ190QKvSTzC4JOHOn-x | Issue | cpp:S5415 | MAJOR | CLOSED | test/regression/regression_test.cc | | The result of "std::move" should not be passed as a const reference. | Test | Ja | +| AZ190QKvSTzC4JOHOn-y | Issue | cpp:S5415 | MAJOR | CLOSED | test/regression/regression_test.cc | | The result of "std::move" should not be passed as a const reference. | Test | Ja | +| AZ190QKvSTzC4JOHOn-z | Issue | cpp:S5415 | MAJOR | CLOSED | test/regression/regression_test.cc | | The result of "std::move" should not be passed as a const reference. | Test | Ja | +| AZ190QKvSTzC4JOHOn-0 | Issue | cpp:S5415 | MAJOR | CLOSED | test/regression/regression_test.cc | | The result of "std::move" should not be passed as a const reference. | Test | Ja | +| AZ190QKvSTzC4JOHOn-1 | Issue | cpp:S5415 | MAJOR | CLOSED | test/regression/regression_test.cc | | The result of "std::move" should not be passed as a const reference. | Test | Ja | +| AZ190QKvSTzC4JOHOn-2 | Issue | cpp:S5415 | MAJOR | CLOSED | test/regression/regression_test.cc | | The result of "std::move" should not be passed as a const reference. | Test | Ja | +| AZ190QKvSTzC4JOHOn-3 | Issue | cpp:S5415 | MAJOR | CLOSED | test/regression/regression_test.cc | | The result of "std::move" should not be passed as a const reference. | Test | Ja | +| AZ190QKvSTzC4JOHOn-v | Issue | cpp:S5274 | MAJOR | CLOSED | test/regression/regression_test.cc | | moving a temporary object prevents copy elision | Test | Ja | +| AZ190QKvSTzC4JOHOn-w | Issue | cpp:S5274 | MAJOR | CLOSED | test/regression/regression_test.cc | | moving a temporary object prevents copy elision | Test | Ja | +| AZ190QKvSTzC4JOHOn-5 | Issue | cpp:S1481 | MINOR | CLOSED | test/regression/regression_test.cc | | Remove the unused lambda capture "writer". | Test | Ja | +| AZ190QJKSTzC4JOHOn-t | Issue | cpp:S5415 | MAJOR | CLOSED | test/unit/unit_test.cc | | The result of "std::move" should not be passed as a const reference. | Test | Ja | +| AZ190QJYSTzC4JOHOn-u | Issue | cpp:S836 | MAJOR | CLOSED | test/unit/unit_test.h | | Value assigned to field 'ret' in implicit constructor is garbage or undefined | Test | Ja | +| AZ190QGTSTzC4JOHOn-F | Issue | cpp:S5812 | MINOR | CLOSED | src/request_body_processor/json.cc | | Concatenate this namespace with the nested one. | Production | Ja | +| AZ190QEtSTzC4JOHOn9s | Issue | cpp:S5812 | MINOR | CLOSED | src/request_body_processor/json.h | | Concatenate this namespace with the nested one. | Production | Ja | +| AZ1-dn4cXISY38E6Txog | Issue | cpp:S4962 | CRITICAL | CLOSED | src/utils/msc_tree.cc | | Use the "nullptr" literal. | Production | Ja | +| AZ1-dn4cXISY38E6Txoi | Issue | cpp:S4962 | CRITICAL | CLOSED | src/utils/msc_tree.cc | | Use the "nullptr" literal. | Production | Ja | +| AZ1-dn4cXISY38E6Txoj | Issue | cpp:S4962 | CRITICAL | CLOSED | src/utils/msc_tree.cc | | Use the "nullptr" literal. | Production | Ja | +| AZ1-dn4cXISY38E6Txok | Issue | cpp:S4962 | CRITICAL | CLOSED | src/utils/msc_tree.cc | | Use the "nullptr" literal. | Production | Ja | +| AZ1-dn4cXISY38E6Txol | Issue | cpp:S4962 | CRITICAL | CLOSED | src/utils/msc_tree.cc | | Use the "nullptr" literal. | Production | Ja | +| GATE-1 | Gate Condition | new_reliability_rating | N/A | OK | — | — | actual=1 threshold=1 comparator=GT | PR-Gesamt | Teilweise | +| GATE-2 | Gate Condition | new_security_rating | N/A | OK | — | — | actual=1 threshold=1 comparator=GT | PR-Gesamt | Teilweise | +| GATE-3 | Gate Condition | new_maintainability_rating | N/A | OK | — | — | actual=1 threshold=1 comparator=GT | PR-Gesamt | Teilweise | +| GATE-4 | Gate Condition | new_duplicated_lines_density | N/A | OK | — | — | actual=0.0 threshold=3 comparator=GT | PR-Gesamt | Teilweise | +| GATE-5 | Gate Condition | new_security_hotspots_reviewed | N/A | OK | — | — | actual=100.0 threshold=100 comparator=LT | PR-Gesamt | Teilweise | \ No newline at end of file diff --git a/analysis/pr3540_commits.json b/analysis/pr3540_commits.json new file mode 100644 index 0000000000..02210957d7 --- /dev/null +++ b/analysis/pr3540_commits.json @@ -0,0 +1,1247 @@ +[ + { + "sha": "c0f166800cb72a5289015dfc8859c9e00eb06ba3", + "node_id": "C_kwDOQkI2j9oAKGMwZjE2NjgwMGNiNzJhNTI4OTAxNWRmYzg4NTljOWUwMGViMDZiYTM", + "commit": { + "author": { + "name": "Jens", + "email": "Jens_st97@gmx.de", + "date": "2026-04-10T18:58:34Z" + }, + "committer": { + "name": "Jens", + "email": "Jens_st97@gmx.de", + "date": "2026-04-10T18:58:34Z" + }, + "message": "Pin simdjson to v4.6.1", + "tree": { + "sha": "e3294343db36a18edd13e540a08e23d11adb3360", + "url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/git/trees/e3294343db36a18edd13e540a08e23d11adb3360" + }, + "url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/git/commits/c0f166800cb72a5289015dfc8859c9e00eb06ba3", + "comment_count": 0, + "verification": { + "verified": false, + "reason": "unsigned", + "signature": null, + "payload": null, + "verified_at": null + } + }, + "url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/commits/c0f166800cb72a5289015dfc8859c9e00eb06ba3", + "html_url": "https://github.com/owasp-modsecurity/ModSecurity/commit/c0f166800cb72a5289015dfc8859c9e00eb06ba3", + "comments_url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/commits/c0f166800cb72a5289015dfc8859c9e00eb06ba3/comments", + "author": { + "login": "Easton97-Jens", + "id": 66330090, + "node_id": "MDQ6VXNlcjY2MzMwMDkw", + "avatar_url": "https://avatars.githubusercontent.com/u/66330090?v=4", + "gravatar_id": "", + "url": "https://api.github.com/users/Easton97-Jens", + "html_url": "https://github.com/Easton97-Jens", + "followers_url": "https://api.github.com/users/Easton97-Jens/followers", + "following_url": "https://api.github.com/users/Easton97-Jens/following{/other_user}", + "gists_url": "https://api.github.com/users/Easton97-Jens/gists{/gist_id}", + "starred_url": "https://api.github.com/users/Easton97-Jens/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/Easton97-Jens/subscriptions", + "organizations_url": "https://api.github.com/users/Easton97-Jens/orgs", + "repos_url": "https://api.github.com/users/Easton97-Jens/repos", + "events_url": "https://api.github.com/users/Easton97-Jens/events{/privacy}", + "received_events_url": "https://api.github.com/users/Easton97-Jens/received_events", + "type": "User", + "user_view_type": "public", + "site_admin": false + }, + "committer": { + "login": "Easton97-Jens", + "id": 66330090, + "node_id": "MDQ6VXNlcjY2MzMwMDkw", + "avatar_url": "https://avatars.githubusercontent.com/u/66330090?v=4", + "gravatar_id": "", + "url": "https://api.github.com/users/Easton97-Jens", + "html_url": "https://github.com/Easton97-Jens", + "followers_url": "https://api.github.com/users/Easton97-Jens/followers", + "following_url": "https://api.github.com/users/Easton97-Jens/following{/other_user}", + "gists_url": "https://api.github.com/users/Easton97-Jens/gists{/gist_id}", + "starred_url": "https://api.github.com/users/Easton97-Jens/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/Easton97-Jens/subscriptions", + "organizations_url": "https://api.github.com/users/Easton97-Jens/orgs", + "repos_url": "https://api.github.com/users/Easton97-Jens/repos", + "events_url": "https://api.github.com/users/Easton97-Jens/events{/privacy}", + "received_events_url": "https://api.github.com/users/Easton97-Jens/received_events", + "type": "User", + "user_view_type": "public", + "site_admin": false + }, + "parents": [ + { + "sha": "e5d00df2a324f25d29ee841f7719872ac70fc6e5", + "url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/commits/e5d00df2a324f25d29ee841f7719872ac70fc6e5", + "html_url": "https://github.com/owasp-modsecurity/ModSecurity/commit/e5d00df2a324f25d29ee841f7719872ac70fc6e5" + } + ] + }, + { + "sha": "98fd8f715a4bfdb56729f12da111a05770e9436b", + "node_id": "C_kwDOQkI2j9oAKDk4ZmQ4ZjcxNWE0YmZkYjU2NzI5ZjEyZGExMTFhMDU3NzBlOTQzNmI", + "commit": { + "author": { + "name": "Jens", + "email": "Jens_st97@gmx.de", + "date": "2026-04-10T20:03:44Z" + }, + "committer": { + "name": "Jens", + "email": "Jens_st97@gmx.de", + "date": "2026-04-10T20:03:44Z" + }, + "message": "Pin jsoncons to v1.6.0", + "tree": { + "sha": "dc481890285c0d31546b0ef13a8a3601d1ce71ef", + "url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/git/trees/dc481890285c0d31546b0ef13a8a3601d1ce71ef" + }, + "url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/git/commits/98fd8f715a4bfdb56729f12da111a05770e9436b", + "comment_count": 0, + "verification": { + "verified": false, + "reason": "unsigned", + "signature": null, + "payload": null, + "verified_at": null + } + }, + "url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/commits/98fd8f715a4bfdb56729f12da111a05770e9436b", + "html_url": "https://github.com/owasp-modsecurity/ModSecurity/commit/98fd8f715a4bfdb56729f12da111a05770e9436b", + "comments_url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/commits/98fd8f715a4bfdb56729f12da111a05770e9436b/comments", + "author": { + "login": "Easton97-Jens", + "id": 66330090, + "node_id": "MDQ6VXNlcjY2MzMwMDkw", + "avatar_url": "https://avatars.githubusercontent.com/u/66330090?v=4", + "gravatar_id": "", + "url": "https://api.github.com/users/Easton97-Jens", + "html_url": "https://github.com/Easton97-Jens", + "followers_url": "https://api.github.com/users/Easton97-Jens/followers", + "following_url": "https://api.github.com/users/Easton97-Jens/following{/other_user}", + "gists_url": "https://api.github.com/users/Easton97-Jens/gists{/gist_id}", + "starred_url": "https://api.github.com/users/Easton97-Jens/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/Easton97-Jens/subscriptions", + "organizations_url": "https://api.github.com/users/Easton97-Jens/orgs", + "repos_url": "https://api.github.com/users/Easton97-Jens/repos", + "events_url": "https://api.github.com/users/Easton97-Jens/events{/privacy}", + "received_events_url": "https://api.github.com/users/Easton97-Jens/received_events", + "type": "User", + "user_view_type": "public", + "site_admin": false + }, + "committer": { + "login": "Easton97-Jens", + "id": 66330090, + "node_id": "MDQ6VXNlcjY2MzMwMDkw", + "avatar_url": "https://avatars.githubusercontent.com/u/66330090?v=4", + "gravatar_id": "", + "url": "https://api.github.com/users/Easton97-Jens", + "html_url": "https://github.com/Easton97-Jens", + "followers_url": "https://api.github.com/users/Easton97-Jens/followers", + "following_url": "https://api.github.com/users/Easton97-Jens/following{/other_user}", + "gists_url": "https://api.github.com/users/Easton97-Jens/gists{/gist_id}", + "starred_url": "https://api.github.com/users/Easton97-Jens/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/Easton97-Jens/subscriptions", + "organizations_url": "https://api.github.com/users/Easton97-Jens/orgs", + "repos_url": "https://api.github.com/users/Easton97-Jens/repos", + "events_url": "https://api.github.com/users/Easton97-Jens/events{/privacy}", + "received_events_url": "https://api.github.com/users/Easton97-Jens/received_events", + "type": "User", + "user_view_type": "public", + "site_admin": false + }, + "parents": [ + { + "sha": "c0f166800cb72a5289015dfc8859c9e00eb06ba3", + "url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/commits/c0f166800cb72a5289015dfc8859c9e00eb06ba3", + "html_url": "https://github.com/owasp-modsecurity/ModSecurity/commit/c0f166800cb72a5289015dfc8859c9e00eb06ba3" + } + ] + }, + { + "sha": "a30e0dacc720df5b28595194d2d0747200165b0b", + "node_id": "C_kwDOQkI2j9oAKGEzMGUwZGFjYzcyMGRmNWIyODU5NTE5NGQyZDA3NDcyMDAxNjViMGI", + "commit": { + "author": { + "name": "Jens", + "email": "Jens_st97@gmx.de", + "date": "2026-04-11T04:16:01Z" + }, + "committer": { + "name": "Jens", + "email": "Jens_st97@gmx.de", + "date": "2026-04-11T04:16:01Z" + }, + "message": "remove yajl", + "tree": { + "sha": "a4e7322bd38d6b5044c236648b5670e4e2ebd70a", + "url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/git/trees/a4e7322bd38d6b5044c236648b5670e4e2ebd70a" + }, + "url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/git/commits/a30e0dacc720df5b28595194d2d0747200165b0b", + "comment_count": 0, + "verification": { + "verified": false, + "reason": "unsigned", + "signature": null, + "payload": null, + "verified_at": null + } + }, + "url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/commits/a30e0dacc720df5b28595194d2d0747200165b0b", + "html_url": "https://github.com/owasp-modsecurity/ModSecurity/commit/a30e0dacc720df5b28595194d2d0747200165b0b", + "comments_url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/commits/a30e0dacc720df5b28595194d2d0747200165b0b/comments", + "author": { + "login": "Easton97-Jens", + "id": 66330090, + "node_id": "MDQ6VXNlcjY2MzMwMDkw", + "avatar_url": "https://avatars.githubusercontent.com/u/66330090?v=4", + "gravatar_id": "", + "url": "https://api.github.com/users/Easton97-Jens", + "html_url": "https://github.com/Easton97-Jens", + "followers_url": "https://api.github.com/users/Easton97-Jens/followers", + "following_url": "https://api.github.com/users/Easton97-Jens/following{/other_user}", + "gists_url": "https://api.github.com/users/Easton97-Jens/gists{/gist_id}", + "starred_url": "https://api.github.com/users/Easton97-Jens/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/Easton97-Jens/subscriptions", + "organizations_url": "https://api.github.com/users/Easton97-Jens/orgs", + "repos_url": "https://api.github.com/users/Easton97-Jens/repos", + "events_url": "https://api.github.com/users/Easton97-Jens/events{/privacy}", + "received_events_url": "https://api.github.com/users/Easton97-Jens/received_events", + "type": "User", + "user_view_type": "public", + "site_admin": false + }, + "committer": { + "login": "Easton97-Jens", + "id": 66330090, + "node_id": "MDQ6VXNlcjY2MzMwMDkw", + "avatar_url": "https://avatars.githubusercontent.com/u/66330090?v=4", + "gravatar_id": "", + "url": "https://api.github.com/users/Easton97-Jens", + "html_url": "https://github.com/Easton97-Jens", + "followers_url": "https://api.github.com/users/Easton97-Jens/followers", + "following_url": "https://api.github.com/users/Easton97-Jens/following{/other_user}", + "gists_url": "https://api.github.com/users/Easton97-Jens/gists{/gist_id}", + "starred_url": "https://api.github.com/users/Easton97-Jens/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/Easton97-Jens/subscriptions", + "organizations_url": "https://api.github.com/users/Easton97-Jens/orgs", + "repos_url": "https://api.github.com/users/Easton97-Jens/repos", + "events_url": "https://api.github.com/users/Easton97-Jens/events{/privacy}", + "received_events_url": "https://api.github.com/users/Easton97-Jens/received_events", + "type": "User", + "user_view_type": "public", + "site_admin": false + }, + "parents": [ + { + "sha": "98fd8f715a4bfdb56729f12da111a05770e9436b", + "url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/commits/98fd8f715a4bfdb56729f12da111a05770e9436b", + "html_url": "https://github.com/owasp-modsecurity/ModSecurity/commit/98fd8f715a4bfdb56729f12da111a05770e9436b" + } + ] + }, + { + "sha": "7681a8e66b2aa38f2aa557bd38abc74262ab3e9e", + "node_id": "C_kwDOQkI2j9oAKDc2ODFhOGU2NmIyYWEzOGYyYWE1NTdiZDM4YWJjNzQyNjJhYjNlOWU", + "commit": { + "author": { + "name": "Jens", + "email": "Jens_st97@gmx.de", + "date": "2026-04-11T16:01:01Z" + }, + "committer": { + "name": "Jens", + "email": "Jens_st97@gmx.de", + "date": "2026-04-11T18:36:18Z" + }, + "message": "test error corrected", + "tree": { + "sha": "1ee3cdb00cc4b15405e8b92af33a960dbc150527", + "url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/git/trees/1ee3cdb00cc4b15405e8b92af33a960dbc150527" + }, + "url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/git/commits/7681a8e66b2aa38f2aa557bd38abc74262ab3e9e", + "comment_count": 0, + "verification": { + "verified": false, + "reason": "unsigned", + "signature": null, + "payload": null, + "verified_at": null + } + }, + "url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/commits/7681a8e66b2aa38f2aa557bd38abc74262ab3e9e", + "html_url": "https://github.com/owasp-modsecurity/ModSecurity/commit/7681a8e66b2aa38f2aa557bd38abc74262ab3e9e", + "comments_url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/commits/7681a8e66b2aa38f2aa557bd38abc74262ab3e9e/comments", + "author": { + "login": "Easton97-Jens", + "id": 66330090, + "node_id": "MDQ6VXNlcjY2MzMwMDkw", + "avatar_url": "https://avatars.githubusercontent.com/u/66330090?v=4", + "gravatar_id": "", + "url": "https://api.github.com/users/Easton97-Jens", + "html_url": "https://github.com/Easton97-Jens", + "followers_url": "https://api.github.com/users/Easton97-Jens/followers", + "following_url": "https://api.github.com/users/Easton97-Jens/following{/other_user}", + "gists_url": "https://api.github.com/users/Easton97-Jens/gists{/gist_id}", + "starred_url": "https://api.github.com/users/Easton97-Jens/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/Easton97-Jens/subscriptions", + "organizations_url": "https://api.github.com/users/Easton97-Jens/orgs", + "repos_url": "https://api.github.com/users/Easton97-Jens/repos", + "events_url": "https://api.github.com/users/Easton97-Jens/events{/privacy}", + "received_events_url": "https://api.github.com/users/Easton97-Jens/received_events", + "type": "User", + "user_view_type": "public", + "site_admin": false + }, + "committer": { + "login": "Easton97-Jens", + "id": 66330090, + "node_id": "MDQ6VXNlcjY2MzMwMDkw", + "avatar_url": "https://avatars.githubusercontent.com/u/66330090?v=4", + "gravatar_id": "", + "url": "https://api.github.com/users/Easton97-Jens", + "html_url": "https://github.com/Easton97-Jens", + "followers_url": "https://api.github.com/users/Easton97-Jens/followers", + "following_url": "https://api.github.com/users/Easton97-Jens/following{/other_user}", + "gists_url": "https://api.github.com/users/Easton97-Jens/gists{/gist_id}", + "starred_url": "https://api.github.com/users/Easton97-Jens/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/Easton97-Jens/subscriptions", + "organizations_url": "https://api.github.com/users/Easton97-Jens/orgs", + "repos_url": "https://api.github.com/users/Easton97-Jens/repos", + "events_url": "https://api.github.com/users/Easton97-Jens/events{/privacy}", + "received_events_url": "https://api.github.com/users/Easton97-Jens/received_events", + "type": "User", + "user_view_type": "public", + "site_admin": false + }, + "parents": [ + { + "sha": "a30e0dacc720df5b28595194d2d0747200165b0b", + "url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/commits/a30e0dacc720df5b28595194d2d0747200165b0b", + "html_url": "https://github.com/owasp-modsecurity/ModSecurity/commit/a30e0dacc720df5b28595194d2d0747200165b0b" + } + ] + }, + { + "sha": "82ca699a9aa220b0f2e5c957b01560d7f408e965", + "node_id": "C_kwDOQkI2j9oAKDgyY2E2OTlhOWFhMjIwYjBmMmU1Yzk1N2IwMTU2MGQ3ZjQwOGU5NjU", + "commit": { + "author": { + "name": "Jens", + "email": "Jens_st97@gmx.de", + "date": "2026-04-11T16:37:54Z" + }, + "committer": { + "name": "Jens", + "email": "Jens_st97@gmx.de", + "date": "2026-04-11T18:36:18Z" + }, + "message": "add analysis", + "tree": { + "sha": "6862b168f9e29f42551ce2e4b1c6bb800dab1e0d", + "url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/git/trees/6862b168f9e29f42551ce2e4b1c6bb800dab1e0d" + }, + "url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/git/commits/82ca699a9aa220b0f2e5c957b01560d7f408e965", + "comment_count": 0, + "verification": { + "verified": false, + "reason": "unsigned", + "signature": null, + "payload": null, + "verified_at": null + } + }, + "url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/commits/82ca699a9aa220b0f2e5c957b01560d7f408e965", + "html_url": "https://github.com/owasp-modsecurity/ModSecurity/commit/82ca699a9aa220b0f2e5c957b01560d7f408e965", + "comments_url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/commits/82ca699a9aa220b0f2e5c957b01560d7f408e965/comments", + "author": { + "login": "Easton97-Jens", + "id": 66330090, + "node_id": "MDQ6VXNlcjY2MzMwMDkw", + "avatar_url": "https://avatars.githubusercontent.com/u/66330090?v=4", + "gravatar_id": "", + "url": "https://api.github.com/users/Easton97-Jens", + "html_url": "https://github.com/Easton97-Jens", + "followers_url": "https://api.github.com/users/Easton97-Jens/followers", + "following_url": "https://api.github.com/users/Easton97-Jens/following{/other_user}", + "gists_url": "https://api.github.com/users/Easton97-Jens/gists{/gist_id}", + "starred_url": "https://api.github.com/users/Easton97-Jens/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/Easton97-Jens/subscriptions", + "organizations_url": "https://api.github.com/users/Easton97-Jens/orgs", + "repos_url": "https://api.github.com/users/Easton97-Jens/repos", + "events_url": "https://api.github.com/users/Easton97-Jens/events{/privacy}", + "received_events_url": "https://api.github.com/users/Easton97-Jens/received_events", + "type": "User", + "user_view_type": "public", + "site_admin": false + }, + "committer": { + "login": "Easton97-Jens", + "id": 66330090, + "node_id": "MDQ6VXNlcjY2MzMwMDkw", + "avatar_url": "https://avatars.githubusercontent.com/u/66330090?v=4", + "gravatar_id": "", + "url": "https://api.github.com/users/Easton97-Jens", + "html_url": "https://github.com/Easton97-Jens", + "followers_url": "https://api.github.com/users/Easton97-Jens/followers", + "following_url": "https://api.github.com/users/Easton97-Jens/following{/other_user}", + "gists_url": "https://api.github.com/users/Easton97-Jens/gists{/gist_id}", + "starred_url": "https://api.github.com/users/Easton97-Jens/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/Easton97-Jens/subscriptions", + "organizations_url": "https://api.github.com/users/Easton97-Jens/orgs", + "repos_url": "https://api.github.com/users/Easton97-Jens/repos", + "events_url": "https://api.github.com/users/Easton97-Jens/events{/privacy}", + "received_events_url": "https://api.github.com/users/Easton97-Jens/received_events", + "type": "User", + "user_view_type": "public", + "site_admin": false + }, + "parents": [ + { + "sha": "7681a8e66b2aa38f2aa557bd38abc74262ab3e9e", + "url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/commits/7681a8e66b2aa38f2aa557bd38abc74262ab3e9e", + "html_url": "https://github.com/owasp-modsecurity/ModSecurity/commit/7681a8e66b2aa38f2aa557bd38abc74262ab3e9e" + } + ] + }, + { + "sha": "c8506d3e5fc4a75500aa4086c2c67fe5a9f3f721", + "node_id": "C_kwDOQkI2j9oAKGM4NTA2ZDNlNWZjNGE3NTUwMGFhNDA4NmMyYzY3ZmU1YTlmM2Y3MjE", + "commit": { + "author": { + "name": "Jens", + "email": "Jens_st97@gmx.de", + "date": "2026-04-11T17:37:34Z" + }, + "committer": { + "name": "Jens", + "email": "Jens_st97@gmx.de", + "date": "2026-04-11T18:36:18Z" + }, + "message": "test error corrected", + "tree": { + "sha": "1068fc1a800ea5e1e2cd0712cfc0d92969b9c1e2", + "url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/git/trees/1068fc1a800ea5e1e2cd0712cfc0d92969b9c1e2" + }, + "url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/git/commits/c8506d3e5fc4a75500aa4086c2c67fe5a9f3f721", + "comment_count": 0, + "verification": { + "verified": false, + "reason": "unsigned", + "signature": null, + "payload": null, + "verified_at": null + } + }, + "url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/commits/c8506d3e5fc4a75500aa4086c2c67fe5a9f3f721", + "html_url": "https://github.com/owasp-modsecurity/ModSecurity/commit/c8506d3e5fc4a75500aa4086c2c67fe5a9f3f721", + "comments_url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/commits/c8506d3e5fc4a75500aa4086c2c67fe5a9f3f721/comments", + "author": { + "login": "Easton97-Jens", + "id": 66330090, + "node_id": "MDQ6VXNlcjY2MzMwMDkw", + "avatar_url": "https://avatars.githubusercontent.com/u/66330090?v=4", + "gravatar_id": "", + "url": "https://api.github.com/users/Easton97-Jens", + "html_url": "https://github.com/Easton97-Jens", + "followers_url": "https://api.github.com/users/Easton97-Jens/followers", + "following_url": "https://api.github.com/users/Easton97-Jens/following{/other_user}", + "gists_url": "https://api.github.com/users/Easton97-Jens/gists{/gist_id}", + "starred_url": "https://api.github.com/users/Easton97-Jens/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/Easton97-Jens/subscriptions", + "organizations_url": "https://api.github.com/users/Easton97-Jens/orgs", + "repos_url": "https://api.github.com/users/Easton97-Jens/repos", + "events_url": "https://api.github.com/users/Easton97-Jens/events{/privacy}", + "received_events_url": "https://api.github.com/users/Easton97-Jens/received_events", + "type": "User", + "user_view_type": "public", + "site_admin": false + }, + "committer": { + "login": "Easton97-Jens", + "id": 66330090, + "node_id": "MDQ6VXNlcjY2MzMwMDkw", + "avatar_url": "https://avatars.githubusercontent.com/u/66330090?v=4", + "gravatar_id": "", + "url": "https://api.github.com/users/Easton97-Jens", + "html_url": "https://github.com/Easton97-Jens", + "followers_url": "https://api.github.com/users/Easton97-Jens/followers", + "following_url": "https://api.github.com/users/Easton97-Jens/following{/other_user}", + "gists_url": "https://api.github.com/users/Easton97-Jens/gists{/gist_id}", + "starred_url": "https://api.github.com/users/Easton97-Jens/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/Easton97-Jens/subscriptions", + "organizations_url": "https://api.github.com/users/Easton97-Jens/orgs", + "repos_url": "https://api.github.com/users/Easton97-Jens/repos", + "events_url": "https://api.github.com/users/Easton97-Jens/events{/privacy}", + "received_events_url": "https://api.github.com/users/Easton97-Jens/received_events", + "type": "User", + "user_view_type": "public", + "site_admin": false + }, + "parents": [ + { + "sha": "82ca699a9aa220b0f2e5c957b01560d7f408e965", + "url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/commits/82ca699a9aa220b0f2e5c957b01560d7f408e965", + "html_url": "https://github.com/owasp-modsecurity/ModSecurity/commit/82ca699a9aa220b0f2e5c957b01560d7f408e965" + } + ] + }, + { + "sha": "d0589143e206bd0c830e492cf7812ae1acc334a6", + "node_id": "C_kwDOQkI2j9oAKGQwNTg5MTQzZTIwNmJkMGM4MzBlNDkyY2Y3ODEyYWUxYWNjMzM0YTY", + "commit": { + "author": { + "name": "Jens", + "email": "Jens_st97@gmx.de", + "date": "2026-04-11T21:28:19Z" + }, + "committer": { + "name": "Jens", + "email": "Jens_st97@gmx.de", + "date": "2026-04-11T21:28:19Z" + }, + "message": "Remove duplicate code, performance optimization", + "tree": { + "sha": "37b13529ea93d43c33fe0788889418df3a1486a3", + "url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/git/trees/37b13529ea93d43c33fe0788889418df3a1486a3" + }, + "url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/git/commits/d0589143e206bd0c830e492cf7812ae1acc334a6", + "comment_count": 0, + "verification": { + "verified": false, + "reason": "unsigned", + "signature": null, + "payload": null, + "verified_at": null + } + }, + "url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/commits/d0589143e206bd0c830e492cf7812ae1acc334a6", + "html_url": "https://github.com/owasp-modsecurity/ModSecurity/commit/d0589143e206bd0c830e492cf7812ae1acc334a6", + "comments_url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/commits/d0589143e206bd0c830e492cf7812ae1acc334a6/comments", + "author": { + "login": "Easton97-Jens", + "id": 66330090, + "node_id": "MDQ6VXNlcjY2MzMwMDkw", + "avatar_url": "https://avatars.githubusercontent.com/u/66330090?v=4", + "gravatar_id": "", + "url": "https://api.github.com/users/Easton97-Jens", + "html_url": "https://github.com/Easton97-Jens", + "followers_url": "https://api.github.com/users/Easton97-Jens/followers", + "following_url": "https://api.github.com/users/Easton97-Jens/following{/other_user}", + "gists_url": "https://api.github.com/users/Easton97-Jens/gists{/gist_id}", + "starred_url": "https://api.github.com/users/Easton97-Jens/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/Easton97-Jens/subscriptions", + "organizations_url": "https://api.github.com/users/Easton97-Jens/orgs", + "repos_url": "https://api.github.com/users/Easton97-Jens/repos", + "events_url": "https://api.github.com/users/Easton97-Jens/events{/privacy}", + "received_events_url": "https://api.github.com/users/Easton97-Jens/received_events", + "type": "User", + "user_view_type": "public", + "site_admin": false + }, + "committer": { + "login": "Easton97-Jens", + "id": 66330090, + "node_id": "MDQ6VXNlcjY2MzMwMDkw", + "avatar_url": "https://avatars.githubusercontent.com/u/66330090?v=4", + "gravatar_id": "", + "url": "https://api.github.com/users/Easton97-Jens", + "html_url": "https://github.com/Easton97-Jens", + "followers_url": "https://api.github.com/users/Easton97-Jens/followers", + "following_url": "https://api.github.com/users/Easton97-Jens/following{/other_user}", + "gists_url": "https://api.github.com/users/Easton97-Jens/gists{/gist_id}", + "starred_url": "https://api.github.com/users/Easton97-Jens/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/Easton97-Jens/subscriptions", + "organizations_url": "https://api.github.com/users/Easton97-Jens/orgs", + "repos_url": "https://api.github.com/users/Easton97-Jens/repos", + "events_url": "https://api.github.com/users/Easton97-Jens/events{/privacy}", + "received_events_url": "https://api.github.com/users/Easton97-Jens/received_events", + "type": "User", + "user_view_type": "public", + "site_admin": false + }, + "parents": [ + { + "sha": "c8506d3e5fc4a75500aa4086c2c67fe5a9f3f721", + "url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/commits/c8506d3e5fc4a75500aa4086c2c67fe5a9f3f721", + "html_url": "https://github.com/owasp-modsecurity/ModSecurity/commit/c8506d3e5fc4a75500aa4086c2c67fe5a9f3f721" + } + ] + }, + { + "sha": "ec9dce9afcf45440731e9496cce69d6875abb22d", + "node_id": "C_kwDOQkI2j9oAKGVjOWRjZTlhZmNmNDU0NDA3MzFlOTQ5NmNjZTY5ZDY4NzVhYmIyMmQ", + "commit": { + "author": { + "name": "Jens", + "email": "Jens_st97@gmx.de", + "date": "2026-04-12T10:29:07Z" + }, + "committer": { + "name": "Jens", + "email": "Jens_st97@gmx.de", + "date": "2026-04-12T10:29:07Z" + }, + "message": "add build ordner", + "tree": { + "sha": "6cf4cd0fc33fb9ffcd4763ad3c325d921ae87da8", + "url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/git/trees/6cf4cd0fc33fb9ffcd4763ad3c325d921ae87da8" + }, + "url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/git/commits/ec9dce9afcf45440731e9496cce69d6875abb22d", + "comment_count": 0, + "verification": { + "verified": false, + "reason": "unsigned", + "signature": null, + "payload": null, + "verified_at": null + } + }, + "url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/commits/ec9dce9afcf45440731e9496cce69d6875abb22d", + "html_url": "https://github.com/owasp-modsecurity/ModSecurity/commit/ec9dce9afcf45440731e9496cce69d6875abb22d", + "comments_url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/commits/ec9dce9afcf45440731e9496cce69d6875abb22d/comments", + "author": { + "login": "Easton97-Jens", + "id": 66330090, + "node_id": "MDQ6VXNlcjY2MzMwMDkw", + "avatar_url": "https://avatars.githubusercontent.com/u/66330090?v=4", + "gravatar_id": "", + "url": "https://api.github.com/users/Easton97-Jens", + "html_url": "https://github.com/Easton97-Jens", + "followers_url": "https://api.github.com/users/Easton97-Jens/followers", + "following_url": "https://api.github.com/users/Easton97-Jens/following{/other_user}", + "gists_url": "https://api.github.com/users/Easton97-Jens/gists{/gist_id}", + "starred_url": "https://api.github.com/users/Easton97-Jens/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/Easton97-Jens/subscriptions", + "organizations_url": "https://api.github.com/users/Easton97-Jens/orgs", + "repos_url": "https://api.github.com/users/Easton97-Jens/repos", + "events_url": "https://api.github.com/users/Easton97-Jens/events{/privacy}", + "received_events_url": "https://api.github.com/users/Easton97-Jens/received_events", + "type": "User", + "user_view_type": "public", + "site_admin": false + }, + "committer": { + "login": "Easton97-Jens", + "id": 66330090, + "node_id": "MDQ6VXNlcjY2MzMwMDkw", + "avatar_url": "https://avatars.githubusercontent.com/u/66330090?v=4", + "gravatar_id": "", + "url": "https://api.github.com/users/Easton97-Jens", + "html_url": "https://github.com/Easton97-Jens", + "followers_url": "https://api.github.com/users/Easton97-Jens/followers", + "following_url": "https://api.github.com/users/Easton97-Jens/following{/other_user}", + "gists_url": "https://api.github.com/users/Easton97-Jens/gists{/gist_id}", + "starred_url": "https://api.github.com/users/Easton97-Jens/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/Easton97-Jens/subscriptions", + "organizations_url": "https://api.github.com/users/Easton97-Jens/orgs", + "repos_url": "https://api.github.com/users/Easton97-Jens/repos", + "events_url": "https://api.github.com/users/Easton97-Jens/events{/privacy}", + "received_events_url": "https://api.github.com/users/Easton97-Jens/received_events", + "type": "User", + "user_view_type": "public", + "site_admin": false + }, + "parents": [ + { + "sha": "d0589143e206bd0c830e492cf7812ae1acc334a6", + "url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/commits/d0589143e206bd0c830e492cf7812ae1acc334a6", + "html_url": "https://github.com/owasp-modsecurity/ModSecurity/commit/d0589143e206bd0c830e492cf7812ae1acc334a6" + } + ] + }, + { + "sha": "c13f7d10f3db1d1bb80380d2882e0afbdbe2d5b8", + "node_id": "C_kwDOQkI2j9oAKGMxM2Y3ZDEwZjNkYjFkMWJiODAzODBkMjg4MmUwYWZiZGJlMmQ1Yjg", + "commit": { + "author": { + "name": "Jens", + "email": "Jens_st97@gmx.de", + "date": "2026-04-12T11:15:59Z" + }, + "committer": { + "name": "Jens", + "email": "Jens_st97@gmx.de", + "date": "2026-04-12T18:38:02Z" + }, + "message": "performance optimization\n\nComplete implementation simdjson\n\nComplete implementation jsoncons\n\nremove analysis\n\nInitialize ret variable to zero in UnitTestResult\n\nfix test\n\nFix validateByteRange and cssDecode unit test edge cases\n\ncomplete jsoncons\n\nperformance adjustment\n\nsonarqubecloud error corrected", + "tree": { + "sha": "3119dbaf479a50abffd5d87cf27f5020c9a844c8", + "url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/git/trees/3119dbaf479a50abffd5d87cf27f5020c9a844c8" + }, + "url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/git/commits/c13f7d10f3db1d1bb80380d2882e0afbdbe2d5b8", + "comment_count": 0, + "verification": { + "verified": false, + "reason": "unsigned", + "signature": null, + "payload": null, + "verified_at": null + } + }, + "url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/commits/c13f7d10f3db1d1bb80380d2882e0afbdbe2d5b8", + "html_url": "https://github.com/owasp-modsecurity/ModSecurity/commit/c13f7d10f3db1d1bb80380d2882e0afbdbe2d5b8", + "comments_url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/commits/c13f7d10f3db1d1bb80380d2882e0afbdbe2d5b8/comments", + "author": { + "login": "Easton97-Jens", + "id": 66330090, + "node_id": "MDQ6VXNlcjY2MzMwMDkw", + "avatar_url": "https://avatars.githubusercontent.com/u/66330090?v=4", + "gravatar_id": "", + "url": "https://api.github.com/users/Easton97-Jens", + "html_url": "https://github.com/Easton97-Jens", + "followers_url": "https://api.github.com/users/Easton97-Jens/followers", + "following_url": "https://api.github.com/users/Easton97-Jens/following{/other_user}", + "gists_url": "https://api.github.com/users/Easton97-Jens/gists{/gist_id}", + "starred_url": "https://api.github.com/users/Easton97-Jens/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/Easton97-Jens/subscriptions", + "organizations_url": "https://api.github.com/users/Easton97-Jens/orgs", + "repos_url": "https://api.github.com/users/Easton97-Jens/repos", + "events_url": "https://api.github.com/users/Easton97-Jens/events{/privacy}", + "received_events_url": "https://api.github.com/users/Easton97-Jens/received_events", + "type": "User", + "user_view_type": "public", + "site_admin": false + }, + "committer": { + "login": "Easton97-Jens", + "id": 66330090, + "node_id": "MDQ6VXNlcjY2MzMwMDkw", + "avatar_url": "https://avatars.githubusercontent.com/u/66330090?v=4", + "gravatar_id": "", + "url": "https://api.github.com/users/Easton97-Jens", + "html_url": "https://github.com/Easton97-Jens", + "followers_url": "https://api.github.com/users/Easton97-Jens/followers", + "following_url": "https://api.github.com/users/Easton97-Jens/following{/other_user}", + "gists_url": "https://api.github.com/users/Easton97-Jens/gists{/gist_id}", + "starred_url": "https://api.github.com/users/Easton97-Jens/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/Easton97-Jens/subscriptions", + "organizations_url": "https://api.github.com/users/Easton97-Jens/orgs", + "repos_url": "https://api.github.com/users/Easton97-Jens/repos", + "events_url": "https://api.github.com/users/Easton97-Jens/events{/privacy}", + "received_events_url": "https://api.github.com/users/Easton97-Jens/received_events", + "type": "User", + "user_view_type": "public", + "site_admin": false + }, + "parents": [ + { + "sha": "ec9dce9afcf45440731e9496cce69d6875abb22d", + "url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/commits/ec9dce9afcf45440731e9496cce69d6875abb22d", + "html_url": "https://github.com/owasp-modsecurity/ModSecurity/commit/ec9dce9afcf45440731e9496cce69d6875abb22d" + } + ] + }, + { + "sha": "ed42377959a4fe102a591b08f8ceb5ba0948522a", + "node_id": "C_kwDOQkI2j9oAKGVkNDIzNzc5NTlhNGZlMTAyYTU5MWIwOGY4Y2ViNWJhMDk0ODUyMmE", + "commit": { + "author": { + "name": "Jens", + "email": "Jens_st97@gmx.de", + "date": "2026-04-12T19:05:19Z" + }, + "committer": { + "name": "Jens", + "email": "Jens_st97@gmx.de", + "date": "2026-04-13T18:14:46Z" + }, + "message": "fix windows\n\nsonarqubecloud error corrected\n\nRefactor JSONAdapter parse method to use parseImpl\n\nRefactor JSONAdapter parse methods to remove adapter parameter\n\nAdd parseImpl method to json_adapter.h\n\nRefactor JSON field handling in regression tests\n\nRefactor JSON field processing by introducing a reusable for_each_json_field function. This change simplifies the code in multiple update functions by eliminating redundant logic.\n\nRefactor parsing functions for improved validation\n\nCleanup: Remove unused parsing functions\n\nRemoved unused functions related to parsing and scenario building in json_benchmark.cc.\n\nImprove benchmark output and add bilingual benchmark docs\n\nApply minimal Sonar-focused fixes in benchmark parser/script\n\nMeasure benchmark timer only around transaction loop\n\nRevisit JSON Sonar follow-ups for adapter and enum handling\n\nReduce duplicated JSON backend control-flow blocks\n\nfix: probably UB (left shift of neg. val) in ip_tree\n\nfix: nullptr dereference in seclang scanner\n\nfix: unhandled exception in parser\n\nDeduplicate shared JSON backend helper functions", + "tree": { + "sha": "36aadeebabf0cf4dead4e57c5bdae997d5123ac3", + "url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/git/trees/36aadeebabf0cf4dead4e57c5bdae997d5123ac3" + }, + "url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/git/commits/ed42377959a4fe102a591b08f8ceb5ba0948522a", + "comment_count": 0, + "verification": { + "verified": false, + "reason": "unsigned", + "signature": null, + "payload": null, + "verified_at": null + } + }, + "url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/commits/ed42377959a4fe102a591b08f8ceb5ba0948522a", + "html_url": "https://github.com/owasp-modsecurity/ModSecurity/commit/ed42377959a4fe102a591b08f8ceb5ba0948522a", + "comments_url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/commits/ed42377959a4fe102a591b08f8ceb5ba0948522a/comments", + "author": { + "login": "Easton97-Jens", + "id": 66330090, + "node_id": "MDQ6VXNlcjY2MzMwMDkw", + "avatar_url": "https://avatars.githubusercontent.com/u/66330090?v=4", + "gravatar_id": "", + "url": "https://api.github.com/users/Easton97-Jens", + "html_url": "https://github.com/Easton97-Jens", + "followers_url": "https://api.github.com/users/Easton97-Jens/followers", + "following_url": "https://api.github.com/users/Easton97-Jens/following{/other_user}", + "gists_url": "https://api.github.com/users/Easton97-Jens/gists{/gist_id}", + "starred_url": "https://api.github.com/users/Easton97-Jens/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/Easton97-Jens/subscriptions", + "organizations_url": "https://api.github.com/users/Easton97-Jens/orgs", + "repos_url": "https://api.github.com/users/Easton97-Jens/repos", + "events_url": "https://api.github.com/users/Easton97-Jens/events{/privacy}", + "received_events_url": "https://api.github.com/users/Easton97-Jens/received_events", + "type": "User", + "user_view_type": "public", + "site_admin": false + }, + "committer": { + "login": "Easton97-Jens", + "id": 66330090, + "node_id": "MDQ6VXNlcjY2MzMwMDkw", + "avatar_url": "https://avatars.githubusercontent.com/u/66330090?v=4", + "gravatar_id": "", + "url": "https://api.github.com/users/Easton97-Jens", + "html_url": "https://github.com/Easton97-Jens", + "followers_url": "https://api.github.com/users/Easton97-Jens/followers", + "following_url": "https://api.github.com/users/Easton97-Jens/following{/other_user}", + "gists_url": "https://api.github.com/users/Easton97-Jens/gists{/gist_id}", + "starred_url": "https://api.github.com/users/Easton97-Jens/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/Easton97-Jens/subscriptions", + "organizations_url": "https://api.github.com/users/Easton97-Jens/orgs", + "repos_url": "https://api.github.com/users/Easton97-Jens/repos", + "events_url": "https://api.github.com/users/Easton97-Jens/events{/privacy}", + "received_events_url": "https://api.github.com/users/Easton97-Jens/received_events", + "type": "User", + "user_view_type": "public", + "site_admin": false + }, + "parents": [ + { + "sha": "c13f7d10f3db1d1bb80380d2882e0afbdbe2d5b8", + "url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/commits/c13f7d10f3db1d1bb80380d2882e0afbdbe2d5b8", + "html_url": "https://github.com/owasp-modsecurity/ModSecurity/commit/c13f7d10f3db1d1bb80380d2882e0afbdbe2d5b8" + } + ] + }, + { + "sha": "3ec86cf63e095cddf4f22f6d9cfe3461bbbf4942", + "node_id": "C_kwDOQkI2j9oAKDNlYzg2Y2Y2M2UwOTVjZGRmNGYyMmY2ZDljZmUzNDYxYmJiZjQ5NDI", + "commit": { + "author": { + "name": "Easton97-Jens", + "email": "66330090+Easton97-Jens@users.noreply.github.com", + "date": "2026-04-13T18:16:29Z" + }, + "committer": { + "name": "GitHub", + "email": "noreply@github.com", + "date": "2026-04-13T18:16:29Z" + }, + "message": "Merge branch 'owasp-modsecurity:v3/master' into v3/master-json2", + "tree": { + "sha": "36aadeebabf0cf4dead4e57c5bdae997d5123ac3", + "url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/git/trees/36aadeebabf0cf4dead4e57c5bdae997d5123ac3" + }, + "url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/git/commits/3ec86cf63e095cddf4f22f6d9cfe3461bbbf4942", + "comment_count": 0, + "verification": { + "verified": true, + "reason": "valid", + "signature": "-----BEGIN PGP SIGNATURE-----\n\nwsFcBAABCAAQBQJp3TL9CRC1aQ7uu5UhlAAAx20QAKhS6fl9Ivnti6WL/Uwc+98h\nJjaSF2P34lUPChhf0tHoKG8oiCb0+d2PoHW4p7HCoZZzCrKrUgq890hPXUZoscbj\nD/RoKgA8XR0h+8SAHQeQuZdKVEDXdzu9KK2uFQ8/RVM7gkjYtvyBMsPzSWW2j0WQ\n59mVicgEgqEfp+GNwJLf9iAgWGLGxRFqDGSfHlL2lR1+xdphSiPn8UDO5tq/t4Np\nk3WjsFYCWCj2qY/ywB4OgnY0JHXIJOH3cwAjGnZ97+xntGk8KxpjxiirhqxP9BLo\nxP8nC4i3ds4JHgEq646pDbxWf1OeeGklittMh9jZd0xy/RIGbHdAKBtzAkL4QH4M\nqS3px3UAnPXO/emNsCWuxmOCGI/a92ZPD89kFVnd8MWzSuht3QfBDfaRF4bCebnB\nRJqq6MqsC6w9s1OSXZ8GTe8vofWS9Gu1d038tgbL6UPUBzWoGv8K4ud8v5YzGH6A\nV+12A+ac6+ZJMOe6qpz1mJKBeSuqU6JnFlUTn1btdH4uBi7ceELGsMVVc3cXR8H/\n19QJ2W+kQKVt6R++Ui458EZz+TGEijFg1e6GBW44fp7RpEawq/rUYsNC7JAtgvhN\nEYLQ+Rfe05fTfH35MuWa4cKnabC3vHfsQpafJFxTGfEavmHm7j6VPigAYh8IKD4o\nKYLU4bHIDWUsnACnnZpq\n=PJW6\n-----END PGP SIGNATURE-----\n", + "payload": "tree 36aadeebabf0cf4dead4e57c5bdae997d5123ac3\nparent ed42377959a4fe102a591b08f8ceb5ba0948522a\nparent 8c658f00394b194e06e6d04a903fd366b8f1aeaf\nauthor Easton97-Jens <66330090+Easton97-Jens@users.noreply.github.com> 1776104189 +0200\ncommitter GitHub 1776104189 +0200\n\nMerge branch 'owasp-modsecurity:v3/master' into v3/master-json2\n", + "verified_at": "2026-04-13T18:16:35Z" + } + }, + "url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/commits/3ec86cf63e095cddf4f22f6d9cfe3461bbbf4942", + "html_url": "https://github.com/owasp-modsecurity/ModSecurity/commit/3ec86cf63e095cddf4f22f6d9cfe3461bbbf4942", + "comments_url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/commits/3ec86cf63e095cddf4f22f6d9cfe3461bbbf4942/comments", + "author": { + "login": "Easton97-Jens", + "id": 66330090, + "node_id": "MDQ6VXNlcjY2MzMwMDkw", + "avatar_url": "https://avatars.githubusercontent.com/u/66330090?v=4", + "gravatar_id": "", + "url": "https://api.github.com/users/Easton97-Jens", + "html_url": "https://github.com/Easton97-Jens", + "followers_url": "https://api.github.com/users/Easton97-Jens/followers", + "following_url": "https://api.github.com/users/Easton97-Jens/following{/other_user}", + "gists_url": "https://api.github.com/users/Easton97-Jens/gists{/gist_id}", + "starred_url": "https://api.github.com/users/Easton97-Jens/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/Easton97-Jens/subscriptions", + "organizations_url": "https://api.github.com/users/Easton97-Jens/orgs", + "repos_url": "https://api.github.com/users/Easton97-Jens/repos", + "events_url": "https://api.github.com/users/Easton97-Jens/events{/privacy}", + "received_events_url": "https://api.github.com/users/Easton97-Jens/received_events", + "type": "User", + "user_view_type": "public", + "site_admin": false + }, + "committer": { + "login": "web-flow", + "id": 19864447, + "node_id": "MDQ6VXNlcjE5ODY0NDQ3", + "avatar_url": "https://avatars.githubusercontent.com/u/19864447?v=4", + "gravatar_id": "", + "url": "https://api.github.com/users/web-flow", + "html_url": "https://github.com/web-flow", + "followers_url": "https://api.github.com/users/web-flow/followers", + "following_url": "https://api.github.com/users/web-flow/following{/other_user}", + "gists_url": "https://api.github.com/users/web-flow/gists{/gist_id}", + "starred_url": "https://api.github.com/users/web-flow/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/web-flow/subscriptions", + "organizations_url": "https://api.github.com/users/web-flow/orgs", + "repos_url": "https://api.github.com/users/web-flow/repos", + "events_url": "https://api.github.com/users/web-flow/events{/privacy}", + "received_events_url": "https://api.github.com/users/web-flow/received_events", + "type": "User", + "user_view_type": "public", + "site_admin": false + }, + "parents": [ + { + "sha": "ed42377959a4fe102a591b08f8ceb5ba0948522a", + "url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/commits/ed42377959a4fe102a591b08f8ceb5ba0948522a", + "html_url": "https://github.com/owasp-modsecurity/ModSecurity/commit/ed42377959a4fe102a591b08f8ceb5ba0948522a" + }, + { + "sha": "8c658f00394b194e06e6d04a903fd366b8f1aeaf", + "url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/commits/8c658f00394b194e06e6d04a903fd366b8f1aeaf", + "html_url": "https://github.com/owasp-modsecurity/ModSecurity/commit/8c658f00394b194e06e6d04a903fd366b8f1aeaf" + } + ] + }, + { + "sha": "57bf6d2e909e45c95b2d06e9b31a1535d4936aee", + "node_id": "C_kwDOQkI2j9oAKDU3YmY2ZDJlOTA5ZTQ1Yzk1YjJkMDZlOWIzMWExNTM1ZDQ5MzZhZWU", + "commit": { + "author": { + "name": "Easton97-Jens", + "email": "66330090+Easton97-Jens@users.noreply.github.com", + "date": "2026-04-14T18:35:36Z" + }, + "committer": { + "name": "Easton97-Jens", + "email": "66330090+Easton97-Jens@users.noreply.github.com", + "date": "2026-04-14T18:35:36Z" + }, + "message": "Restore rules_set include required by XML processor build", + "tree": { + "sha": "7b544a4299d9fc993ef4f7308e91cc3eeb7b331b", + "url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/git/trees/7b544a4299d9fc993ef4f7308e91cc3eeb7b331b" + }, + "url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/git/commits/57bf6d2e909e45c95b2d06e9b31a1535d4936aee", + "comment_count": 0, + "verification": { + "verified": false, + "reason": "unsigned", + "signature": null, + "payload": null, + "verified_at": null + } + }, + "url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/commits/57bf6d2e909e45c95b2d06e9b31a1535d4936aee", + "html_url": "https://github.com/owasp-modsecurity/ModSecurity/commit/57bf6d2e909e45c95b2d06e9b31a1535d4936aee", + "comments_url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/commits/57bf6d2e909e45c95b2d06e9b31a1535d4936aee/comments", + "author": { + "login": "Easton97-Jens", + "id": 66330090, + "node_id": "MDQ6VXNlcjY2MzMwMDkw", + "avatar_url": "https://avatars.githubusercontent.com/u/66330090?v=4", + "gravatar_id": "", + "url": "https://api.github.com/users/Easton97-Jens", + "html_url": "https://github.com/Easton97-Jens", + "followers_url": "https://api.github.com/users/Easton97-Jens/followers", + "following_url": "https://api.github.com/users/Easton97-Jens/following{/other_user}", + "gists_url": "https://api.github.com/users/Easton97-Jens/gists{/gist_id}", + "starred_url": "https://api.github.com/users/Easton97-Jens/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/Easton97-Jens/subscriptions", + "organizations_url": "https://api.github.com/users/Easton97-Jens/orgs", + "repos_url": "https://api.github.com/users/Easton97-Jens/repos", + "events_url": "https://api.github.com/users/Easton97-Jens/events{/privacy}", + "received_events_url": "https://api.github.com/users/Easton97-Jens/received_events", + "type": "User", + "user_view_type": "public", + "site_admin": false + }, + "committer": { + "login": "Easton97-Jens", + "id": 66330090, + "node_id": "MDQ6VXNlcjY2MzMwMDkw", + "avatar_url": "https://avatars.githubusercontent.com/u/66330090?v=4", + "gravatar_id": "", + "url": "https://api.github.com/users/Easton97-Jens", + "html_url": "https://github.com/Easton97-Jens", + "followers_url": "https://api.github.com/users/Easton97-Jens/followers", + "following_url": "https://api.github.com/users/Easton97-Jens/following{/other_user}", + "gists_url": "https://api.github.com/users/Easton97-Jens/gists{/gist_id}", + "starred_url": "https://api.github.com/users/Easton97-Jens/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/Easton97-Jens/subscriptions", + "organizations_url": "https://api.github.com/users/Easton97-Jens/orgs", + "repos_url": "https://api.github.com/users/Easton97-Jens/repos", + "events_url": "https://api.github.com/users/Easton97-Jens/events{/privacy}", + "received_events_url": "https://api.github.com/users/Easton97-Jens/received_events", + "type": "User", + "user_view_type": "public", + "site_admin": false + }, + "parents": [ + { + "sha": "3ec86cf63e095cddf4f22f6d9cfe3461bbbf4942", + "url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/commits/3ec86cf63e095cddf4f22f6d9cfe3461bbbf4942", + "html_url": "https://github.com/owasp-modsecurity/ModSecurity/commit/3ec86cf63e095cddf4f22f6d9cfe3461bbbf4942" + } + ] + }, + { + "sha": "7c4f24ace3a9ed6e60e1211da78f4894931e9ab0", + "node_id": "C_kwDOQkI2j9oAKDdjNGYyNGFjZTNhOWVkNmU2MGUxMjExZGE3OGY0ODk0OTMxZTlhYjA", + "commit": { + "author": { + "name": "Easton97-Jens", + "email": "66330090+Easton97-Jens@users.noreply.github.com", + "date": "2026-04-14T18:35:58Z" + }, + "committer": { + "name": "GitHub", + "email": "noreply@github.com", + "date": "2026-04-14T18:35:58Z" + }, + "message": "Merge pull request #74 from Easton97-Jens/codex/systematische-behebung-offener-sonar-probleme-7954xf\n\nModernize codebase: nullptr/default initializers, std::string_view, smart pointers and minor cleanups", + "tree": { + "sha": "7b544a4299d9fc993ef4f7308e91cc3eeb7b331b", + "url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/git/trees/7b544a4299d9fc993ef4f7308e91cc3eeb7b331b" + }, + "url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/git/commits/7c4f24ace3a9ed6e60e1211da78f4894931e9ab0", + "comment_count": 0, + "verification": { + "verified": true, + "reason": "valid", + "signature": "-----BEGIN PGP SIGNATURE-----\n\nwsFcBAABCAAQBQJp3okOCRC1aQ7uu5UhlAAAhs4QAGYzVRo4oZz0iq7Mx0OGwKis\nTAgX5QMdpi4UlvADwDwJBEfhOV8LmJSWIRanO251dZcmUvBImVlBhpOdcJgnmW9X\nvjLDFg/HGgxeyO3MazhSVCg/VWqz/Xysu8BN2qbjXw92CoL5m+SCng7xUMq3X3DU\na/Ol/XlbzLUMMuRyzdxjj+y+tvEJ4fG9tYGk2/WLvr8IBvP9s5fYuOiPMGb9qvip\nlH9PVbMenH0k7btZsMe+7L1yC6M7i7IA7jnmTmWPQPqVM93LfXAo8pq86S7hMjmy\n/mjX+QpJVcRhojO4IgIt5ictuOswhmLZ5AXjc9aTfFhoVY9Aindu5K22vRq5oKOs\nihMUUbZCg51r0HK0G+NiAZADvn6yiviZzZZmUtrOV2ilufsWl2BKDG2w2Jf2beSn\n/gqvUdblLcXO0bypusi4xJWCTchDK3PyNEggS1muYAACp3eeEeX7xBLcKTccU1sO\nAadyWGwb+h+7aIKivgXq8FZwSaxWLOny+6cUHOBQEXA4SXx7HVw6LdpAFh4XPKlq\nLRlTzAy8TQswstDJOCXNToRzFY+HyH7I/ErBbzv6C9BeaGR74snPn0qrwefrRxYD\nf7xeokHfhvu0GsiRaMD72VtdO3Z1BRMPF8FhOy3g0yjkfgVXq/GajkvZft1Yado8\nGCwS+f6aNzPWAJSDrIKb\n=3YvN\n-----END PGP SIGNATURE-----\n", + "payload": "tree 7b544a4299d9fc993ef4f7308e91cc3eeb7b331b\nparent 3ec86cf63e095cddf4f22f6d9cfe3461bbbf4942\nparent 57bf6d2e909e45c95b2d06e9b31a1535d4936aee\nauthor Easton97-Jens <66330090+Easton97-Jens@users.noreply.github.com> 1776191758 +0200\ncommitter GitHub 1776191758 +0200\n\nMerge pull request #74 from Easton97-Jens/codex/systematische-behebung-offener-sonar-probleme-7954xf\n\nModernize codebase: nullptr/default initializers, std::string_view, smart pointers and minor cleanups", + "verified_at": "2026-04-14T18:35:58Z" + } + }, + "url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/commits/7c4f24ace3a9ed6e60e1211da78f4894931e9ab0", + "html_url": "https://github.com/owasp-modsecurity/ModSecurity/commit/7c4f24ace3a9ed6e60e1211da78f4894931e9ab0", + "comments_url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/commits/7c4f24ace3a9ed6e60e1211da78f4894931e9ab0/comments", + "author": { + "login": "Easton97-Jens", + "id": 66330090, + "node_id": "MDQ6VXNlcjY2MzMwMDkw", + "avatar_url": "https://avatars.githubusercontent.com/u/66330090?v=4", + "gravatar_id": "", + "url": "https://api.github.com/users/Easton97-Jens", + "html_url": "https://github.com/Easton97-Jens", + "followers_url": "https://api.github.com/users/Easton97-Jens/followers", + "following_url": "https://api.github.com/users/Easton97-Jens/following{/other_user}", + "gists_url": "https://api.github.com/users/Easton97-Jens/gists{/gist_id}", + "starred_url": "https://api.github.com/users/Easton97-Jens/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/Easton97-Jens/subscriptions", + "organizations_url": "https://api.github.com/users/Easton97-Jens/orgs", + "repos_url": "https://api.github.com/users/Easton97-Jens/repos", + "events_url": "https://api.github.com/users/Easton97-Jens/events{/privacy}", + "received_events_url": "https://api.github.com/users/Easton97-Jens/received_events", + "type": "User", + "user_view_type": "public", + "site_admin": false + }, + "committer": { + "login": "web-flow", + "id": 19864447, + "node_id": "MDQ6VXNlcjE5ODY0NDQ3", + "avatar_url": "https://avatars.githubusercontent.com/u/19864447?v=4", + "gravatar_id": "", + "url": "https://api.github.com/users/web-flow", + "html_url": "https://github.com/web-flow", + "followers_url": "https://api.github.com/users/web-flow/followers", + "following_url": "https://api.github.com/users/web-flow/following{/other_user}", + "gists_url": "https://api.github.com/users/web-flow/gists{/gist_id}", + "starred_url": "https://api.github.com/users/web-flow/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/web-flow/subscriptions", + "organizations_url": "https://api.github.com/users/web-flow/orgs", + "repos_url": "https://api.github.com/users/web-flow/repos", + "events_url": "https://api.github.com/users/web-flow/events{/privacy}", + "received_events_url": "https://api.github.com/users/web-flow/received_events", + "type": "User", + "user_view_type": "public", + "site_admin": false + }, + "parents": [ + { + "sha": "3ec86cf63e095cddf4f22f6d9cfe3461bbbf4942", + "url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/commits/3ec86cf63e095cddf4f22f6d9cfe3461bbbf4942", + "html_url": "https://github.com/owasp-modsecurity/ModSecurity/commit/3ec86cf63e095cddf4f22f6d9cfe3461bbbf4942" + }, + { + "sha": "57bf6d2e909e45c95b2d06e9b31a1535d4936aee", + "url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/commits/57bf6d2e909e45c95b2d06e9b31a1535d4936aee", + "html_url": "https://github.com/owasp-modsecurity/ModSecurity/commit/57bf6d2e909e45c95b2d06e9b31a1535d4936aee" + } + ] + }, + { + "sha": "8197d2b079cbd16f2a7ff5ee35178d60a1eab4f3", + "node_id": "C_kwDOQkI2j9oAKDgxOTdkMmIwNzljYmQxNmYyYTdmZjVlZTM1MTc4ZDYwYTFlYWI0ZjM", + "commit": { + "author": { + "name": "Easton97-Jens", + "email": "66330090+Easton97-Jens@users.noreply.github.com", + "date": "2026-04-14T19:10:47Z" + }, + "committer": { + "name": "Easton97-Jens", + "email": "66330090+Easton97-Jens@users.noreply.github.com", + "date": "2026-04-14T19:10:47Z" + }, + "message": "Refactor open critical Sonar complexity and nesting findings", + "tree": { + "sha": "faea0399cb682e2cae1060e29816045b86f338c9", + "url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/git/trees/faea0399cb682e2cae1060e29816045b86f338c9" + }, + "url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/git/commits/8197d2b079cbd16f2a7ff5ee35178d60a1eab4f3", + "comment_count": 0, + "verification": { + "verified": false, + "reason": "unsigned", + "signature": null, + "payload": null, + "verified_at": null + } + }, + "url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/commits/8197d2b079cbd16f2a7ff5ee35178d60a1eab4f3", + "html_url": "https://github.com/owasp-modsecurity/ModSecurity/commit/8197d2b079cbd16f2a7ff5ee35178d60a1eab4f3", + "comments_url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/commits/8197d2b079cbd16f2a7ff5ee35178d60a1eab4f3/comments", + "author": { + "login": "Easton97-Jens", + "id": 66330090, + "node_id": "MDQ6VXNlcjY2MzMwMDkw", + "avatar_url": "https://avatars.githubusercontent.com/u/66330090?v=4", + "gravatar_id": "", + "url": "https://api.github.com/users/Easton97-Jens", + "html_url": "https://github.com/Easton97-Jens", + "followers_url": "https://api.github.com/users/Easton97-Jens/followers", + "following_url": "https://api.github.com/users/Easton97-Jens/following{/other_user}", + "gists_url": "https://api.github.com/users/Easton97-Jens/gists{/gist_id}", + "starred_url": "https://api.github.com/users/Easton97-Jens/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/Easton97-Jens/subscriptions", + "organizations_url": "https://api.github.com/users/Easton97-Jens/orgs", + "repos_url": "https://api.github.com/users/Easton97-Jens/repos", + "events_url": "https://api.github.com/users/Easton97-Jens/events{/privacy}", + "received_events_url": "https://api.github.com/users/Easton97-Jens/received_events", + "type": "User", + "user_view_type": "public", + "site_admin": false + }, + "committer": { + "login": "Easton97-Jens", + "id": 66330090, + "node_id": "MDQ6VXNlcjY2MzMwMDkw", + "avatar_url": "https://avatars.githubusercontent.com/u/66330090?v=4", + "gravatar_id": "", + "url": "https://api.github.com/users/Easton97-Jens", + "html_url": "https://github.com/Easton97-Jens", + "followers_url": "https://api.github.com/users/Easton97-Jens/followers", + "following_url": "https://api.github.com/users/Easton97-Jens/following{/other_user}", + "gists_url": "https://api.github.com/users/Easton97-Jens/gists{/gist_id}", + "starred_url": "https://api.github.com/users/Easton97-Jens/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/Easton97-Jens/subscriptions", + "organizations_url": "https://api.github.com/users/Easton97-Jens/orgs", + "repos_url": "https://api.github.com/users/Easton97-Jens/repos", + "events_url": "https://api.github.com/users/Easton97-Jens/events{/privacy}", + "received_events_url": "https://api.github.com/users/Easton97-Jens/received_events", + "type": "User", + "user_view_type": "public", + "site_admin": false + }, + "parents": [ + { + "sha": "7c4f24ace3a9ed6e60e1211da78f4894931e9ab0", + "url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/commits/7c4f24ace3a9ed6e60e1211da78f4894931e9ab0", + "html_url": "https://github.com/owasp-modsecurity/ModSecurity/commit/7c4f24ace3a9ed6e60e1211da78f4894931e9ab0" + } + ] + }, + { + "sha": "9c29515ef87b85baaf22bcb004c4403cd14ed0ce", + "node_id": "C_kwDOQkI2j9oAKDljMjk1MTVlZjg3Yjg1YmFhZjIyYmNiMDA0YzQ0MDNjZDE0ZWQwY2U", + "commit": { + "author": { + "name": "Easton97-Jens", + "email": "66330090+Easton97-Jens@users.noreply.github.com", + "date": "2026-04-14T19:11:08Z" + }, + "committer": { + "name": "GitHub", + "email": "noreply@github.com", + "date": "2026-04-14T19:11:08Z" + }, + "message": "Merge pull request #77 from Easton97-Jens/codex/bearbeite-critical-sonar-befunde-in-pr-#3540\n\nAddress open CRITICAL Sonar nesting and cognitive-complexity findings", + "tree": { + "sha": "faea0399cb682e2cae1060e29816045b86f338c9", + "url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/git/trees/faea0399cb682e2cae1060e29816045b86f338c9" + }, + "url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/git/commits/9c29515ef87b85baaf22bcb004c4403cd14ed0ce", + "comment_count": 0, + "verification": { + "verified": true, + "reason": "valid", + "signature": "-----BEGIN PGP SIGNATURE-----\n\nwsFcBAABCAAQBQJp3pFMCRC1aQ7uu5UhlAAAWjkQACakDL2XIbYjvY14LN6Laq7P\nPKwKAh1yXFLT6OrMK0aFWp+VcfjW+IPqjdheoVUkmLnBTeneLAsPGG94ZJqnv4U+\nmB51ku8PkH/i6nDlzJVZxLpCkCAkj9emePMEny4U/b4VyTCBdtwImbBsFTb/qGt1\nXzn9FM0VeplgzEoHX+gMbuYHpaYOWMeixR/T+2Z7eu7N3kPZqdPshHa5zeC0ooua\n+VO6zijcyimEHRqZ7ocdi7qtb8vtnkuAMdROFxB401sYYggX5a2vBw88iFQO7wKs\nKRLgBnpbhyZpEyYcvoxF5/dDN+a0FUol/O7EhjJ5SgTFSOhFF6Jb9g2vO1Kvx3EY\nkbNsNbAsVVxFFt4gvaBwiBwWN5dPv1lu9gB/wXS+D4CjiI8hblgcznNcgD9CoSKS\nAx6/FziV/aV4nc9On6gUSos8WpilVEvgrTkz8fBQgii4SdpQAFQfuV+xfO613Nuz\n01Q9SgGtYbai6awvx9+jdk5az5zxRzL3dMs+wlW3nNHcE0iTziF6fHx1lHXzVQ48\nj2ws4AQXDlBirmReNr9c9YvNebAGmqVvWW4mZQT7RYJEPrSpLgzHvye/uPBbjGTI\nk99Ditscfv0bZQj67R7LkpDUz473TgN5PQQ+Sir6+g/haWwh7zdF2KH96tbqxP/U\nTfWYHdiLnzG93jSen+0U\n=pLWP\n-----END PGP SIGNATURE-----\n", + "payload": "tree faea0399cb682e2cae1060e29816045b86f338c9\nparent 7c4f24ace3a9ed6e60e1211da78f4894931e9ab0\nparent 8197d2b079cbd16f2a7ff5ee35178d60a1eab4f3\nauthor Easton97-Jens <66330090+Easton97-Jens@users.noreply.github.com> 1776193868 +0200\ncommitter GitHub 1776193868 +0200\n\nMerge pull request #77 from Easton97-Jens/codex/bearbeite-critical-sonar-befunde-in-pr-#3540\n\nAddress open CRITICAL Sonar nesting and cognitive-complexity findings", + "verified_at": "2026-04-14T19:11:08Z" + } + }, + "url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/commits/9c29515ef87b85baaf22bcb004c4403cd14ed0ce", + "html_url": "https://github.com/owasp-modsecurity/ModSecurity/commit/9c29515ef87b85baaf22bcb004c4403cd14ed0ce", + "comments_url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/commits/9c29515ef87b85baaf22bcb004c4403cd14ed0ce/comments", + "author": { + "login": "Easton97-Jens", + "id": 66330090, + "node_id": "MDQ6VXNlcjY2MzMwMDkw", + "avatar_url": "https://avatars.githubusercontent.com/u/66330090?v=4", + "gravatar_id": "", + "url": "https://api.github.com/users/Easton97-Jens", + "html_url": "https://github.com/Easton97-Jens", + "followers_url": "https://api.github.com/users/Easton97-Jens/followers", + "following_url": "https://api.github.com/users/Easton97-Jens/following{/other_user}", + "gists_url": "https://api.github.com/users/Easton97-Jens/gists{/gist_id}", + "starred_url": "https://api.github.com/users/Easton97-Jens/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/Easton97-Jens/subscriptions", + "organizations_url": "https://api.github.com/users/Easton97-Jens/orgs", + "repos_url": "https://api.github.com/users/Easton97-Jens/repos", + "events_url": "https://api.github.com/users/Easton97-Jens/events{/privacy}", + "received_events_url": "https://api.github.com/users/Easton97-Jens/received_events", + "type": "User", + "user_view_type": "public", + "site_admin": false + }, + "committer": { + "login": "web-flow", + "id": 19864447, + "node_id": "MDQ6VXNlcjE5ODY0NDQ3", + "avatar_url": "https://avatars.githubusercontent.com/u/19864447?v=4", + "gravatar_id": "", + "url": "https://api.github.com/users/web-flow", + "html_url": "https://github.com/web-flow", + "followers_url": "https://api.github.com/users/web-flow/followers", + "following_url": "https://api.github.com/users/web-flow/following{/other_user}", + "gists_url": "https://api.github.com/users/web-flow/gists{/gist_id}", + "starred_url": "https://api.github.com/users/web-flow/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/web-flow/subscriptions", + "organizations_url": "https://api.github.com/users/web-flow/orgs", + "repos_url": "https://api.github.com/users/web-flow/repos", + "events_url": "https://api.github.com/users/web-flow/events{/privacy}", + "received_events_url": "https://api.github.com/users/web-flow/received_events", + "type": "User", + "user_view_type": "public", + "site_admin": false + }, + "parents": [ + { + "sha": "7c4f24ace3a9ed6e60e1211da78f4894931e9ab0", + "url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/commits/7c4f24ace3a9ed6e60e1211da78f4894931e9ab0", + "html_url": "https://github.com/owasp-modsecurity/ModSecurity/commit/7c4f24ace3a9ed6e60e1211da78f4894931e9ab0" + }, + { + "sha": "8197d2b079cbd16f2a7ff5ee35178d60a1eab4f3", + "url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/commits/8197d2b079cbd16f2a7ff5ee35178d60a1eab4f3", + "html_url": "https://github.com/owasp-modsecurity/ModSecurity/commit/8197d2b079cbd16f2a7ff5ee35178d60a1eab4f3" + } + ] + } +] diff --git a/analysis/pr3540_hotspots.json b/analysis/pr3540_hotspots.json new file mode 100644 index 0000000000..3d6d0aa498 --- /dev/null +++ b/analysis/pr3540_hotspots.json @@ -0,0 +1 @@ +{"paging":{"pageIndex":1,"pageSize":500,"total":0},"hotspots":[],"components":[]} \ No newline at end of file diff --git a/analysis/pr3540_issues_closed.json b/analysis/pr3540_issues_closed.json new file mode 100644 index 0000000000..d1a14e05be --- /dev/null +++ b/analysis/pr3540_issues_closed.json @@ -0,0 +1 @@ +{"total":181,"p":1,"ps":500,"paging":{"pageIndex":1,"pageSize":500,"total":181},"effortTotal":1453,"debtTotal":1453,"issues":[{"key":"AZ2NTAUK-fxIQtZsdoYq","rule":"cpp:S134","severity":"CRITICAL","component":"owasp-modsecurity_ModSecurity:src/request_body_processor/xml.cc","project":"owasp-modsecurity_ModSecurity","hash":"64030041a900973cd05e2851ef53bde5","textRange":{"startLine":314,"endLine":314,"startOffset":16,"endOffset":18},"flows":[{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/xml.cc","textRange":{"startLine":281,"endLine":281,"startOffset":4,"endOffset":6},"msg":"Nesting level 1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/xml.cc","textRange":{"startLine":304,"endLine":304,"startOffset":8,"endOffset":10},"msg":"Nesting level 2"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/xml.cc","textRange":{"startLine":313,"endLine":313,"startOffset":12,"endOffset":14},"msg":"Nesting level 3"}]}],"resolution":"FIXED","status":"CLOSED","message":"Refactor this code to not nest more than 3 if|for|do|while|switch statements.","effort":"10min","debt":"10min","tags":["brain-overload"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-14T18:35:36+0000","updateDate":"2026-04-14T19:11:47+0000","closeDate":"2026-04-14T19:11:47+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"FOCUSED","cleanCodeAttributeCategory":"ADAPTABLE","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"HIGH"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ2H7l3jym_e-6l8FQmh","rule":"cpp:S1172","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","project":"owasp-modsecurity_ModSecurity","hash":"19f98fe2f43bf6b1adfaa7055241bb07","textRange":{"startLine":577,"endLine":577,"startOffset":40,"endOffset":44},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Remove the unused parameter \"sink\", make it unnamed, or declare it \"[[maybe_unused]]\".","effort":"5min","debt":"5min","tags":["based-on-misra","cert","unused"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-13T17:36:45+0000","updateDate":"2026-04-13T18:14:03+0000","closeDate":"2026-04-13T18:14:03+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CLEAR","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"MEDIUM"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ2H7l0Nym_e-6l8FQmg","rule":"cpp:S6018","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_instrumentation.cc","project":"owasp-modsecurity_ModSecurity","hash":"b66e20c4e83b6e2e1baa363fbfa339bf","textRange":{"startLine":13,"endLine":13,"startOffset":4,"endOffset":51},"flows":[],"resolution":"REMOVED","status":"CLOSED","message":"Use inline variables to define this global variable.","effort":"2min","debt":"2min","tags":["clumsy","since-c++17"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-13T17:36:45+0000","updateDate":"2026-04-14T18:36:40+0000","closeDate":"2026-04-14T18:36:40+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CLEAR","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"MEDIUM"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ2DWE24t-zbsGOGdN-_","rule":"cpp:S3776","severity":"CRITICAL","component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","project":"owasp-modsecurity_ModSecurity","hash":"9166dd20bcd8fea767a96c282d47937a","textRange":{"startLine":120,"endLine":120,"startOffset":8,"endOffset":20},"flows":[{"locations":[{"component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","textRange":{"startLine":123,"endLine":123,"startOffset":4,"endOffset":7},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","textRange":{"startLine":125,"endLine":125,"startOffset":8,"endOffset":10},"msg":"+2 (incl 1 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","textRange":{"startLine":125,"endLine":125,"startOffset":47,"endOffset":49},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","textRange":{"startLine":128,"endLine":128,"startOffset":10,"endOffset":14},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","textRange":{"startLine":129,"endLine":129,"startOffset":12,"endOffset":14},"msg":"+3 (incl 2 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","textRange":{"startLine":133,"endLine":133,"startOffset":10,"endOffset":14},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","textRange":{"startLine":134,"endLine":134,"startOffset":12,"endOffset":14},"msg":"+3 (incl 2 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","textRange":{"startLine":138,"endLine":138,"startOffset":10,"endOffset":14},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","textRange":{"startLine":139,"endLine":139,"startOffset":12,"endOffset":14},"msg":"+3 (incl 2 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","textRange":{"startLine":143,"endLine":143,"startOffset":10,"endOffset":14},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","textRange":{"startLine":144,"endLine":144,"startOffset":12,"endOffset":14},"msg":"+3 (incl 2 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","textRange":{"startLine":148,"endLine":148,"startOffset":10,"endOffset":14},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","textRange":{"startLine":150,"endLine":150,"startOffset":10,"endOffset":14},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","textRange":{"startLine":151,"endLine":151,"startOffset":12,"endOffset":14},"msg":"+3 (incl 2 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","textRange":{"startLine":154,"endLine":154,"startOffset":12,"endOffset":14},"msg":"+3 (incl 2 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","textRange":{"startLine":160,"endLine":160,"startOffset":10,"endOffset":14},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","textRange":{"startLine":165,"endLine":165,"startOffset":4,"endOffset":6},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","textRange":{"startLine":169,"endLine":169,"startOffset":4,"endOffset":6},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","textRange":{"startLine":170,"endLine":170,"startOffset":12,"endOffset":14},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","textRange":{"startLine":171,"endLine":171,"startOffset":28,"endOffset":30},"msg":"+1"}]}],"resolution":"FIXED","status":"CLOSED","message":"Refactor this function to reduce its Cognitive Complexity from 33 to the 25 allowed.","effort":"13min","debt":"13min","tags":["brain-overload"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-12T20:14:00+0000","updateDate":"2026-04-13T16:21:29+0000","closeDate":"2026-04-13T16:21:29+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"FOCUSED","cleanCodeAttributeCategory":"ADAPTABLE","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"HIGH"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ2DWE24t-zbsGOGdN_A","rule":"cpp:S112","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","project":"owasp-modsecurity_ModSecurity","hash":"f50f4abe0aad9357619d8f40ab90942e","textRange":{"startLine":130,"endLine":130,"startOffset":22,"endOffset":72},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Define and throw a dedicated exception instead of using a generic one.","effort":"20min","debt":"20min","tags":["cert","cppcoreguidelines","cwe","error-handling"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-12T20:14:00+0000","updateDate":"2026-04-13T16:21:29+0000","closeDate":"2026-04-13T16:21:29+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"COMPLETE","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"MEDIUM"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ2DWE24t-zbsGOGdN_B","rule":"cpp:S112","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","project":"owasp-modsecurity_ModSecurity","hash":"e3471399349b1cc5490c04fc7d6b48f2","textRange":{"startLine":135,"endLine":135,"startOffset":22,"endOffset":74},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Define and throw a dedicated exception instead of using a generic one.","effort":"20min","debt":"20min","tags":["cert","cppcoreguidelines","cwe","error-handling"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-12T20:14:00+0000","updateDate":"2026-04-13T16:21:29+0000","closeDate":"2026-04-13T16:21:29+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"COMPLETE","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"MEDIUM"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ2DWE24t-zbsGOGdN_C","rule":"cpp:S112","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","project":"owasp-modsecurity_ModSecurity","hash":"1856f36de8bd602c45f1eadbfc1e3c69","textRange":{"startLine":140,"endLine":140,"startOffset":22,"endOffset":76},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Define and throw a dedicated exception instead of using a generic one.","effort":"20min","debt":"20min","tags":["cert","cppcoreguidelines","cwe","error-handling"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-12T20:14:00+0000","updateDate":"2026-04-13T16:21:29+0000","closeDate":"2026-04-13T16:21:29+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"COMPLETE","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"MEDIUM"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ2DWE24t-zbsGOGdN_D","rule":"cpp:S112","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","project":"owasp-modsecurity_ModSecurity","hash":"ccd88162be445be1a7b05ed7b4c9e418","textRange":{"startLine":145,"endLine":145,"startOffset":22,"endOffset":69},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Define and throw a dedicated exception instead of using a generic one.","effort":"20min","debt":"20min","tags":["cert","cppcoreguidelines","cwe","error-handling"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-12T20:14:00+0000","updateDate":"2026-04-13T16:21:29+0000","closeDate":"2026-04-13T16:21:29+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"COMPLETE","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"MEDIUM"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ2DWE24t-zbsGOGdN_E","rule":"cpp:S112","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","project":"owasp-modsecurity_ModSecurity","hash":"753e472508d53f54bdf1bd69d53341e6","textRange":{"startLine":152,"endLine":152,"startOffset":22,"endOffset":70},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Define and throw a dedicated exception instead of using a generic one.","effort":"20min","debt":"20min","tags":["cert","cppcoreguidelines","cwe","error-handling"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-12T20:14:00+0000","updateDate":"2026-04-13T16:21:29+0000","closeDate":"2026-04-13T16:21:29+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"COMPLETE","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"MEDIUM"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ2DWE24t-zbsGOGdN_F","rule":"cpp:S112","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","project":"owasp-modsecurity_ModSecurity","hash":"4ff8115fbd0e725acac1651381a9c53d","textRange":{"startLine":156,"endLine":157,"startOffset":22,"endOffset":36},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Define and throw a dedicated exception instead of using a generic one.","effort":"20min","debt":"20min","tags":["cert","cppcoreguidelines","cwe","error-handling"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-12T20:14:00+0000","updateDate":"2026-04-13T16:21:29+0000","closeDate":"2026-04-13T16:21:29+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"COMPLETE","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"MEDIUM"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ2DWE24t-zbsGOGdN_G","rule":"cpp:S112","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","project":"owasp-modsecurity_ModSecurity","hash":"bba9c6e4416be68334f6626afcfba361","textRange":{"startLine":161,"endLine":161,"startOffset":18,"endOffset":66},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Define and throw a dedicated exception instead of using a generic one.","effort":"20min","debt":"20min","tags":["cert","cppcoreguidelines","cwe","error-handling"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-12T20:14:00+0000","updateDate":"2026-04-13T16:21:29+0000","closeDate":"2026-04-13T16:21:29+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"COMPLETE","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"MEDIUM"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ2DWE24t-zbsGOGdN_H","rule":"cpp:S112","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","project":"owasp-modsecurity_ModSecurity","hash":"1aefe6a6de59593fe7bef9dbf30625fa","textRange":{"startLine":166,"endLine":166,"startOffset":14,"endOffset":63},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Define and throw a dedicated exception instead of using a generic one.","effort":"20min","debt":"20min","tags":["cert","cppcoreguidelines","cwe","error-handling"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-12T20:14:00+0000","updateDate":"2026-04-13T16:21:29+0000","closeDate":"2026-04-13T16:21:29+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"COMPLETE","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"MEDIUM"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ2DWE24t-zbsGOGdN_I","rule":"cpp:S112","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","project":"owasp-modsecurity_ModSecurity","hash":"cfd0ab3b08d14b7e71006e465347e68b","textRange":{"startLine":172,"endLine":173,"startOffset":14,"endOffset":63},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Define and throw a dedicated exception instead of using a generic one.","effort":"20min","debt":"20min","tags":["cert","cppcoreguidelines","cwe","error-handling"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-12T20:14:00+0000","updateDate":"2026-04-13T16:21:29+0000","closeDate":"2026-04-13T16:21:29+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"COMPLETE","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"MEDIUM"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ2DWE24t-zbsGOGdN_J","rule":"cpp:S112","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","project":"owasp-modsecurity_ModSecurity","hash":"366695255c51d989515669ee99c033d2","textRange":{"startLine":302,"endLine":302,"startOffset":10,"endOffset":73},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Define and throw a dedicated exception instead of using a generic one.","effort":"20min","debt":"20min","tags":["cert","cppcoreguidelines","cwe","error-handling"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-12T20:14:00+0000","updateDate":"2026-04-13T16:21:29+0000","closeDate":"2026-04-13T16:21:29+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"COMPLETE","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"MEDIUM"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ2DWE24t-zbsGOGdN_M","rule":"cpp:S112","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","project":"owasp-modsecurity_ModSecurity","hash":"cfd0ab3b08d14b7e71006e465347e68b","textRange":{"startLine":334,"endLine":335,"startOffset":18,"endOffset":69},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Define and throw a dedicated exception instead of using a generic one.","effort":"20min","debt":"20min","tags":["cert","cppcoreguidelines","cwe","error-handling"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-12T20:14:00+0000","updateDate":"2026-04-13T16:21:29+0000","closeDate":"2026-04-13T16:21:29+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"COMPLETE","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"MEDIUM"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ2DWE24t-zbsGOGdN_N","rule":"cpp:S112","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","project":"owasp-modsecurity_ModSecurity","hash":"754cfff83189f03f91fa902a6e7ddc79","textRange":{"startLine":340,"endLine":340,"startOffset":18,"endOffset":73},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Define and throw a dedicated exception instead of using a generic one.","effort":"20min","debt":"20min","tags":["cert","cppcoreguidelines","cwe","error-handling"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-12T20:14:00+0000","updateDate":"2026-04-13T16:21:29+0000","closeDate":"2026-04-13T16:21:29+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"COMPLETE","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"MEDIUM"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ2DWE24t-zbsGOGdN_O","rule":"cpp:S112","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","project":"owasp-modsecurity_ModSecurity","hash":"cfd0ab3b08d14b7e71006e465347e68b","textRange":{"startLine":351,"endLine":352,"startOffset":18,"endOffset":65},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Define and throw a dedicated exception instead of using a generic one.","effort":"20min","debt":"20min","tags":["cert","cppcoreguidelines","cwe","error-handling"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-12T20:14:00+0000","updateDate":"2026-04-13T16:21:29+0000","closeDate":"2026-04-13T16:21:29+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"COMPLETE","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"MEDIUM"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ2DWE24t-zbsGOGdN_P","rule":"cpp:S112","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","project":"owasp-modsecurity_ModSecurity","hash":"cfd0ab3b08d14b7e71006e465347e68b","textRange":{"startLine":360,"endLine":361,"startOffset":18,"endOffset":69},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Define and throw a dedicated exception instead of using a generic one.","effort":"20min","debt":"20min","tags":["cert","cppcoreguidelines","cwe","error-handling"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-12T20:14:00+0000","updateDate":"2026-04-13T16:21:29+0000","closeDate":"2026-04-13T16:21:29+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"COMPLETE","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"MEDIUM"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ2DR4Fykud7vHWq_QVC","rule":"cpp:S6009","severity":"MINOR","component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_adapter.cc","project":"owasp-modsecurity_ModSecurity","hash":"5b42ae08ff9fdf387d372da4bf4f474f","textRange":{"startLine":58,"endLine":58,"startOffset":39,"endOffset":63},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Replace this const reference to \"std::string\" by a \"std::string_view\".","effort":"2min","debt":"2min","tags":["since-c++17"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-12T19:55:55+0000","updateDate":"2026-04-13T17:36:45+0000","closeDate":"2026-04-13T17:36:45+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"EFFICIENT","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"LOW"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ2DR4Fykud7vHWq_QVD","rule":"cpp:S995","severity":"MINOR","component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_adapter.cc","project":"owasp-modsecurity_ModSecurity","hash":"e571f38f330b62163b304754e1fb37e4","textRange":{"startLine":59,"endLine":59,"startOffset":4,"endOffset":23},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Make the type of this parameter a pointer-to-const. The current type of \"sink\" is \"class modsecurity::RequestBodyProcessor::JsonEventSink *\".","effort":"2min","debt":"2min","tags":["bad-practice","misra-c++2008","misra-c2004","misra-c2012"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-12T19:55:55+0000","updateDate":"2026-04-13T17:36:45+0000","closeDate":"2026-04-13T17:36:45+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CONVENTIONAL","cleanCodeAttributeCategory":"CONSISTENT","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"LOW"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ2DR4Fykud7vHWq_QVE","rule":"cpp:S995","severity":"MINOR","component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_adapter.cc","project":"owasp-modsecurity_ModSecurity","hash":"eb9378e3a668868ea0f9348965d597c1","textRange":{"startLine":81,"endLine":81,"startOffset":35,"endOffset":53},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Make the type of this parameter a reference-to-const. The current type of \"input\" is \"std::string \u0026\".","effort":"2min","debt":"2min","tags":["bad-practice","misra-c++2008","misra-c2004","misra-c2012"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-12T19:55:55+0000","updateDate":"2026-04-13T17:36:45+0000","closeDate":"2026-04-13T17:36:45+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CONVENTIONAL","cleanCodeAttributeCategory":"CONSISTENT","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"LOW"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ2DK9KwXISY38E6wMPS","rule":"cpp:S995","severity":"MINOR","component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_adapter.cc","project":"owasp-modsecurity_ModSecurity","hash":"e571f38f330b62163b304754e1fb37e4","textRange":{"startLine":82,"endLine":82,"startOffset":4,"endOffset":23},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Make the type of this parameter a pointer-to-const. The current type of \"sink\" is \"class modsecurity::RequestBodyProcessor::JsonEventSink *\".","effort":"2min","debt":"2min","tags":["bad-practice","misra-c++2008","misra-c2004","misra-c2012"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-12T19:25:35+0000","updateDate":"2026-04-12T19:48:59+0000","closeDate":"2026-04-12T19:48:59+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CONVENTIONAL","cleanCodeAttributeCategory":"CONSISTENT","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"LOW"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ2C_aavSTzC4JOHsQM1","rule":"cpp:S1121","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","project":"owasp-modsecurity_ModSecurity","hash":"4c879dabcd403635119c8b8687ea14ad","textRange":{"startLine":384,"endLine":384,"startOffset":52,"endOffset":54},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Extract the assignment from this expression.","effort":"5min","debt":"5min","tags":["based-on-misra","cert","cwe","suspicious"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-12T18:35:11+0000","updateDate":"2026-04-12T19:25:35+0000","closeDate":"2026-04-12T19:25:35+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CLEAR","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"MEDIUM"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ2CwcldK0fgB4uOpVKy","rule":"cpp:S995","severity":"MINOR","component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_adapter.cc","project":"owasp-modsecurity_ModSecurity","hash":"eb9378e3a668868ea0f9348965d597c1","textRange":{"startLine":58,"endLine":58,"startOffset":35,"endOffset":53},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Make the type of this parameter a reference-to-const. The current type of \"input\" is \"std::string \u0026\".","effort":"2min","debt":"2min","tags":["bad-practice","misra-c++2008","misra-c2004","misra-c2012"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-12T17:31:07+0000","updateDate":"2026-04-12T19:48:59+0000","closeDate":"2026-04-12T19:48:59+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CONVENTIONAL","cleanCodeAttributeCategory":"CONSISTENT","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"LOW"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ2CwcldK0fgB4uOpVK0","rule":"cpp:S995","severity":"MINOR","component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_adapter.cc","project":"owasp-modsecurity_ModSecurity","hash":"465255f8b2a9c7700653be79d5e04c2b","textRange":{"startLine":81,"endLine":81,"startOffset":4,"endOffset":23},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Make the type of this parameter a pointer-to-const. The current type of \"sink\" is \"class modsecurity::RequestBodyProcessor::JsonEventSink *\".","effort":"2min","debt":"2min","tags":["bad-practice","misra-c++2008","misra-c2004","misra-c2012"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-12T17:31:07+0000","updateDate":"2026-04-12T19:25:35+0000","closeDate":"2026-04-12T19:25:35+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CONVENTIONAL","cleanCodeAttributeCategory":"CONSISTENT","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"LOW"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ2CwcldK0fgB4uOpVKz","rule":"cpp:S1172","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_adapter.cc","project":"owasp-modsecurity_ModSecurity","hash":"465255f8b2a9c7700653be79d5e04c2b","textRange":{"startLine":81,"endLine":81,"startOffset":56,"endOffset":63},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Remove the unused parameter \"options\", make it unnamed, or declare it \"[[maybe_unused]]\".","effort":"5min","debt":"5min","tags":["based-on-misra","cert","unused"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-12T17:31:07+0000","updateDate":"2026-04-12T19:25:35+0000","closeDate":"2026-04-12T19:25:35+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CLEAR","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"MEDIUM"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ2CwcnoK0fgB4uOpVK1","rule":"cpp:S6004","severity":"MINOR","component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_simdjson.cc","project":"owasp-modsecurity_ModSecurity","hash":"56f8a66aafdb86db7c6e4e478487db3b","textRange":{"startLine":101,"endLine":101,"startOffset":12,"endOffset":71},"flows":[{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_simdjson.cc","textRange":{"startLine":100,"endLine":100,"startOffset":8,"endOffset":38},"msg":"Variable \"tail\" is declared here."}]}],"resolution":"FIXED","status":"CLOSED","message":"Use the init-statement to declare \"tail\" inside the if statement.","effort":"2min","debt":"2min","tags":["clumsy","since-c++17"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-12T17:31:07+0000","updateDate":"2026-04-12T18:35:11+0000","closeDate":"2026-04-12T18:35:11+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CLEAR","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"LOW"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ2CwcnoK0fgB4uOpVK2","rule":"cpp:S1117","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_simdjson.cc","project":"owasp-modsecurity_ModSecurity","hash":"b24ca23a6583fc4b85d3ddd608518ab6","textRange":{"startLine":296,"endLine":296,"startOffset":25,"endOffset":31},"flows":[{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_simdjson.cc","textRange":{"startLine":289,"endLine":289,"startOffset":24,"endOffset":30},"msg":"Shadowed local variable."}]}],"resolution":"FIXED","status":"CLOSED","message":"Declaration shadows a local variable \"result\" in the outer scope.","effort":"5min","debt":"5min","tags":["based-on-misra","cert","pitfall","suspicious"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-12T17:31:07+0000","updateDate":"2026-04-12T18:35:11+0000","closeDate":"2026-04-12T18:35:11+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CLEAR","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"MEDIUM"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ2CwcnoK0fgB4uOpVK3","rule":"cpp:S1117","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_simdjson.cc","project":"owasp-modsecurity_ModSecurity","hash":"b24ca23a6583fc4b85d3ddd608518ab6","textRange":{"startLine":301,"endLine":301,"startOffset":25,"endOffset":31},"flows":[{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_simdjson.cc","textRange":{"startLine":289,"endLine":289,"startOffset":24,"endOffset":30},"msg":"Shadowed local variable."}]}],"resolution":"FIXED","status":"CLOSED","message":"Declaration shadows a local variable \"result\" in the outer scope.","effort":"5min","debt":"5min","tags":["based-on-misra","cert","pitfall","suspicious"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-12T17:31:07+0000","updateDate":"2026-04-12T18:35:11+0000","closeDate":"2026-04-12T18:35:11+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CLEAR","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"MEDIUM"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ2CwcnoK0fgB4uOpVK4","rule":"cpp:S5817","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_simdjson.cc","project":"owasp-modsecurity_ModSecurity","hash":"0a3985e7250c2ee1096f2d60691064a0","textRange":{"startLine":401,"endLine":401,"startOffset":20,"endOffset":41},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"This function should be declared \"const\".","effort":"5min","debt":"5min","tags":["confusing","pitfall"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-12T17:31:07+0000","updateDate":"2026-04-14T18:36:40+0000","closeDate":"2026-04-14T18:36:40+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CLEAR","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"MEDIUM"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ2CwcpOK0fgB4uOpVK5","rule":"cpp:S6004","severity":"MINOR","component":"owasp-modsecurity_ModSecurity:test/unit/json_backend_depth_tests.cc","project":"owasp-modsecurity_ModSecurity","hash":"25ee657251af24a3167cdd2d213f2311","textRange":{"startLine":156,"endLine":157,"startOffset":8,"endOffset":44},"flows":[{"locations":[{"component":"owasp-modsecurity_ModSecurity:test/unit/json_backend_depth_tests.cc","textRange":{"startLine":154,"endLine":154,"startOffset":4,"endOffset":83},"msg":"Variable \"result\" is declared here."}]}],"resolution":"FIXED","status":"CLOSED","message":"Use the init-statement to declare \"result\" inside the if statement.","effort":"2min","debt":"2min","tags":["clumsy","since-c++17"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-12T17:31:07+0000","updateDate":"2026-04-12T18:35:11+0000","closeDate":"2026-04-12T18:35:11+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CLEAR","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"LOW"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ2CwcpOK0fgB4uOpVK6","rule":"cpp:S6004","severity":"MINOR","component":"owasp-modsecurity_ModSecurity:test/unit/json_backend_depth_tests.cc","project":"owasp-modsecurity_ModSecurity","hash":"f25b6f1d0f3dcbe37a208487789ef9a5","textRange":{"startLine":196,"endLine":196,"startOffset":8,"endOffset":20},"flows":[{"locations":[{"component":"owasp-modsecurity_ModSecurity:test/unit/json_backend_depth_tests.cc","textRange":{"startLine":194,"endLine":194,"startOffset":4,"endOffset":84},"msg":"Variable \"result\" is declared here."}]}],"resolution":"FIXED","status":"CLOSED","message":"Use the init-statement to declare \"result\" inside the if statement.","effort":"2min","debt":"2min","tags":["clumsy","since-c++17"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-12T17:31:07+0000","updateDate":"2026-04-12T18:35:11+0000","closeDate":"2026-04-12T18:35:11+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CLEAR","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"LOW"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ2CdKxRGCkM6OziHCww","rule":"cpp:S6004","severity":"MINOR","component":"owasp-modsecurity_ModSecurity:test/unit/json_backend_depth_tests.cc","project":"owasp-modsecurity_ModSecurity","hash":"f25b6f1d0f3dcbe37a208487789ef9a5","textRange":{"startLine":175,"endLine":175,"startOffset":8,"endOffset":20},"flows":[{"locations":[{"component":"owasp-modsecurity_ModSecurity:test/unit/json_backend_depth_tests.cc","textRange":{"startLine":173,"endLine":173,"startOffset":4,"endOffset":83},"msg":"Variable \"result\" is declared here."}]}],"resolution":"FIXED","status":"CLOSED","message":"Use the init-statement to declare \"result\" inside the if statement.","effort":"2min","debt":"2min","tags":["clumsy","since-c++17"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-12T16:05:33+0000","updateDate":"2026-04-12T18:35:11+0000","closeDate":"2026-04-12T18:35:11+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CLEAR","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"LOW"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ2CdKxRGCkM6OziHCwx","rule":"cpp:S5945","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:test/unit/json_backend_depth_tests.cc","project":"owasp-modsecurity_ModSecurity","hash":"4081080bf5898df75d4630e4e6a9e7fc","textRange":{"startLine":291,"endLine":291,"startOffset":10,"endOffset":34},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Use \"std::array\" or \"std::vector\" instead of a C-style array.","effort":"10min","debt":"10min","tags":["bad-practice","clumsy","cppcoreguidelines"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-12T16:05:33+0000","updateDate":"2026-04-12T18:35:11+0000","closeDate":"2026-04-12T18:35:11+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"COMPLETE","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"MEDIUM"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ2CdKxRGCkM6OziHCwy","rule":"cpp:S3628","severity":"MINOR","component":"owasp-modsecurity_ModSecurity:test/unit/json_backend_depth_tests.cc","project":"owasp-modsecurity_ModSecurity","hash":"da9d5b749cd006596ecd3260e1006d88","textRange":{"startLine":314,"endLine":318,"startOffset":8,"endOffset":54},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Convert this string literal to a raw string literal.","effort":"2min","debt":"2min","tags":["since-c++11"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-12T16:05:33+0000","updateDate":"2026-04-12T18:35:11+0000","closeDate":"2026-04-12T18:35:11+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CLEAR","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"LOW"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ2CA_0CGCkM6OziEPex","rule":"shelldre:S7688","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:test/run-json-backend-matrix.sh","project":"owasp-modsecurity_ModSecurity","hash":"e85b9d8cde607c2368a4fdda40e124fd","textRange":{"startLine":148,"endLine":148,"startOffset":7,"endOffset":8},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Use \u0027[[\u0027 instead of \u0027[\u0027 for conditional tests. The \u0027[[\u0027 construct is safer and more feature-rich.","effort":"2min","debt":"2min","tags":["bash","best-practices","scripting","shell"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-12T14:02:28+0000","updateDate":"2026-04-12T18:35:11+0000","closeDate":"2026-04-12T18:35:11+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CONVENTIONAL","cleanCodeAttributeCategory":"CONSISTENT","impacts":[{"softwareQuality":"RELIABILITY","severity":"HIGH"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ2CA_xuGCkM6OziEPet","rule":"cpp:S5812","severity":"MINOR","component":"owasp-modsecurity_ModSecurity:test/unit/json_backend_depth_tests.cc","project":"owasp-modsecurity_ModSecurity","hash":"9fd2a21d139fc56c609535d57e960d0c","textRange":{"startLine":23,"endLine":23,"startOffset":10,"endOffset":21},"flows":[{"locations":[{"component":"owasp-modsecurity_ModSecurity:test/unit/json_backend_depth_tests.cc","textRange":{"startLine":24,"endLine":24,"startOffset":10,"endOffset":30},"msg":"Nested namespace"}]}],"resolution":"FIXED","status":"CLOSED","message":"Concatenate this namespace with the nested one.","effort":"5min","debt":"5min","tags":["confusing","since-c++17"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-12T14:01:45+0000","updateDate":"2026-04-12T18:35:11+0000","closeDate":"2026-04-12T18:35:11+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CLEAR","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"LOW"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ2CA_xuGCkM6OziEPev","rule":"cpp:S6004","severity":"MINOR","component":"owasp-modsecurity_ModSecurity:test/unit/json_backend_depth_tests.cc","project":"owasp-modsecurity_ModSecurity","hash":"8e9054e95a6a565b486729b474e1cbee","textRange":{"startLine":239,"endLine":240,"startOffset":8,"endOffset":57},"flows":[{"locations":[{"component":"owasp-modsecurity_ModSecurity:test/unit/json_backend_depth_tests.cc","textRange":{"startLine":236,"endLine":237,"startOffset":4,"endOffset":16},"msg":"Variable \"result\" is declared here."}]}],"resolution":"FIXED","status":"CLOSED","message":"Use the init-statement to declare \"result\" inside the if statement.","effort":"2min","debt":"2min","tags":["clumsy","since-c++17"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-12T14:01:45+0000","updateDate":"2026-04-12T18:35:11+0000","closeDate":"2026-04-12T18:35:11+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CLEAR","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"LOW"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ2CA_xuGCkM6OziEPew","rule":"cpp:S6004","severity":"MINOR","component":"owasp-modsecurity_ModSecurity:test/unit/json_backend_depth_tests.cc","project":"owasp-modsecurity_ModSecurity","hash":"f25b6f1d0f3dcbe37a208487789ef9a5","textRange":{"startLine":260,"endLine":260,"startOffset":8,"endOffset":20},"flows":[{"locations":[{"component":"owasp-modsecurity_ModSecurity:test/unit/json_backend_depth_tests.cc","textRange":{"startLine":257,"endLine":258,"startOffset":4,"endOffset":16},"msg":"Variable \"result\" is declared here."}]}],"resolution":"FIXED","status":"CLOSED","message":"Use the init-statement to declare \"result\" inside the if statement.","effort":"2min","debt":"2min","tags":["clumsy","since-c++17"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-12T14:01:45+0000","updateDate":"2026-04-12T18:35:11+0000","closeDate":"2026-04-12T18:35:11+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CLEAR","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"LOW"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ2BthMEO-njQfcv_7WG","rule":"cpp:S3776","severity":"CRITICAL","component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","project":"owasp-modsecurity_ModSecurity","hash":"8dd5f71f71feba805580b24928b2c90f","textRange":{"startLine":348,"endLine":348,"startOffset":9,"endOffset":24},"flows":[{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":352,"endLine":352,"startOffset":8,"endOffset":10},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":352,"endLine":352,"startOffset":38,"endOffset":40},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":353,"endLine":353,"startOffset":12,"endOffset":14},"msg":"+2 (incl 1 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":360,"endLine":360,"startOffset":8,"endOffset":13},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":363,"endLine":363,"startOffset":12,"endOffset":14},"msg":"+2 (incl 1 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":364,"endLine":364,"startOffset":16,"endOffset":18},"msg":"+3 (incl 2 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":365,"endLine":365,"startOffset":20,"endOffset":22},"msg":"+4 (incl 3 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":373,"endLine":373,"startOffset":16,"endOffset":18},"msg":"+3 (incl 2 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":374,"endLine":374,"startOffset":20,"endOffset":23},"msg":"+4 (incl 3 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":375,"endLine":375,"startOffset":24,"endOffset":26},"msg":"+5 (incl 4 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":376,"endLine":376,"startOffset":28,"endOffset":30},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":377,"endLine":377,"startOffset":28,"endOffset":30},"msg":"+6 (incl 5 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":388,"endLine":388,"startOffset":12,"endOffset":14},"msg":"+2 (incl 1 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":394,"endLine":394,"startOffset":12,"endOffset":14},"msg":"+2 (incl 1 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":395,"endLine":395,"startOffset":16,"endOffset":18},"msg":"+3 (incl 2 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":402,"endLine":402,"startOffset":8,"endOffset":10},"msg":"+1"}]}],"resolution":"FIXED","status":"CLOSED","message":"Refactor this function to reduce its Cognitive Complexity from 41 to the 25 allowed.","effort":"21min","debt":"21min","tags":["brain-overload"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-12T12:37:24+0000","updateDate":"2026-04-14T19:11:47+0000","closeDate":"2026-04-14T19:11:47+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"FOCUSED","cleanCodeAttributeCategory":"ADAPTABLE","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"HIGH"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ2BthMEO-njQfcv_7WH","rule":"cpp:S1121","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","project":"owasp-modsecurity_ModSecurity","hash":"844bb9e7dfbefadd9ab08cc73cc59ad3","textRange":{"startLine":375,"endLine":375,"startOffset":44,"endOffset":46},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Extract the assignment from this expression.","effort":"5min","debt":"5min","tags":["based-on-misra","cert","cwe","suspicious"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-12T12:37:24+0000","updateDate":"2026-04-12T19:25:35+0000","closeDate":"2026-04-12T19:25:35+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CLEAR","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"MEDIUM"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ2BthMEO-njQfcv_7WI","rule":"cpp:S1121","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","project":"owasp-modsecurity_ModSecurity","hash":"23261b9aabc266a6e73c239abe95799c","textRange":{"startLine":385,"endLine":385,"startOffset":48,"endOffset":50},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Extract the assignment from this expression.","effort":"5min","debt":"5min","tags":["based-on-misra","cert","cwe","suspicious"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-12T12:37:24+0000","updateDate":"2026-04-12T18:35:11+0000","closeDate":"2026-04-12T18:35:11+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CLEAR","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"MEDIUM"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ2BthMEO-njQfcv_7WJ","rule":"cpp:S3776","severity":"CRITICAL","component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","project":"owasp-modsecurity_ModSecurity","hash":"053b9dc919ce615517ec3c7414bfe214","textRange":{"startLine":412,"endLine":412,"startOffset":9,"endOffset":24},"flows":[{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":416,"endLine":416,"startOffset":8,"endOffset":10},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":416,"endLine":416,"startOffset":37,"endOffset":39},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":420,"endLine":420,"startOffset":8,"endOffset":10},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":421,"endLine":421,"startOffset":12,"endOffset":14},"msg":"+2 (incl 1 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":427,"endLine":427,"startOffset":8,"endOffset":10},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":429,"endLine":429,"startOffset":10,"endOffset":14},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":430,"endLine":430,"startOffset":12,"endOffset":14},"msg":"+2 (incl 1 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":430,"endLine":430,"startOffset":43,"endOffset":45},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":431,"endLine":431,"startOffset":16,"endOffset":18},"msg":"+3 (incl 2 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":436,"endLine":436,"startOffset":12,"endOffset":17},"msg":"+2 (incl 1 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":436,"endLine":436,"startOffset":44,"endOffset":46},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":441,"endLine":441,"startOffset":8,"endOffset":10},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":441,"endLine":441,"startOffset":37,"endOffset":39},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":443,"endLine":443,"startOffset":12,"endOffset":14},"msg":"+2 (incl 1 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":443,"endLine":443,"startOffset":42,"endOffset":44},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":444,"endLine":444,"startOffset":16,"endOffset":18},"msg":"+3 (incl 2 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":449,"endLine":449,"startOffset":12,"endOffset":17},"msg":"+2 (incl 1 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":449,"endLine":449,"startOffset":44,"endOffset":46},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":454,"endLine":454,"startOffset":8,"endOffset":10},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":455,"endLine":455,"startOffset":12,"endOffset":14},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":455,"endLine":455,"startOffset":40,"endOffset":42},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":457,"endLine":457,"startOffset":12,"endOffset":14},"msg":"+2 (incl 1 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":458,"endLine":458,"startOffset":16,"endOffset":18},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":458,"endLine":458,"startOffset":44,"endOffset":46},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":461,"endLine":461,"startOffset":12,"endOffset":14},"msg":"+2 (incl 1 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":461,"endLine":461,"startOffset":42,"endOffset":44},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":462,"endLine":462,"startOffset":16,"endOffset":18},"msg":"+3 (incl 2 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":467,"endLine":467,"startOffset":12,"endOffset":17},"msg":"+2 (incl 1 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":467,"endLine":467,"startOffset":44,"endOffset":46},"msg":"+1"}]}],"resolution":"FIXED","status":"CLOSED","message":"Refactor this function to reduce its Cognitive Complexity from 43 to the 25 allowed.","effort":"23min","debt":"23min","tags":["brain-overload"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-12T12:37:24+0000","updateDate":"2026-04-14T19:11:47+0000","closeDate":"2026-04-14T19:11:47+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"FOCUSED","cleanCodeAttributeCategory":"ADAPTABLE","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"HIGH"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ2BthMEO-njQfcv_7WK","rule":"cpp:S6004","severity":"MINOR","component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","project":"owasp-modsecurity_ModSecurity","hash":"ea5ccd2408b752d2090a4abf0d1ce11f","textRange":{"startLine":629,"endLine":631,"startOffset":20,"endOffset":37},"flows":[{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":628,"endLine":628,"startOffset":16,"endOffset":85},"msg":"Variable \"decoded_number\" is declared here."}]}],"resolution":"FIXED","status":"CLOSED","message":"Use the init-statement to declare \"decoded_number\" inside the if statement.","effort":"2min","debt":"2min","tags":["clumsy","since-c++17"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-12T12:37:24+0000","updateDate":"2026-04-12T18:35:11+0000","closeDate":"2026-04-12T18:35:11+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CLEAR","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"LOW"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ2BthMEO-njQfcv_7WL","rule":"cpp:S134","severity":"CRITICAL","component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","project":"owasp-modsecurity_ModSecurity","hash":"548b6737d920837df5c847e8372e3c21","textRange":{"startLine":634,"endLine":634,"startOffset":20,"endOffset":22},"flows":[{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":585,"endLine":585,"startOffset":4,"endOffset":10},"msg":"Nesting level 1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":627,"endLine":627,"startOffset":12,"endOffset":14},"msg":"Nesting level 2"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":628,"endLine":628,"startOffset":16,"endOffset":18},"msg":"Nesting level 3"}]}],"resolution":"FIXED","status":"CLOSED","message":"Refactor this code to not nest more than 3 if|for|do|while|switch statements.","effort":"10min","debt":"10min","tags":["brain-overload"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-12T12:37:24+0000","updateDate":"2026-04-13T17:36:45+0000","closeDate":"2026-04-13T17:36:45+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"FOCUSED","cleanCodeAttributeCategory":"ADAPTABLE","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"HIGH"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ2BkKY5XISY38E6k-Ld","rule":"cpp:S1135","severity":"INFO","component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_simdjson.cc","project":"owasp-modsecurity_ModSecurity","hash":"f0c1cb85d7ab32aacec4a3ddfe467835","textRange":{"startLine":435,"endLine":435,"startOffset":4,"endOffset":74},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Complete the task associated to this \"TODO\" comment.","effort":"0min","debt":"0min","tags":["cwe"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-12T11:56:25+0000","updateDate":"2026-04-12T17:31:07+0000","closeDate":"2026-04-12T17:31:07+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"COMPLETE","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"INFO"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ1-dn-nXISY38E6Txop","rule":"cpp:S5025","severity":"CRITICAL","component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json.cc","project":"owasp-modsecurity_ModSecurity","hash":"c577984bc907fb0c9019c59666a3dae9","textRange":{"startLine":57,"endLine":57,"startOffset":4,"endOffset":10},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Rewrite the code so that you no longer need this \"delete\".","effort":"10min","debt":"10min","tags":["bad-practice","cppcoreguidelines","since-c++11"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T21:29:06+0000","updateDate":"2026-04-13T17:36:45+0000","closeDate":"2026-04-13T17:36:45+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"FOCUSED","cleanCodeAttributeCategory":"ADAPTABLE","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"HIGH"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ1-dn-nXISY38E6Txoq","rule":"cpp:S5827","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json.cc","project":"owasp-modsecurity_ModSecurity","hash":"f1a28fda958cb95e23640cdefca093f9","textRange":{"startLine":60,"endLine":60,"startOffset":8,"endOffset":28},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Replace the redundant type with \"auto\".","effort":"2min","debt":"2min","tags":["clumsy","cppcoreguidelines","since-c++11"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T21:29:06+0000","updateDate":"2026-04-12T19:25:35+0000","closeDate":"2026-04-12T19:25:35+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CLEAR","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"MEDIUM"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ1-dn9hXISY38E6Txon","rule":"cpp:S5812","severity":"MINOR","component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_instrumentation.cc","project":"owasp-modsecurity_ModSecurity","hash":"9fd2a21d139fc56c609535d57e960d0c","textRange":{"startLine":9,"endLine":9,"startOffset":10,"endOffset":21},"flows":[{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_instrumentation.cc","textRange":{"startLine":10,"endLine":10,"startOffset":10,"endOffset":30},"msg":"Nested namespace"}]}],"resolution":"FIXED","status":"CLOSED","message":"Concatenate this namespace with the nested one.","effort":"5min","debt":"5min","tags":["confusing","since-c++17"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T21:28:19+0000","updateDate":"2026-04-12T18:35:11+0000","closeDate":"2026-04-12T18:35:11+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CLEAR","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"LOW"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ1-dn9hXISY38E6Txoo","rule":"cpp:S5421","severity":"CRITICAL","component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_instrumentation.cc","project":"owasp-modsecurity_ModSecurity","hash":"372d9dffb332cf4a36dd73c216dbf4e4","textRange":{"startLine":12,"endLine":12,"startOffset":0,"endOffset":49},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Global variables should be const.","effort":"20min","debt":"20min","tags":["bad-practice","cppcoreguidelines","pitfall"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T21:28:19+0000","updateDate":"2026-04-13T17:36:45+0000","closeDate":"2026-04-13T17:36:45+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"MODULAR","cleanCodeAttributeCategory":"ADAPTABLE","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"HIGH"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ1-dn9QXISY38E6Txom","rule":"cpp:S5812","severity":"MINOR","component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_instrumentation.h","project":"owasp-modsecurity_ModSecurity","hash":"9fd2a21d139fc56c609535d57e960d0c","textRange":{"startLine":9,"endLine":9,"startOffset":10,"endOffset":21},"flows":[{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_instrumentation.h","textRange":{"startLine":10,"endLine":10,"startOffset":10,"endOffset":30},"msg":"Nested namespace"}]}],"resolution":"FIXED","status":"CLOSED","message":"Concatenate this namespace with the nested one.","effort":"5min","debt":"5min","tags":["confusing","since-c++17"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T21:28:19+0000","updateDate":"2026-04-12T18:35:11+0000","closeDate":"2026-04-12T18:35:11+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CLEAR","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"LOW"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ1-dn4cXISY38E6Txoh","rule":"cpp:S4962","severity":"CRITICAL","component":"owasp-modsecurity_ModSecurity:src/utils/msc_tree.cc","project":"owasp-modsecurity_ModSecurity","hash":"d3140469db3f4c265016bffc0cdde1e9","textRange":{"startLine":987,"endLine":987,"startOffset":16,"endOffset":20},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Use the \"nullptr\" literal.","effort":"1min","debt":"1min","tags":["bad-practice","cppcoreguidelines","since-c++11"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T21:28:19+0000","updateDate":"2026-04-12T18:35:11+0000","closeDate":"2026-04-12T18:35:11+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CONVENTIONAL","cleanCodeAttributeCategory":"CONSISTENT","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"HIGH"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ1-doCWXISY38E6Txoz","rule":"cpp:S5421","severity":"CRITICAL","component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","project":"owasp-modsecurity_ModSecurity","hash":"fefdd83012c02818fcd827d61954a628","textRange":{"startLine":69,"endLine":71,"startOffset":0,"endOffset":72},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Global pointers should be const at every level.","effort":"20min","debt":"20min","tags":["bad-practice","cppcoreguidelines","pitfall"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T21:28:19+0000","updateDate":"2026-04-12T19:25:35+0000","closeDate":"2026-04-12T19:25:35+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"MODULAR","cleanCodeAttributeCategory":"ADAPTABLE","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"HIGH"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ1-doCWXISY38E6Txo0","rule":"cpp:S112","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","project":"owasp-modsecurity_ModSecurity","hash":"5e985e3561428d11d765a41be175b59d","textRange":{"startLine":100,"endLine":101,"startOffset":14,"endOffset":39},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Define and throw a dedicated exception instead of using a generic one.","effort":"20min","debt":"20min","tags":["cert","cppcoreguidelines","cwe","error-handling"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T21:28:19+0000","updateDate":"2026-04-13T16:21:29+0000","closeDate":"2026-04-13T16:21:29+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"COMPLETE","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"MEDIUM"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ1-doCWXISY38E6Txo1","rule":"cpp:S112","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","project":"owasp-modsecurity_ModSecurity","hash":"3b1f2a890574162c8ca46215ededa7f6","textRange":{"startLine":110,"endLine":111,"startOffset":14,"endOffset":39},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Define and throw a dedicated exception instead of using a generic one.","effort":"20min","debt":"20min","tags":["cert","cppcoreguidelines","cwe","error-handling"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T21:28:19+0000","updateDate":"2026-04-13T16:21:29+0000","closeDate":"2026-04-13T16:21:29+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"COMPLETE","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"MEDIUM"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ1-doCWXISY38E6Txo6","rule":"cpp:S886","severity":"MINOR","component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","project":"owasp-modsecurity_ModSecurity","hash":"8dfb5dc33b709bded40f2f97205f944a","textRange":{"startLine":123,"endLine":123,"startOffset":4,"endOffset":7},"flows":[{"locations":[{"component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","textRange":{"startLine":132,"endLine":132,"startOffset":41,"endOffset":43},"msg":"Counter \"i\" is modified in the loop body here"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","textRange":{"startLine":137,"endLine":137,"startOffset":54,"endOffset":56},"msg":"Counter \"i\" is modified in the loop body here"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","textRange":{"startLine":142,"endLine":142,"startOffset":50,"endOffset":52},"msg":"Counter \"i\" is modified in the loop body here"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","textRange":{"startLine":147,"endLine":147,"startOffset":43,"endOffset":45},"msg":"Counter \"i\" is modified in the loop body here"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","textRange":{"startLine":154,"endLine":154,"startOffset":53,"endOffset":55},"msg":"Counter \"i\" is modified in the loop body here"}]}],"resolution":"FIXED","status":"CLOSED","message":"Refactor this loop so that it is less error-prone.","effort":"10min","debt":"10min","tags":["based-on-misra"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T21:28:19+0000","updateDate":"2026-04-13T16:21:29+0000","closeDate":"2026-04-13T16:21:29+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CLEAR","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"LOW"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ1-doCWXISY38E6Txo3","rule":"cpp:S6004","severity":"MINOR","component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","project":"owasp-modsecurity_ModSecurity","hash":"593e0804de12cbfc9cadd8351c944f54","textRange":{"startLine":153,"endLine":153,"startOffset":16,"endOffset":39},"flows":[{"locations":[{"component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","textRange":{"startLine":152,"endLine":152,"startOffset":12,"endOffset":54},"msg":"Variable \"output_format\" is declared here."}]}],"resolution":"FIXED","status":"CLOSED","message":"Use the init-statement to declare \"output_format\" inside the if statement.","effort":"2min","debt":"2min","tags":["clumsy","since-c++17"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T21:28:19+0000","updateDate":"2026-04-12T18:35:11+0000","closeDate":"2026-04-12T18:35:11+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CLEAR","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"LOW"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ1-doCWXISY38E6Txo4","rule":"cpp:S6004","severity":"MINOR","component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","project":"owasp-modsecurity_ModSecurity","hash":"a4e0f79acf2ddf85183bda5ea4791e4c","textRange":{"startLine":169,"endLine":169,"startOffset":8,"endOffset":55},"flows":[{"locations":[{"component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","textRange":{"startLine":167,"endLine":168,"startOffset":4,"endOffset":42},"msg":"Variable \"is_invalid_scenario\" is declared here."}]}],"resolution":"FIXED","status":"CLOSED","message":"Use the init-statement to declare \"is_invalid_scenario\" inside the if statement.","effort":"2min","debt":"2min","tags":["clumsy","since-c++17"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T21:28:19+0000","updateDate":"2026-04-12T18:35:11+0000","closeDate":"2026-04-12T18:35:11+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CLEAR","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"LOW"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ1-doCWXISY38E6TxpE","rule":"cpp:S5945","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","project":"owasp-modsecurity_ModSecurity","hash":"749798b19fc915fc7444447a365273c4","textRange":{"startLine":198,"endLine":198,"startOffset":17,"endOffset":42},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Use \"std::array\" or \"std::vector\" instead of a C-style array.","effort":"10min","debt":"10min","tags":["bad-practice","clumsy","cppcoreguidelines"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T21:28:19+0000","updateDate":"2026-04-12T18:35:11+0000","closeDate":"2026-04-12T18:35:11+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"COMPLETE","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"MEDIUM"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ1-doCWXISY38E6TxpF","rule":"cpp:S5945","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","project":"owasp-modsecurity_ModSecurity","hash":"7622a2389a501942c4de6985aa15e34a","textRange":{"startLine":226,"endLine":226,"startOffset":17,"endOffset":45},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Use \"std::array\" or \"std::vector\" instead of a C-style array.","effort":"10min","debt":"10min","tags":["bad-practice","clumsy","cppcoreguidelines"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T21:28:19+0000","updateDate":"2026-04-12T18:35:11+0000","closeDate":"2026-04-12T18:35:11+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"COMPLETE","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"MEDIUM"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ1-doCWXISY38E6TxpG","rule":"cpp:S7127","severity":"CRITICAL","component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","project":"owasp-modsecurity_ModSecurity","hash":"9a66b7b1c7ce7dd26de8f05ada0459ab","textRange":{"startLine":245,"endLine":245,"startOffset":14,"endOffset":66},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Use \"std::size\" to get the size of this array.","effort":"5min","debt":"5min","tags":[],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T21:28:19+0000","updateDate":"2026-04-12T18:35:11+0000","closeDate":"2026-04-12T18:35:11+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CLEAR","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"HIGH"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ1-doCWXISY38E6TxpM","rule":"cpp:S7121","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","project":"owasp-modsecurity_ModSecurity","hash":"e64131ba55f21ed6618f07412d5232cd","textRange":{"startLine":325,"endLine":325,"startOffset":55,"endOffset":77},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Remove this redundant call to \"c_str\" when initializing a const \"std::string\" reference parameter.","effort":"5min","debt":"5min","tags":[],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T21:28:19+0000","updateDate":"2026-04-12T19:25:35+0000","closeDate":"2026-04-12T19:25:35+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"EFFICIENT","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"MEDIUM"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ1-doCWXISY38E6TxpJ","rule":"cpp:S6004","severity":"MINOR","component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","project":"owasp-modsecurity_ModSecurity","hash":"63c7c8b698fb21a576f3f09379fa644b","textRange":{"startLine":359,"endLine":359,"startOffset":12,"endOffset":40},"flows":[{"locations":[{"component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","textRange":{"startLine":356,"endLine":357,"startOffset":8,"endOffset":47},"msg":"Variable \"parse_error\" is declared here."}]}],"resolution":"FIXED","status":"CLOSED","message":"Use the init-statement to declare \"parse_error\" inside the if statement.","effort":"2min","debt":"2min","tags":["clumsy","since-c++17"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T21:28:19+0000","updateDate":"2026-04-12T18:35:11+0000","closeDate":"2026-04-12T18:35:11+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CLEAR","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"LOW"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ1-doCWXISY38E6TxpS","rule":"cpp:S3628","severity":"MINOR","component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","project":"owasp-modsecurity_ModSecurity","hash":"eba61cb37931aaf723847655dd79d024","textRange":{"startLine":385,"endLine":385,"startOffset":17,"endOffset":33},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Convert this string literal to a raw string literal.","effort":"2min","debt":"2min","tags":["since-c++11"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T21:28:19+0000","updateDate":"2026-04-12T18:35:11+0000","closeDate":"2026-04-12T18:35:11+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CLEAR","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"LOW"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ1-doCWXISY38E6TxpT","rule":"cpp:S3628","severity":"MINOR","component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","project":"owasp-modsecurity_ModSecurity","hash":"f03ddacf59e95145298251f69a8403f1","textRange":{"startLine":386,"endLine":386,"startOffset":17,"endOffset":34},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Convert this string literal to a raw string literal.","effort":"2min","debt":"2min","tags":["since-c++11"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T21:28:19+0000","updateDate":"2026-04-12T18:35:11+0000","closeDate":"2026-04-12T18:35:11+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CLEAR","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"LOW"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ1-doCWXISY38E6TxpV","rule":"cpp:S6004","severity":"MINOR","component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","project":"owasp-modsecurity_ModSecurity","hash":"c21b1cc43fde21c96a4a629d4ccff15b","textRange":{"startLine":476,"endLine":476,"startOffset":12,"endOffset":53},"flows":[{"locations":[{"component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","textRange":{"startLine":475,"endLine":475,"startOffset":8,"endOffset":54},"msg":"Variable \"rules_path\" is declared here."}]}],"resolution":"FIXED","status":"CLOSED","message":"Use the init-statement to declare \"rules_path\" inside the if statement.","effort":"2min","debt":"2min","tags":["clumsy","since-c++17"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T21:28:19+0000","updateDate":"2026-04-12T18:35:11+0000","closeDate":"2026-04-12T18:35:11+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CLEAR","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"LOW"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ1-doCWXISY38E6Txo2","rule":"cpp:S112","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","project":"owasp-modsecurity_ModSecurity","hash":"ea413c8fdc6be96e103c98ad7e5b2098","textRange":{"startLine":545,"endLine":546,"startOffset":14,"endOffset":20},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Define and throw a dedicated exception instead of using a generic one.","effort":"20min","debt":"20min","tags":["cert","cppcoreguidelines","cwe","error-handling"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T21:28:19+0000","updateDate":"2026-04-12T20:22:31+0000","closeDate":"2026-04-12T20:22:31+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"COMPLETE","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"MEDIUM"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ1-doCWXISY38E6Txo5","rule":"cpp:S3776","severity":"CRITICAL","component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","project":"owasp-modsecurity_ModSecurity","hash":"9166dd20bcd8fea767a96c282d47937a","textRange":{"startLine":551,"endLine":551,"startOffset":8,"endOffset":20},"flows":[{"locations":[{"component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","textRange":{"startLine":554,"endLine":554,"startOffset":4,"endOffset":7},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","textRange":{"startLine":556,"endLine":556,"startOffset":8,"endOffset":10},"msg":"+2 (incl 1 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","textRange":{"startLine":556,"endLine":556,"startOffset":47,"endOffset":49},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","textRange":{"startLine":559,"endLine":559,"startOffset":10,"endOffset":14},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","textRange":{"startLine":560,"endLine":560,"startOffset":12,"endOffset":14},"msg":"+3 (incl 2 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","textRange":{"startLine":564,"endLine":564,"startOffset":10,"endOffset":14},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","textRange":{"startLine":565,"endLine":565,"startOffset":12,"endOffset":14},"msg":"+3 (incl 2 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","textRange":{"startLine":569,"endLine":569,"startOffset":10,"endOffset":14},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","textRange":{"startLine":570,"endLine":570,"startOffset":12,"endOffset":14},"msg":"+3 (incl 2 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","textRange":{"startLine":574,"endLine":574,"startOffset":10,"endOffset":14},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","textRange":{"startLine":575,"endLine":575,"startOffset":12,"endOffset":14},"msg":"+3 (incl 2 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","textRange":{"startLine":579,"endLine":579,"startOffset":10,"endOffset":14},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","textRange":{"startLine":581,"endLine":581,"startOffset":10,"endOffset":14},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","textRange":{"startLine":582,"endLine":582,"startOffset":12,"endOffset":14},"msg":"+3 (incl 2 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","textRange":{"startLine":585,"endLine":585,"startOffset":12,"endOffset":14},"msg":"+3 (incl 2 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","textRange":{"startLine":591,"endLine":591,"startOffset":10,"endOffset":14},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","textRange":{"startLine":596,"endLine":596,"startOffset":4,"endOffset":6},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","textRange":{"startLine":600,"endLine":600,"startOffset":4,"endOffset":6},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","textRange":{"startLine":601,"endLine":601,"startOffset":12,"endOffset":14},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","textRange":{"startLine":602,"endLine":602,"startOffset":28,"endOffset":30},"msg":"+1"}]}],"resolution":"FIXED","status":"CLOSED","message":"Refactor this function to reduce its Cognitive Complexity from 33 to the 25 allowed.","effort":"13min","debt":"13min","tags":["brain-overload"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T21:28:19+0000","updateDate":"2026-04-12T20:22:31+0000","closeDate":"2026-04-12T20:22:31+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"FOCUSED","cleanCodeAttributeCategory":"ADAPTABLE","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"HIGH"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ1-doCWXISY38E6Txo7","rule":"cpp:S112","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","project":"owasp-modsecurity_ModSecurity","hash":"f50f4abe0aad9357619d8f40ab90942e","textRange":{"startLine":561,"endLine":561,"startOffset":22,"endOffset":72},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Define and throw a dedicated exception instead of using a generic one.","effort":"20min","debt":"20min","tags":["cert","cppcoreguidelines","cwe","error-handling"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T21:28:19+0000","updateDate":"2026-04-12T20:22:31+0000","closeDate":"2026-04-12T20:22:31+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"COMPLETE","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"MEDIUM"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ1-doCWXISY38E6Txo8","rule":"cpp:S112","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","project":"owasp-modsecurity_ModSecurity","hash":"e3471399349b1cc5490c04fc7d6b48f2","textRange":{"startLine":566,"endLine":566,"startOffset":22,"endOffset":74},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Define and throw a dedicated exception instead of using a generic one.","effort":"20min","debt":"20min","tags":["cert","cppcoreguidelines","cwe","error-handling"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T21:28:19+0000","updateDate":"2026-04-12T20:22:31+0000","closeDate":"2026-04-12T20:22:31+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"COMPLETE","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"MEDIUM"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ1-doCWXISY38E6Txo9","rule":"cpp:S112","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","project":"owasp-modsecurity_ModSecurity","hash":"1856f36de8bd602c45f1eadbfc1e3c69","textRange":{"startLine":571,"endLine":571,"startOffset":22,"endOffset":76},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Define and throw a dedicated exception instead of using a generic one.","effort":"20min","debt":"20min","tags":["cert","cppcoreguidelines","cwe","error-handling"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T21:28:19+0000","updateDate":"2026-04-12T20:22:31+0000","closeDate":"2026-04-12T20:22:31+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"COMPLETE","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"MEDIUM"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ1-doCWXISY38E6Txo-","rule":"cpp:S112","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","project":"owasp-modsecurity_ModSecurity","hash":"ccd88162be445be1a7b05ed7b4c9e418","textRange":{"startLine":576,"endLine":576,"startOffset":22,"endOffset":69},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Define and throw a dedicated exception instead of using a generic one.","effort":"20min","debt":"20min","tags":["cert","cppcoreguidelines","cwe","error-handling"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T21:28:19+0000","updateDate":"2026-04-12T20:22:31+0000","closeDate":"2026-04-12T20:22:31+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"COMPLETE","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"MEDIUM"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ1-doCWXISY38E6Txo_","rule":"cpp:S112","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","project":"owasp-modsecurity_ModSecurity","hash":"753e472508d53f54bdf1bd69d53341e6","textRange":{"startLine":583,"endLine":583,"startOffset":22,"endOffset":70},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Define and throw a dedicated exception instead of using a generic one.","effort":"20min","debt":"20min","tags":["cert","cppcoreguidelines","cwe","error-handling"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T21:28:19+0000","updateDate":"2026-04-12T20:22:31+0000","closeDate":"2026-04-12T20:22:31+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"COMPLETE","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"MEDIUM"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ1-doCWXISY38E6TxpA","rule":"cpp:S112","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","project":"owasp-modsecurity_ModSecurity","hash":"4ff8115fbd0e725acac1651381a9c53d","textRange":{"startLine":587,"endLine":588,"startOffset":22,"endOffset":36},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Define and throw a dedicated exception instead of using a generic one.","effort":"20min","debt":"20min","tags":["cert","cppcoreguidelines","cwe","error-handling"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T21:28:19+0000","updateDate":"2026-04-12T20:22:31+0000","closeDate":"2026-04-12T20:22:31+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"COMPLETE","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"MEDIUM"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ1-doCWXISY38E6TxpB","rule":"cpp:S112","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","project":"owasp-modsecurity_ModSecurity","hash":"bba9c6e4416be68334f6626afcfba361","textRange":{"startLine":592,"endLine":592,"startOffset":18,"endOffset":66},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Define and throw a dedicated exception instead of using a generic one.","effort":"20min","debt":"20min","tags":["cert","cppcoreguidelines","cwe","error-handling"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T21:28:19+0000","updateDate":"2026-04-12T20:22:31+0000","closeDate":"2026-04-12T20:22:31+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"COMPLETE","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"MEDIUM"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ1-doCWXISY38E6TxpC","rule":"cpp:S112","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","project":"owasp-modsecurity_ModSecurity","hash":"1aefe6a6de59593fe7bef9dbf30625fa","textRange":{"startLine":597,"endLine":597,"startOffset":14,"endOffset":63},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Define and throw a dedicated exception instead of using a generic one.","effort":"20min","debt":"20min","tags":["cert","cppcoreguidelines","cwe","error-handling"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T21:28:19+0000","updateDate":"2026-04-12T20:22:31+0000","closeDate":"2026-04-12T20:22:31+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"COMPLETE","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"MEDIUM"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ1-doCWXISY38E6TxpD","rule":"cpp:S112","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","project":"owasp-modsecurity_ModSecurity","hash":"cfd0ab3b08d14b7e71006e465347e68b","textRange":{"startLine":603,"endLine":604,"startOffset":14,"endOffset":63},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Define and throw a dedicated exception instead of using a generic one.","effort":"20min","debt":"20min","tags":["cert","cppcoreguidelines","cwe","error-handling"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T21:28:19+0000","updateDate":"2026-04-12T20:22:31+0000","closeDate":"2026-04-12T20:22:31+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"COMPLETE","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"MEDIUM"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ1-doCWXISY38E6TxpH","rule":"cpp:S112","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","project":"owasp-modsecurity_ModSecurity","hash":"366695255c51d989515669ee99c033d2","textRange":{"startLine":733,"endLine":733,"startOffset":10,"endOffset":73},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Define and throw a dedicated exception instead of using a generic one.","effort":"20min","debt":"20min","tags":["cert","cppcoreguidelines","cwe","error-handling"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T21:28:19+0000","updateDate":"2026-04-12T20:22:31+0000","closeDate":"2026-04-12T20:22:31+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"COMPLETE","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"MEDIUM"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ1-doCWXISY38E6TxpI","rule":"cpp:S4998","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","project":"owasp-modsecurity_ModSecurity","hash":"8134bae04600681c7a43f451f7971919","textRange":{"startLine":736,"endLine":736,"startOffset":20,"endOffset":61},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Replace this use of \"unique_ptr\" by a raw pointer or a reference (possibly const).","effort":"1min","debt":"1min","tags":["bad-practice","clumsy","cppcoreguidelines","design","since-c++11"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T21:28:19+0000","updateDate":"2026-04-12T20:22:31+0000","closeDate":"2026-04-12T20:22:31+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CLEAR","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"MEDIUM"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ1-doCWXISY38E6TxpN","rule":"cpp:S112","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","project":"owasp-modsecurity_ModSecurity","hash":"cfd0ab3b08d14b7e71006e465347e68b","textRange":{"startLine":765,"endLine":766,"startOffset":18,"endOffset":69},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Define and throw a dedicated exception instead of using a generic one.","effort":"20min","debt":"20min","tags":["cert","cppcoreguidelines","cwe","error-handling"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T21:28:19+0000","updateDate":"2026-04-12T20:22:31+0000","closeDate":"2026-04-12T20:22:31+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"COMPLETE","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"MEDIUM"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ1-doCWXISY38E6TxpO","rule":"cpp:S112","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","project":"owasp-modsecurity_ModSecurity","hash":"754cfff83189f03f91fa902a6e7ddc79","textRange":{"startLine":771,"endLine":771,"startOffset":18,"endOffset":73},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Define and throw a dedicated exception instead of using a generic one.","effort":"20min","debt":"20min","tags":["cert","cppcoreguidelines","cwe","error-handling"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T21:28:19+0000","updateDate":"2026-04-12T20:22:31+0000","closeDate":"2026-04-12T20:22:31+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"COMPLETE","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"MEDIUM"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ1-doCWXISY38E6TxpP","rule":"cpp:S112","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","project":"owasp-modsecurity_ModSecurity","hash":"cfd0ab3b08d14b7e71006e465347e68b","textRange":{"startLine":782,"endLine":783,"startOffset":18,"endOffset":65},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Define and throw a dedicated exception instead of using a generic one.","effort":"20min","debt":"20min","tags":["cert","cppcoreguidelines","cwe","error-handling"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T21:28:19+0000","updateDate":"2026-04-12T20:22:31+0000","closeDate":"2026-04-12T20:22:31+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"COMPLETE","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"MEDIUM"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ1-doCWXISY38E6TxpQ","rule":"cpp:S112","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","project":"owasp-modsecurity_ModSecurity","hash":"cfd0ab3b08d14b7e71006e465347e68b","textRange":{"startLine":791,"endLine":792,"startOffset":18,"endOffset":69},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Define and throw a dedicated exception instead of using a generic one.","effort":"20min","debt":"20min","tags":["cert","cppcoreguidelines","cwe","error-handling"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T21:28:19+0000","updateDate":"2026-04-12T20:22:31+0000","closeDate":"2026-04-12T20:22:31+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"COMPLETE","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"MEDIUM"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ1-doCHXISY38E6Txor","rule":"shelldre:S7682","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:test/benchmark/run-json-benchmarks.sh","project":"owasp-modsecurity_ModSecurity","hash":"3b33efb42cd9324b98d6b8ba2251b6c9","textRange":{"startLine":5,"endLine":5,"startOffset":0,"endOffset":5},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Add an explicit return statement at the end of the function.","effort":"2min","debt":"2min","tags":["best-practice","clarity","shell"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T21:28:19+0000","updateDate":"2026-04-12T19:25:35+0000","closeDate":"2026-04-12T19:25:35+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"LOGICAL","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"MEDIUM"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ1-doCHXISY38E6Txos","rule":"shelldre:S7688","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:test/benchmark/run-json-benchmarks.sh","project":"owasp-modsecurity_ModSecurity","hash":"8bc1de3aaefcaac1792215cb90a0a67a","textRange":{"startLine":16,"endLine":16,"startOffset":6,"endOffset":7},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Use \u0027[[\u0027 instead of \u0027[\u0027 for conditional tests. The \u0027[[\u0027 construct is safer and more feature-rich.","effort":"2min","debt":"2min","tags":["bash","best-practices","scripting","shell"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T21:28:19+0000","updateDate":"2026-04-12T18:35:11+0000","closeDate":"2026-04-12T18:35:11+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CONVENTIONAL","cleanCodeAttributeCategory":"CONSISTENT","impacts":[{"softwareQuality":"RELIABILITY","severity":"HIGH"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ1-doCHXISY38E6Txot","rule":"shelldre:S7688","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:test/benchmark/run-json-benchmarks.sh","project":"owasp-modsecurity_ModSecurity","hash":"1d1a11eea7537897fbb9c588b8687878","textRange":{"startLine":20,"endLine":20,"startOffset":12,"endOffset":13},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Use \u0027[[\u0027 instead of \u0027[\u0027 for conditional tests. The \u0027[[\u0027 construct is safer and more feature-rich.","effort":"2min","debt":"2min","tags":["bash","best-practices","scripting","shell"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T21:28:19+0000","updateDate":"2026-04-12T18:35:11+0000","closeDate":"2026-04-12T18:35:11+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CONVENTIONAL","cleanCodeAttributeCategory":"CONSISTENT","impacts":[{"softwareQuality":"RELIABILITY","severity":"HIGH"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ1-doCHXISY38E6Txou","rule":"shelldre:S7688","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:test/benchmark/run-json-benchmarks.sh","project":"owasp-modsecurity_ModSecurity","hash":"1d1a11eea7537897fbb9c588b8687878","textRange":{"startLine":25,"endLine":25,"startOffset":12,"endOffset":13},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Use \u0027[[\u0027 instead of \u0027[\u0027 for conditional tests. The \u0027[[\u0027 construct is safer and more feature-rich.","effort":"2min","debt":"2min","tags":["bash","best-practices","scripting","shell"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T21:28:19+0000","updateDate":"2026-04-12T18:35:11+0000","closeDate":"2026-04-12T18:35:11+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CONVENTIONAL","cleanCodeAttributeCategory":"CONSISTENT","impacts":[{"softwareQuality":"RELIABILITY","severity":"HIGH"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ1-doCHXISY38E6Txov","rule":"shelldre:S7688","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:test/benchmark/run-json-benchmarks.sh","project":"owasp-modsecurity_ModSecurity","hash":"e9bff1e73f022a5981b8bddf3916966b","textRange":{"startLine":43,"endLine":43,"startOffset":0,"endOffset":1},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Use \u0027[[\u0027 instead of \u0027[\u0027 for conditional tests. The \u0027[[\u0027 construct is safer and more feature-rich.","effort":"2min","debt":"2min","tags":["bash","best-practices","scripting","shell"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T21:28:19+0000","updateDate":"2026-04-12T18:35:11+0000","closeDate":"2026-04-12T18:35:11+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CONVENTIONAL","cleanCodeAttributeCategory":"CONSISTENT","impacts":[{"softwareQuality":"RELIABILITY","severity":"HIGH"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ1-doCHXISY38E6Txow","rule":"shelldre:S7688","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:test/benchmark/run-json-benchmarks.sh","project":"owasp-modsecurity_ModSecurity","hash":"91e031d27ec786f3ca042728782e73ed","textRange":{"startLine":44,"endLine":44,"startOffset":0,"endOffset":1},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Use \u0027[[\u0027 instead of \u0027[\u0027 for conditional tests. The \u0027[[\u0027 construct is safer and more feature-rich.","effort":"2min","debt":"2min","tags":["bash","best-practices","scripting","shell"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T21:28:19+0000","updateDate":"2026-04-12T18:35:11+0000","closeDate":"2026-04-12T18:35:11+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CONVENTIONAL","cleanCodeAttributeCategory":"CONSISTENT","impacts":[{"softwareQuality":"RELIABILITY","severity":"HIGH"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ1-doCHXISY38E6Txox","rule":"shelldre:S7688","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:test/benchmark/run-json-benchmarks.sh","project":"owasp-modsecurity_ModSecurity","hash":"f82ec7b976708d51a7be09a35a0185ac","textRange":{"startLine":63,"endLine":63,"startOffset":7,"endOffset":8},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Use \u0027[[\u0027 instead of \u0027[\u0027 for conditional tests. The \u0027[[\u0027 construct is safer and more feature-rich.","effort":"2min","debt":"2min","tags":["bash","best-practices","scripting","shell"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T21:28:19+0000","updateDate":"2026-04-12T18:35:11+0000","closeDate":"2026-04-12T18:35:11+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CONVENTIONAL","cleanCodeAttributeCategory":"CONSISTENT","impacts":[{"softwareQuality":"RELIABILITY","severity":"HIGH"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ1-doCHXISY38E6Txoy","rule":"shelldre:S7688","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:test/benchmark/run-json-benchmarks.sh","project":"owasp-modsecurity_ModSecurity","hash":"e1d80d53210bc874c263d9597adcd5ff","textRange":{"startLine":72,"endLine":72,"startOffset":7,"endOffset":8},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Use \u0027[[\u0027 instead of \u0027[\u0027 for conditional tests. The \u0027[[\u0027 construct is safer and more feature-rich.","effort":"2min","debt":"2min","tags":["bash","best-practices","scripting","shell"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T21:28:19+0000","updateDate":"2026-04-12T18:35:11+0000","closeDate":"2026-04-12T18:35:11+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CONVENTIONAL","cleanCodeAttributeCategory":"CONSISTENT","impacts":[{"softwareQuality":"RELIABILITY","severity":"HIGH"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ1-doDkXISY38E6TxpW","rule":"shelldre:S7682","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:test/run-json-backend-matrix.sh","project":"owasp-modsecurity_ModSecurity","hash":"3b33efb42cd9324b98d6b8ba2251b6c9","textRange":{"startLine":5,"endLine":5,"startOffset":0,"endOffset":5},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Add an explicit return statement at the end of the function.","effort":"2min","debt":"2min","tags":["best-practice","clarity","shell"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T21:28:19+0000","updateDate":"2026-04-12T19:25:35+0000","closeDate":"2026-04-12T19:25:35+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"LOGICAL","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"MEDIUM"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ1-doDkXISY38E6TxpX","rule":"shelldre:S7688","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:test/run-json-backend-matrix.sh","project":"owasp-modsecurity_ModSecurity","hash":"8bc1de3aaefcaac1792215cb90a0a67a","textRange":{"startLine":25,"endLine":25,"startOffset":6,"endOffset":7},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Use \u0027[[\u0027 instead of \u0027[\u0027 for conditional tests. The \u0027[[\u0027 construct is safer and more feature-rich.","effort":"2min","debt":"2min","tags":["bash","best-practices","scripting","shell"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T21:28:19+0000","updateDate":"2026-04-12T18:35:11+0000","closeDate":"2026-04-12T18:35:11+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CONVENTIONAL","cleanCodeAttributeCategory":"CONSISTENT","impacts":[{"softwareQuality":"RELIABILITY","severity":"HIGH"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ1-doDkXISY38E6TxpY","rule":"shelldre:S7688","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:test/run-json-backend-matrix.sh","project":"owasp-modsecurity_ModSecurity","hash":"1d1a11eea7537897fbb9c588b8687878","textRange":{"startLine":29,"endLine":29,"startOffset":12,"endOffset":13},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Use \u0027[[\u0027 instead of \u0027[\u0027 for conditional tests. The \u0027[[\u0027 construct is safer and more feature-rich.","effort":"2min","debt":"2min","tags":["bash","best-practices","scripting","shell"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T21:28:19+0000","updateDate":"2026-04-12T18:35:11+0000","closeDate":"2026-04-12T18:35:11+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CONVENTIONAL","cleanCodeAttributeCategory":"CONSISTENT","impacts":[{"softwareQuality":"RELIABILITY","severity":"HIGH"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ1-doDkXISY38E6TxpZ","rule":"shelldre:S7688","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:test/run-json-backend-matrix.sh","project":"owasp-modsecurity_ModSecurity","hash":"1d1a11eea7537897fbb9c588b8687878","textRange":{"startLine":34,"endLine":34,"startOffset":12,"endOffset":13},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Use \u0027[[\u0027 instead of \u0027[\u0027 for conditional tests. The \u0027[[\u0027 construct is safer and more feature-rich.","effort":"2min","debt":"2min","tags":["bash","best-practices","scripting","shell"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T21:28:19+0000","updateDate":"2026-04-12T18:35:11+0000","closeDate":"2026-04-12T18:35:11+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CONVENTIONAL","cleanCodeAttributeCategory":"CONSISTENT","impacts":[{"softwareQuality":"RELIABILITY","severity":"HIGH"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ1-doDkXISY38E6Txpa","rule":"shelldre:S7688","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:test/run-json-backend-matrix.sh","project":"owasp-modsecurity_ModSecurity","hash":"1d1a11eea7537897fbb9c588b8687878","textRange":{"startLine":39,"endLine":39,"startOffset":12,"endOffset":13},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Use \u0027[[\u0027 instead of \u0027[\u0027 for conditional tests. The \u0027[[\u0027 construct is safer and more feature-rich.","effort":"2min","debt":"2min","tags":["bash","best-practices","scripting","shell"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T21:28:19+0000","updateDate":"2026-04-12T18:35:11+0000","closeDate":"2026-04-12T18:35:11+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CONVENTIONAL","cleanCodeAttributeCategory":"CONSISTENT","impacts":[{"softwareQuality":"RELIABILITY","severity":"HIGH"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ1-doDkXISY38E6Txpb","rule":"shelldre:S7688","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:test/run-json-backend-matrix.sh","project":"owasp-modsecurity_ModSecurity","hash":"8cb0f37ce82df9e825a5fcc82090a277","textRange":{"startLine":58,"endLine":58,"startOffset":3,"endOffset":4},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Use \u0027[[\u0027 instead of \u0027[\u0027 for conditional tests. The \u0027[[\u0027 construct is safer and more feature-rich.","effort":"2min","debt":"2min","tags":["bash","best-practices","scripting","shell"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T21:28:19+0000","updateDate":"2026-04-12T18:35:11+0000","closeDate":"2026-04-12T18:35:11+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CONVENTIONAL","cleanCodeAttributeCategory":"CONSISTENT","impacts":[{"softwareQuality":"RELIABILITY","severity":"HIGH"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ1-doDkXISY38E6Txpc","rule":"shelldre:S7682","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:test/run-json-backend-matrix.sh","project":"owasp-modsecurity_ModSecurity","hash":"3727329c257994570179596a51d98124","textRange":{"startLine":69,"endLine":69,"startOffset":0,"endOffset":15},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Add an explicit return statement at the end of the function.","effort":"2min","debt":"2min","tags":["best-practice","clarity","shell"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T21:28:19+0000","updateDate":"2026-04-12T19:25:35+0000","closeDate":"2026-04-12T19:25:35+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"LOGICAL","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"MEDIUM"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ1-doDkXISY38E6Txpd","rule":"shelldre:S7688","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:test/run-json-backend-matrix.sh","project":"owasp-modsecurity_ModSecurity","hash":"49cd34b71e73d12a375ce0d6681d7c12","textRange":{"startLine":90,"endLine":90,"startOffset":7,"endOffset":8},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Use \u0027[[\u0027 instead of \u0027[\u0027 for conditional tests. The \u0027[[\u0027 construct is safer and more feature-rich.","effort":"2min","debt":"2min","tags":["bash","best-practices","scripting","shell"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T21:28:19+0000","updateDate":"2026-04-12T18:35:11+0000","closeDate":"2026-04-12T18:35:11+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CONVENTIONAL","cleanCodeAttributeCategory":"CONSISTENT","impacts":[{"softwareQuality":"RELIABILITY","severity":"HIGH"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ1-doDkXISY38E6Txpe","rule":"shelldre:S7688","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:test/run-json-backend-matrix.sh","project":"owasp-modsecurity_ModSecurity","hash":"7d645176fbd30897f3e98bac76315047","textRange":{"startLine":103,"endLine":103,"startOffset":7,"endOffset":8},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Use \u0027[[\u0027 instead of \u0027[\u0027 for conditional tests. The \u0027[[\u0027 construct is safer and more feature-rich.","effort":"2min","debt":"2min","tags":["bash","best-practices","scripting","shell"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T21:28:19+0000","updateDate":"2026-04-12T18:35:11+0000","closeDate":"2026-04-12T18:35:11+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CONVENTIONAL","cleanCodeAttributeCategory":"CONSISTENT","impacts":[{"softwareQuality":"RELIABILITY","severity":"HIGH"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ1-doDkXISY38E6Txpf","rule":"shelldre:S7688","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:test/run-json-backend-matrix.sh","project":"owasp-modsecurity_ModSecurity","hash":"7c52297257b2a1361304730ba88058e7","textRange":{"startLine":112,"endLine":112,"startOffset":7,"endOffset":8},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Use \u0027[[\u0027 instead of \u0027[\u0027 for conditional tests. The \u0027[[\u0027 construct is safer and more feature-rich.","effort":"2min","debt":"2min","tags":["bash","best-practices","scripting","shell"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T21:28:19+0000","updateDate":"2026-04-12T18:35:11+0000","closeDate":"2026-04-12T18:35:11+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CONVENTIONAL","cleanCodeAttributeCategory":"CONSISTENT","impacts":[{"softwareQuality":"RELIABILITY","severity":"HIGH"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ1-doDkXISY38E6Txpg","rule":"shelldre:S7688","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:test/run-json-backend-matrix.sh","project":"owasp-modsecurity_ModSecurity","hash":"7c52297257b2a1361304730ba88058e7","textRange":{"startLine":121,"endLine":121,"startOffset":7,"endOffset":8},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Use \u0027[[\u0027 instead of \u0027[\u0027 for conditional tests. The \u0027[[\u0027 construct is safer and more feature-rich.","effort":"2min","debt":"2min","tags":["bash","best-practices","scripting","shell"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T21:28:19+0000","updateDate":"2026-04-12T18:35:11+0000","closeDate":"2026-04-12T18:35:11+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CONVENTIONAL","cleanCodeAttributeCategory":"CONSISTENT","impacts":[{"softwareQuality":"RELIABILITY","severity":"HIGH"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ1-doDkXISY38E6Txph","rule":"shelldre:S7688","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:test/run-json-backend-matrix.sh","project":"owasp-modsecurity_ModSecurity","hash":"7c52297257b2a1361304730ba88058e7","textRange":{"startLine":130,"endLine":130,"startOffset":7,"endOffset":8},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Use \u0027[[\u0027 instead of \u0027[\u0027 for conditional tests. The \u0027[[\u0027 construct is safer and more feature-rich.","effort":"2min","debt":"2min","tags":["bash","best-practices","scripting","shell"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T21:28:19+0000","updateDate":"2026-04-12T18:35:11+0000","closeDate":"2026-04-12T18:35:11+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CONVENTIONAL","cleanCodeAttributeCategory":"CONSISTENT","impacts":[{"softwareQuality":"RELIABILITY","severity":"HIGH"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ1-doDkXISY38E6Txpi","rule":"shelldre:S7688","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:test/run-json-backend-matrix.sh","project":"owasp-modsecurity_ModSecurity","hash":"e85b9d8cde607c2368a4fdda40e124fd","textRange":{"startLine":139,"endLine":139,"startOffset":11,"endOffset":12},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Use \u0027[[\u0027 instead of \u0027[\u0027 for conditional tests. The \u0027[[\u0027 construct is safer and more feature-rich.","effort":"2min","debt":"2min","tags":["bash","best-practices","scripting","shell"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T21:28:19+0000","updateDate":"2026-04-12T18:35:11+0000","closeDate":"2026-04-12T18:35:11+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CONVENTIONAL","cleanCodeAttributeCategory":"CONSISTENT","impacts":[{"softwareQuality":"RELIABILITY","severity":"HIGH"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ1-doDkXISY38E6Txpj","rule":"shelldre:S7688","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:test/run-json-backend-matrix.sh","project":"owasp-modsecurity_ModSecurity","hash":"f7ae3249e06afe3981767494ed96343c","textRange":{"startLine":153,"endLine":153,"startOffset":7,"endOffset":8},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Use \u0027[[\u0027 instead of \u0027[\u0027 for conditional tests. The \u0027[[\u0027 construct is safer and more feature-rich.","effort":"2min","debt":"2min","tags":["bash","best-practices","scripting","shell"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T21:28:19+0000","updateDate":"2026-04-12T18:35:11+0000","closeDate":"2026-04-12T18:35:11+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CONVENTIONAL","cleanCodeAttributeCategory":"CONSISTENT","impacts":[{"softwareQuality":"RELIABILITY","severity":"HIGH"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ1-doDkXISY38E6Txpk","rule":"shelldre:S7688","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:test/run-json-backend-matrix.sh","project":"owasp-modsecurity_ModSecurity","hash":"e411e3fab3652da2e2d6ffc725e04c0a","textRange":{"startLine":162,"endLine":162,"startOffset":7,"endOffset":8},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Use \u0027[[\u0027 instead of \u0027[\u0027 for conditional tests. The \u0027[[\u0027 construct is safer and more feature-rich.","effort":"2min","debt":"2min","tags":["bash","best-practices","scripting","shell"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T21:28:19+0000","updateDate":"2026-04-12T18:35:11+0000","closeDate":"2026-04-12T18:35:11+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CONVENTIONAL","cleanCodeAttributeCategory":"CONSISTENT","impacts":[{"softwareQuality":"RELIABILITY","severity":"HIGH"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ1-doDkXISY38E6Txpl","rule":"shelldre:S7688","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:test/run-json-backend-matrix.sh","project":"owasp-modsecurity_ModSecurity","hash":"660324e07ea93da61e40165e7018d560","textRange":{"startLine":200,"endLine":200,"startOffset":3,"endOffset":4},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Use \u0027[[\u0027 instead of \u0027[\u0027 for conditional tests. The \u0027[[\u0027 construct is safer and more feature-rich.","effort":"2min","debt":"2min","tags":["bash","best-practices","scripting","shell"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T21:28:19+0000","updateDate":"2026-04-12T18:35:11+0000","closeDate":"2026-04-12T18:35:11+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CONVENTIONAL","cleanCodeAttributeCategory":"CONSISTENT","impacts":[{"softwareQuality":"RELIABILITY","severity":"HIGH"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QEMSTzC4JOHOn9r","rule":"cpp:S6004","severity":"MINOR","component":"owasp-modsecurity_ModSecurity:src/operators/validate_byte_range.cc","project":"owasp-modsecurity_ModSecurity","hash":"ffde3ec200cf9bd3b4c076cae3c9226e","textRange":{"startLine":152,"endLine":152,"startOffset":12,"endOffset":57},"flows":[{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/operators/validate_byte_range.cc","textRange":{"startLine":148,"endLine":150,"startOffset":8,"endOffset":48},"msg":"Variable \"token\" is declared here."}]}],"resolution":"FIXED","status":"CLOSED","message":"Use the init-statement to declare \"token\" inside the if statement.","effort":"2min","debt":"2min","tags":["clumsy","since-c++17"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T17:37:34+0000","updateDate":"2026-04-12T18:35:11+0000","closeDate":"2026-04-12T18:35:11+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CLEAR","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"LOW"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QGTSTzC4JOHOn-H","rule":"cpp:S3776","severity":"CRITICAL","component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json.cc","project":"owasp-modsecurity_ModSecurity","hash":"aec466b9ff4fcd3af12ba8446d06da1a","textRange":{"startLine":121,"endLine":121,"startOffset":11,"endOffset":19},"flows":[{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json.cc","textRange":{"startLine":122,"endLine":122,"startOffset":4,"endOffset":6},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json.cc","textRange":{"startLine":127,"endLine":127,"startOffset":4,"endOffset":6},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json.cc","textRange":{"startLine":129,"endLine":129,"startOffset":8,"endOffset":10},"msg":"+2 (incl 1 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json.cc","textRange":{"startLine":132,"endLine":132,"startOffset":8,"endOffset":10},"msg":"+2 (incl 1 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json.cc","textRange":{"startLine":133,"endLine":133,"startOffset":12,"endOffset":18},"msg":"+3 (incl 2 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json.cc","textRange":{"startLine":135,"endLine":135,"startOffset":20,"endOffset":22},"msg":"+4 (incl 3 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json.cc","textRange":{"startLine":137,"endLine":137,"startOffset":22,"endOffset":26},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json.cc","textRange":{"startLine":142,"endLine":142,"startOffset":20,"endOffset":22},"msg":"+4 (incl 3 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json.cc","textRange":{"startLine":144,"endLine":144,"startOffset":22,"endOffset":26},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json.cc","textRange":{"startLine":149,"endLine":149,"startOffset":20,"endOffset":22},"msg":"+4 (incl 3 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json.cc","textRange":{"startLine":151,"endLine":151,"startOffset":22,"endOffset":26},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json.cc","textRange":{"startLine":156,"endLine":156,"startOffset":20,"endOffset":22},"msg":"+4 (incl 3 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json.cc","textRange":{"startLine":158,"endLine":158,"startOffset":22,"endOffset":26},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json.cc","textRange":{"startLine":163,"endLine":163,"startOffset":20,"endOffset":22},"msg":"+4 (incl 3 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json.cc","textRange":{"startLine":165,"endLine":165,"startOffset":22,"endOffset":26},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json.cc","textRange":{"startLine":174,"endLine":174,"startOffset":8,"endOffset":10},"msg":"+2 (incl 1 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json.cc","textRange":{"startLine":174,"endLine":174,"startOffset":35,"endOffset":37},"msg":"+1"}]}],"resolution":"FIXED","status":"CLOSED","message":"Refactor this function to reduce its Cognitive Complexity from 37 to the 25 allowed.","effort":"17min","debt":"17min","tags":["brain-overload"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T04:16:01+0000","updateDate":"2026-04-13T17:36:45+0000","closeDate":"2026-04-13T17:36:45+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"FOCUSED","cleanCodeAttributeCategory":"ADAPTABLE","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"HIGH"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QGTSTzC4JOHOn-D","rule":"cpp:S3230","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json.cc","project":"owasp-modsecurity_ModSecurity","hash":"14bc88c80e458da43140d073a3a460ec","textRange":{"startLine":123,"endLine":123,"startOffset":4,"endOffset":14},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Do not use the constructor\u0027s initializer list for data member \"m_data\". Use the in-class initializer instead.","effort":"10min","debt":"10min","tags":["cppcoreguidelines","performance"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T04:16:01+0000","updateDate":"2026-04-14T18:36:40+0000","closeDate":"2026-04-14T18:36:40+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"COMPLETE","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"MEDIUM"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QGTSTzC4JOHOn-G","rule":"cpp:S6004","severity":"MINOR","component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json.cc","project":"owasp-modsecurity_ModSecurity","hash":"f25b6f1d0f3dcbe37a208487789ef9a5","textRange":{"startLine":132,"endLine":132,"startOffset":8,"endOffset":20},"flows":[{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json.cc","textRange":{"startLine":129,"endLine":130,"startOffset":4,"endOffset":43},"msg":"Variable \"result\" is declared here."}]}],"resolution":"FIXED","status":"CLOSED","message":"Use the init-statement to declare \"result\" inside the if statement.","effort":"2min","debt":"2min","tags":["clumsy","since-c++17"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T04:16:01+0000","updateDate":"2026-04-12T18:35:11+0000","closeDate":"2026-04-12T18:35:11+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CLEAR","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"LOW"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QGTSTzC4JOHOn-I","rule":"cpp:S134","severity":"CRITICAL","component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json.cc","project":"owasp-modsecurity_ModSecurity","hash":"6560ae7152c5a3521991dfdc9e56b14b","textRange":{"startLine":135,"endLine":135,"startOffset":20,"endOffset":22},"flows":[{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json.cc","textRange":{"startLine":127,"endLine":127,"startOffset":4,"endOffset":6},"msg":"Nesting level 1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json.cc","textRange":{"startLine":132,"endLine":132,"startOffset":8,"endOffset":10},"msg":"Nesting level 2"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json.cc","textRange":{"startLine":133,"endLine":133,"startOffset":12,"endOffset":18},"msg":"Nesting level 3"}]}],"resolution":"FIXED","status":"CLOSED","message":"Refactor this code to not nest more than 3 if|for|do|while|switch statements.","effort":"10min","debt":"10min","tags":["brain-overload"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T04:16:01+0000","updateDate":"2026-04-13T17:36:45+0000","closeDate":"2026-04-13T17:36:45+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"FOCUSED","cleanCodeAttributeCategory":"ADAPTABLE","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"HIGH"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QGTSTzC4JOHOn-J","rule":"cpp:S134","severity":"CRITICAL","component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json.cc","project":"owasp-modsecurity_ModSecurity","hash":"6560ae7152c5a3521991dfdc9e56b14b","textRange":{"startLine":142,"endLine":142,"startOffset":20,"endOffset":22},"flows":[{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json.cc","textRange":{"startLine":127,"endLine":127,"startOffset":4,"endOffset":6},"msg":"Nesting level 1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json.cc","textRange":{"startLine":132,"endLine":132,"startOffset":8,"endOffset":10},"msg":"Nesting level 2"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json.cc","textRange":{"startLine":133,"endLine":133,"startOffset":12,"endOffset":18},"msg":"Nesting level 3"}]}],"resolution":"FIXED","status":"CLOSED","message":"Refactor this code to not nest more than 3 if|for|do|while|switch statements.","effort":"10min","debt":"10min","tags":["brain-overload"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T04:16:01+0000","updateDate":"2026-04-13T17:36:45+0000","closeDate":"2026-04-13T17:36:45+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"FOCUSED","cleanCodeAttributeCategory":"ADAPTABLE","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"HIGH"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QGTSTzC4JOHOn-K","rule":"cpp:S134","severity":"CRITICAL","component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json.cc","project":"owasp-modsecurity_ModSecurity","hash":"6560ae7152c5a3521991dfdc9e56b14b","textRange":{"startLine":149,"endLine":149,"startOffset":20,"endOffset":22},"flows":[{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json.cc","textRange":{"startLine":127,"endLine":127,"startOffset":4,"endOffset":6},"msg":"Nesting level 1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json.cc","textRange":{"startLine":132,"endLine":132,"startOffset":8,"endOffset":10},"msg":"Nesting level 2"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json.cc","textRange":{"startLine":133,"endLine":133,"startOffset":12,"endOffset":18},"msg":"Nesting level 3"}]}],"resolution":"FIXED","status":"CLOSED","message":"Refactor this code to not nest more than 3 if|for|do|while|switch statements.","effort":"10min","debt":"10min","tags":["brain-overload"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T04:16:01+0000","updateDate":"2026-04-13T17:36:45+0000","closeDate":"2026-04-13T17:36:45+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"FOCUSED","cleanCodeAttributeCategory":"ADAPTABLE","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"HIGH"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QGTSTzC4JOHOn-L","rule":"cpp:S134","severity":"CRITICAL","component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json.cc","project":"owasp-modsecurity_ModSecurity","hash":"6560ae7152c5a3521991dfdc9e56b14b","textRange":{"startLine":156,"endLine":156,"startOffset":20,"endOffset":22},"flows":[{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json.cc","textRange":{"startLine":127,"endLine":127,"startOffset":4,"endOffset":6},"msg":"Nesting level 1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json.cc","textRange":{"startLine":132,"endLine":132,"startOffset":8,"endOffset":10},"msg":"Nesting level 2"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json.cc","textRange":{"startLine":133,"endLine":133,"startOffset":12,"endOffset":18},"msg":"Nesting level 3"}]}],"resolution":"FIXED","status":"CLOSED","message":"Refactor this code to not nest more than 3 if|for|do|while|switch statements.","effort":"10min","debt":"10min","tags":["brain-overload"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T04:16:01+0000","updateDate":"2026-04-13T17:36:45+0000","closeDate":"2026-04-13T17:36:45+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"FOCUSED","cleanCodeAttributeCategory":"ADAPTABLE","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"HIGH"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QGTSTzC4JOHOn-M","rule":"cpp:S134","severity":"CRITICAL","component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json.cc","project":"owasp-modsecurity_ModSecurity","hash":"6560ae7152c5a3521991dfdc9e56b14b","textRange":{"startLine":163,"endLine":163,"startOffset":20,"endOffset":22},"flows":[{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json.cc","textRange":{"startLine":127,"endLine":127,"startOffset":4,"endOffset":6},"msg":"Nesting level 1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json.cc","textRange":{"startLine":132,"endLine":132,"startOffset":8,"endOffset":10},"msg":"Nesting level 2"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json.cc","textRange":{"startLine":133,"endLine":133,"startOffset":12,"endOffset":18},"msg":"Nesting level 3"}]}],"resolution":"FIXED","status":"CLOSED","message":"Refactor this code to not nest more than 3 if|for|do|while|switch statements.","effort":"10min","debt":"10min","tags":["brain-overload"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T04:16:01+0000","updateDate":"2026-04-13T17:36:45+0000","closeDate":"2026-04-13T17:36:45+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"FOCUSED","cleanCodeAttributeCategory":"ADAPTABLE","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"HIGH"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QGTSTzC4JOHOn-E","rule":"cpp:S4144","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json.cc","project":"owasp-modsecurity_ModSecurity","hash":"dee5c45d0c3dcea9e20e6ed5f9aec208","textRange":{"startLine":214,"endLine":214,"startOffset":21,"endOffset":33},"flows":[{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json.cc","textRange":{"startLine":252,"endLine":252,"startOffset":21,"endOffset":34},"msg":"Original implementation"}]}],"resolution":"FIXED","status":"CLOSED","message":"Update this method so that its implementation is not identical to on_end_object.","effort":"15min","debt":"15min","tags":["confusing","duplicate","suspicious"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T04:16:01+0000","updateDate":"2026-04-11T21:29:06+0000","closeDate":"2026-04-11T21:29:06+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"DISTINCT","cleanCodeAttributeCategory":"ADAPTABLE","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"MEDIUM"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QGTSTzC4JOHOn-N","rule":"cpp:S1155","severity":"MINOR","component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json.cc","project":"owasp-modsecurity_ModSecurity","hash":"add4a2d18b4c67022019c0768d7e0904","textRange":{"startLine":222,"endLine":222,"startOffset":8,"endOffset":27},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Use \"empty()\" to check whether the container is empty or not.","effort":"2min","debt":"2min","tags":["clumsy","cppcoreguidelines"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T04:16:01+0000","updateDate":"2026-04-11T21:29:06+0000","closeDate":"2026-04-11T21:29:06+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CLEAR","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"LOW"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QGTSTzC4JOHOn-O","rule":"cpp:S1155","severity":"MINOR","component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json.cc","project":"owasp-modsecurity_ModSecurity","hash":"add4a2d18b4c67022019c0768d7e0904","textRange":{"startLine":261,"endLine":261,"startOffset":8,"endOffset":27},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Use \"empty()\" to check whether the container is empty or not.","effort":"2min","debt":"2min","tags":["clumsy","cppcoreguidelines"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T04:16:01+0000","updateDate":"2026-04-11T21:29:06+0000","closeDate":"2026-04-11T21:29:06+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CLEAR","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"LOW"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QEtSTzC4JOHOn9t","rule":"cpp:S3624","severity":"CRITICAL","component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json.h","project":"owasp-modsecurity_ModSecurity","hash":"bffffd4ac0327819449d6814f977c2bf","textRange":{"startLine":52,"endLine":52,"startOffset":6,"endOffset":10},"flows":[{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json.cc","textRange":{"startLine":86,"endLine":86,"startOffset":6,"endOffset":11},"msg":"User-provided destructor: the class manages resources directly"}]}],"resolution":"FIXED","status":"CLOSED","message":"Customize this class\u0027 copy constructor to participate in resource management. Customize or delete its copy assignment operator. Also consider whether move operations should be customized.","effort":"30min","debt":"30min","tags":["cert","leak","pitfall"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T04:16:01+0000","updateDate":"2026-04-13T17:36:45+0000","closeDate":"2026-04-13T17:36:45+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"COMPLETE","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"HIGH"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QF1STzC4JOHOn9-","rule":"cpp:S5812","severity":"MINOR","component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_adapter.cc","project":"owasp-modsecurity_ModSecurity","hash":"9fd2a21d139fc56c609535d57e960d0c","textRange":{"startLine":22,"endLine":22,"startOffset":10,"endOffset":21},"flows":[{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_adapter.cc","textRange":{"startLine":23,"endLine":23,"startOffset":10,"endOffset":30},"msg":"Nested namespace"}]}],"resolution":"FIXED","status":"CLOSED","message":"Concatenate this namespace with the nested one.","effort":"5min","debt":"5min","tags":["confusing","since-c++17"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T04:16:01+0000","updateDate":"2026-04-12T18:35:11+0000","closeDate":"2026-04-12T18:35:11+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CLEAR","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"LOW"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QF1STzC4JOHOn-A","rule":"cpp:S1172","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_adapter.cc","project":"owasp-modsecurity_ModSecurity","hash":"465255f8b2a9c7700653be79d5e04c2b","textRange":{"startLine":59,"endLine":59,"startOffset":56,"endOffset":63},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Remove the unused parameter \"options\", make it unnamed, or declare it \"[[maybe_unused]]\".","effort":"5min","debt":"5min","tags":["based-on-misra","cert","unused"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T04:16:01+0000","updateDate":"2026-04-12T19:25:35+0000","closeDate":"2026-04-12T19:25:35+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CLEAR","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"MEDIUM"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QF1STzC4JOHOn-B","rule":"cpp:S995","severity":"MINOR","component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_adapter.cc","project":"owasp-modsecurity_ModSecurity","hash":"465255f8b2a9c7700653be79d5e04c2b","textRange":{"startLine":59,"endLine":59,"startOffset":4,"endOffset":23},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Make the type of this parameter a pointer-to-const. The current type of \"sink\" is \"class modsecurity::RequestBodyProcessor::JsonEventSink *\".","effort":"2min","debt":"2min","tags":["bad-practice","misra-c++2008","misra-c2004","misra-c2012"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T04:16:01+0000","updateDate":"2026-04-12T19:48:59+0000","closeDate":"2026-04-12T19:48:59+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CONVENTIONAL","cleanCodeAttributeCategory":"CONSISTENT","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"LOW"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QF1STzC4JOHOn9_","rule":"cpp:S6009","severity":"MINOR","component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_adapter.cc","project":"owasp-modsecurity_ModSecurity","hash":"d6e8142cf3506a5402cc23f1ebaa8e92","textRange":{"startLine":81,"endLine":81,"startOffset":35,"endOffset":59},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Replace this const reference to \"std::string\" by a \"std::string_view\".","effort":"2min","debt":"2min","tags":["since-c++17"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T04:16:01+0000","updateDate":"2026-04-12T19:48:59+0000","closeDate":"2026-04-12T19:48:59+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"EFFICIENT","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"LOW"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QF8STzC4JOHOn-C","rule":"cpp:S5812","severity":"MINOR","component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_adapter.h","project":"owasp-modsecurity_ModSecurity","hash":"9fd2a21d139fc56c609535d57e960d0c","textRange":{"startLine":23,"endLine":23,"startOffset":10,"endOffset":21},"flows":[{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_adapter.h","textRange":{"startLine":24,"endLine":24,"startOffset":10,"endOffset":30},"msg":"Nested namespace"}]}],"resolution":"FIXED","status":"CLOSED","message":"Concatenate this namespace with the nested one.","effort":"5min","debt":"5min","tags":["confusing","since-c++17"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T04:16:01+0000","updateDate":"2026-04-12T18:35:11+0000","closeDate":"2026-04-12T18:35:11+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CLEAR","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"LOW"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QGbSTzC4JOHOn-P","rule":"cpp:S5812","severity":"MINOR","component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend.h","project":"owasp-modsecurity_ModSecurity","hash":"9fd2a21d139fc56c609535d57e960d0c","textRange":{"startLine":22,"endLine":22,"startOffset":10,"endOffset":21},"flows":[{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend.h","textRange":{"startLine":23,"endLine":23,"startOffset":10,"endOffset":30},"msg":"Nested namespace"}]}],"resolution":"FIXED","status":"CLOSED","message":"Concatenate this namespace with the nested one.","effort":"5min","debt":"5min","tags":["confusing","since-c++17"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T04:16:01+0000","updateDate":"2026-04-12T18:35:11+0000","closeDate":"2026-04-12T18:35:11+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CLEAR","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"LOW"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QFsSTzC4JOHOn9v","rule":"cpp:S5812","severity":"MINOR","component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","project":"owasp-modsecurity_ModSecurity","hash":"9fd2a21d139fc56c609535d57e960d0c","textRange":{"startLine":36,"endLine":36,"startOffset":10,"endOffset":21},"flows":[{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":37,"endLine":37,"startOffset":10,"endOffset":30},"msg":"Nested namespace"}]}],"resolution":"FIXED","status":"CLOSED","message":"Concatenate this namespace with the nested one.","effort":"5min","debt":"5min","tags":["confusing","since-c++17"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T04:16:01+0000","updateDate":"2026-04-12T18:35:11+0000","closeDate":"2026-04-12T18:35:11+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CLEAR","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"LOW"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QFsSTzC4JOHOn9w","rule":"cpp:S3776","severity":"CRITICAL","component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","project":"owasp-modsecurity_ModSecurity","hash":"dcb2940e0eb37f88a546ca7d459e9c12","textRange":{"startLine":92,"endLine":92,"startOffset":5,"endOffset":22},"flows":[{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":95,"endLine":95,"startOffset":4,"endOffset":6},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":99,"endLine":99,"startOffset":4,"endOffset":6},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":101,"endLine":101,"startOffset":8,"endOffset":10},"msg":"+2 (incl 1 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":106,"endLine":106,"startOffset":4,"endOffset":6},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":108,"endLine":108,"startOffset":6,"endOffset":10},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":109,"endLine":109,"startOffset":8,"endOffset":10},"msg":"+2 (incl 1 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":109,"endLine":109,"startOffset":35,"endOffset":37},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":112,"endLine":112,"startOffset":8,"endOffset":13},"msg":"+2 (incl 1 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":112,"endLine":112,"startOffset":36,"endOffset":38},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":117,"endLine":117,"startOffset":4,"endOffset":6},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":117,"endLine":117,"startOffset":29,"endOffset":31},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":119,"endLine":119,"startOffset":8,"endOffset":10},"msg":"+2 (incl 1 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":119,"endLine":119,"startOffset":34,"endOffset":36},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":122,"endLine":122,"startOffset":8,"endOffset":13},"msg":"+2 (incl 1 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":122,"endLine":122,"startOffset":36,"endOffset":38},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":127,"endLine":127,"startOffset":4,"endOffset":6},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":127,"endLine":127,"startOffset":29,"endOffset":31},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":127,"endLine":127,"startOffset":53,"endOffset":55},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":129,"endLine":129,"startOffset":8,"endOffset":10},"msg":"+2 (incl 1 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":129,"endLine":129,"startOffset":33,"endOffset":35},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":129,"endLine":129,"startOffset":57,"endOffset":59},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":132,"endLine":132,"startOffset":8,"endOffset":10},"msg":"+2 (incl 1 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":132,"endLine":132,"startOffset":34,"endOffset":36},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":135,"endLine":135,"startOffset":8,"endOffset":13},"msg":"+2 (incl 1 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":135,"endLine":135,"startOffset":36,"endOffset":38},"msg":"+1"}]}],"resolution":"FIXED","status":"CLOSED","message":"Refactor this function to reduce its Cognitive Complexity from 33 to the 25 allowed.","effort":"13min","debt":"13min","tags":["brain-overload"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T04:16:01+0000","updateDate":"2026-04-14T19:11:47+0000","closeDate":"2026-04-14T19:11:47+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"FOCUSED","cleanCodeAttributeCategory":"ADAPTABLE","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"HIGH"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QFsSTzC4JOHOn9z","rule":"cpp:S3776","severity":"CRITICAL","component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","project":"owasp-modsecurity_ModSecurity","hash":"3610fee54fc684860a310e2b5d283c0b","textRange":{"startLine":292,"endLine":292,"startOffset":9,"endOffset":22},"flows":[{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":295,"endLine":295,"startOffset":8,"endOffset":10},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":295,"endLine":295,"startOffset":39,"endOffset":41},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":296,"endLine":296,"startOffset":12,"endOffset":14},"msg":"+2 (incl 1 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":303,"endLine":303,"startOffset":8,"endOffset":13},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":305,"endLine":305,"startOffset":12,"endOffset":14},"msg":"+2 (incl 1 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":306,"endLine":306,"startOffset":16,"endOffset":18},"msg":"+3 (incl 2 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":307,"endLine":307,"startOffset":20,"endOffset":22},"msg":"+4 (incl 3 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":314,"endLine":314,"startOffset":16,"endOffset":18},"msg":"+3 (incl 2 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":315,"endLine":315,"startOffset":20,"endOffset":23},"msg":"+4 (incl 3 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":316,"endLine":316,"startOffset":24,"endOffset":26},"msg":"+5 (incl 4 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":317,"endLine":317,"startOffset":28,"endOffset":30},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":318,"endLine":318,"startOffset":28,"endOffset":30},"msg":"+6 (incl 5 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":329,"endLine":329,"startOffset":12,"endOffset":14},"msg":"+2 (incl 1 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":335,"endLine":335,"startOffset":12,"endOffset":14},"msg":"+2 (incl 1 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":336,"endLine":336,"startOffset":16,"endOffset":18},"msg":"+3 (incl 2 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":343,"endLine":343,"startOffset":8,"endOffset":10},"msg":"+1"}]}],"resolution":"FIXED","status":"CLOSED","message":"Refactor this function to reduce its Cognitive Complexity from 41 to the 25 allowed.","effort":"21min","debt":"21min","tags":["brain-overload"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T04:16:01+0000","updateDate":"2026-04-12T12:37:24+0000","closeDate":"2026-04-12T12:37:24+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"FOCUSED","cleanCodeAttributeCategory":"ADAPTABLE","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"HIGH"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QFsSTzC4JOHOn92","rule":"cpp:S1121","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","project":"owasp-modsecurity_ModSecurity","hash":"fd52ffed15e1432679619977ffac88fd","textRange":{"startLine":304,"endLine":304,"startOffset":43,"endOffset":45},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Extract the assignment from this expression.","effort":"5min","debt":"5min","tags":["based-on-misra","cert","cwe","suspicious"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T04:16:01+0000","updateDate":"2026-04-12T12:37:24+0000","closeDate":"2026-04-12T12:37:24+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CLEAR","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"MEDIUM"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QFsSTzC4JOHOn9x","rule":"cpp:S6004","severity":"MINOR","component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","project":"owasp-modsecurity_ModSecurity","hash":"bc9a8cda9b66ebb1e95321f974fd404b","textRange":{"startLine":309,"endLine":309,"startOffset":16,"endOffset":73},"flows":[{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":308,"endLine":308,"startOffset":12,"endOffset":43},"msg":"Variable \"current\" is declared here."}]}],"resolution":"FIXED","status":"CLOSED","message":"Use the init-statement to declare \"current\" inside the if statement.","effort":"2min","debt":"2min","tags":["clumsy","since-c++17"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T04:16:01+0000","updateDate":"2026-04-12T18:35:11+0000","closeDate":"2026-04-12T18:35:11+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CLEAR","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"LOW"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QFsSTzC4JOHOn93","rule":"cpp:S1121","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","project":"owasp-modsecurity_ModSecurity","hash":"e8cac8f56897079bcd32aba23cc20a6c","textRange":{"startLine":313,"endLine":313,"startOffset":47,"endOffset":49},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Extract the assignment from this expression.","effort":"5min","debt":"5min","tags":["based-on-misra","cert","cwe","suspicious"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T04:16:01+0000","updateDate":"2026-04-12T12:37:24+0000","closeDate":"2026-04-12T12:37:24+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CLEAR","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"MEDIUM"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QFsSTzC4JOHOn94","rule":"cpp:S3776","severity":"CRITICAL","component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","project":"owasp-modsecurity_ModSecurity","hash":"555829077d904b84c1f3b9c7a8c23c06","textRange":{"startLine":349,"endLine":349,"startOffset":9,"endOffset":22},"flows":[{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":352,"endLine":352,"startOffset":8,"endOffset":10},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":352,"endLine":352,"startOffset":38,"endOffset":40},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":356,"endLine":356,"startOffset":8,"endOffset":10},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":357,"endLine":357,"startOffset":12,"endOffset":14},"msg":"+2 (incl 1 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":363,"endLine":363,"startOffset":8,"endOffset":10},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":365,"endLine":365,"startOffset":10,"endOffset":14},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":366,"endLine":366,"startOffset":12,"endOffset":14},"msg":"+2 (incl 1 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":366,"endLine":366,"startOffset":44,"endOffset":46},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":367,"endLine":367,"startOffset":16,"endOffset":18},"msg":"+3 (incl 2 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":372,"endLine":372,"startOffset":12,"endOffset":17},"msg":"+2 (incl 1 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":372,"endLine":372,"startOffset":45,"endOffset":47},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":377,"endLine":377,"startOffset":8,"endOffset":10},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":377,"endLine":377,"startOffset":38,"endOffset":40},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":379,"endLine":379,"startOffset":12,"endOffset":14},"msg":"+2 (incl 1 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":379,"endLine":379,"startOffset":43,"endOffset":45},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":380,"endLine":380,"startOffset":16,"endOffset":18},"msg":"+3 (incl 2 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":385,"endLine":385,"startOffset":12,"endOffset":17},"msg":"+2 (incl 1 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":385,"endLine":385,"startOffset":45,"endOffset":47},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":390,"endLine":390,"startOffset":8,"endOffset":10},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":391,"endLine":391,"startOffset":12,"endOffset":14},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":391,"endLine":391,"startOffset":41,"endOffset":43},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":393,"endLine":393,"startOffset":12,"endOffset":14},"msg":"+2 (incl 1 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":394,"endLine":394,"startOffset":16,"endOffset":18},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":394,"endLine":394,"startOffset":45,"endOffset":47},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":397,"endLine":397,"startOffset":12,"endOffset":14},"msg":"+2 (incl 1 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":397,"endLine":397,"startOffset":43,"endOffset":45},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":398,"endLine":398,"startOffset":16,"endOffset":18},"msg":"+3 (incl 2 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":403,"endLine":403,"startOffset":12,"endOffset":17},"msg":"+2 (incl 1 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":403,"endLine":403,"startOffset":45,"endOffset":47},"msg":"+1"}]}],"resolution":"FIXED","status":"CLOSED","message":"Refactor this function to reduce its Cognitive Complexity from 43 to the 25 allowed.","effort":"23min","debt":"23min","tags":["brain-overload"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T04:16:01+0000","updateDate":"2026-04-12T12:37:24+0000","closeDate":"2026-04-12T12:37:24+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"FOCUSED","cleanCodeAttributeCategory":"ADAPTABLE","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"HIGH"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QFsSTzC4JOHOn90","rule":"cpp:S134","severity":"CRITICAL","component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","project":"owasp-modsecurity_ModSecurity","hash":"aae6bf8f576434ca6c2980989db20871","textRange":{"startLine":365,"endLine":365,"startOffset":20,"endOffset":22},"flows":[{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":360,"endLine":360,"startOffset":8,"endOffset":13},"msg":"Nesting level 1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":363,"endLine":363,"startOffset":12,"endOffset":14},"msg":"Nesting level 2"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":364,"endLine":364,"startOffset":16,"endOffset":18},"msg":"Nesting level 3"}]}],"resolution":"FIXED","status":"CLOSED","message":"Refactor this code to not nest more than 3 if|for|do|while|switch statements.","effort":"10min","debt":"10min","tags":["brain-overload"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T04:16:01+0000","updateDate":"2026-04-14T19:11:47+0000","closeDate":"2026-04-14T19:11:47+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"FOCUSED","cleanCodeAttributeCategory":"ADAPTABLE","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"HIGH"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QFsSTzC4JOHOn91","rule":"cpp:S134","severity":"CRITICAL","component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","project":"owasp-modsecurity_ModSecurity","hash":"1cd9c39b873f94789a52a0645341d99f","textRange":{"startLine":374,"endLine":374,"startOffset":20,"endOffset":23},"flows":[{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":360,"endLine":360,"startOffset":8,"endOffset":13},"msg":"Nesting level 1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":363,"endLine":363,"startOffset":12,"endOffset":14},"msg":"Nesting level 2"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":373,"endLine":373,"startOffset":16,"endOffset":18},"msg":"Nesting level 3"}]}],"resolution":"FIXED","status":"CLOSED","message":"Refactor this code to not nest more than 3 if|for|do|while|switch statements.","effort":"10min","debt":"10min","tags":["brain-overload"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T04:16:01+0000","updateDate":"2026-04-14T19:11:47+0000","closeDate":"2026-04-14T19:11:47+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"FOCUSED","cleanCodeAttributeCategory":"ADAPTABLE","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"HIGH"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QFsSTzC4JOHOn9y","rule":"cpp:S6004","severity":"MINOR","component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","project":"owasp-modsecurity_ModSecurity","hash":"a1fd4a22639898adef25da0e0a5a2066","textRange":{"startLine":386,"endLine":386,"startOffset":20,"endOffset":34},"flows":[{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":385,"endLine":385,"startOffset":16,"endOffset":51},"msg":"Variable \"escaped\" is declared here."}]}],"resolution":"FIXED","status":"CLOSED","message":"Use the init-statement to declare \"escaped\" inside the if statement.","effort":"2min","debt":"2min","tags":["clumsy","since-c++17"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T04:16:01+0000","updateDate":"2026-04-12T18:35:11+0000","closeDate":"2026-04-12T18:35:11+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CLEAR","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"LOW"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QFsSTzC4JOHOn97","rule":"cpp:S6004","severity":"MINOR","component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","project":"owasp-modsecurity_ModSecurity","hash":"a0b143eba146691f3bc7dcfd1bec4c19","textRange":{"startLine":456,"endLine":456,"startOffset":8,"endOffset":63},"flows":[{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":454,"endLine":454,"startOffset":4,"endOffset":27},"msg":"Variable \"sync_detail\" is declared here."}]}],"resolution":"FIXED","status":"CLOSED","message":"Use the init-statement to declare \"sync_detail\" inside the if statement.","effort":"2min","debt":"2min","tags":["clumsy","since-c++17"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T04:16:01+0000","updateDate":"2026-04-12T12:37:24+0000","closeDate":"2026-04-12T12:37:24+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CLEAR","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"LOW"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QFsSTzC4JOHOn96","rule":"cpp:S6009","severity":"MINOR","component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","project":"owasp-modsecurity_ModSecurity","hash":"f397d5e1b9e3c5cc3ceb599137ffece5","textRange":{"startLine":546,"endLine":546,"startOffset":38,"endOffset":62},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Replace this const reference to \"std::string\" by a \"std::string_view\".","effort":"2min","debt":"2min","tags":["since-c++17"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T04:16:01+0000","updateDate":"2026-04-13T17:36:45+0000","closeDate":"2026-04-13T17:36:45+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"EFFICIENT","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"LOW"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QFsSTzC4JOHOn95","rule":"cpp:S6004","severity":"MINOR","component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","project":"owasp-modsecurity_ModSecurity","hash":"67d41ceca3b96d7f1d8ee17616a59563","textRange":{"startLine":551,"endLine":551,"startOffset":8,"endOffset":42},"flows":[{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":549,"endLine":549,"startOffset":4,"endOffset":50},"msg":"Variable \"end\" is declared here."}]}],"resolution":"FIXED","status":"CLOSED","message":"Use the init-statement to declare \"end\" inside the if statement.","effort":"2min","debt":"2min","tags":["clumsy","since-c++17"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T04:16:01+0000","updateDate":"2026-04-12T18:35:11+0000","closeDate":"2026-04-12T18:35:11+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CLEAR","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"LOW"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QFsSTzC4JOHOn98","rule":"cpp:S3776","severity":"CRITICAL","component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","project":"owasp-modsecurity_ModSecurity","hash":"c553fedab9cf633e790989377ca3fd11","textRange":{"startLine":577,"endLine":577,"startOffset":16,"endOffset":25},"flows":[{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":585,"endLine":585,"startOffset":4,"endOffset":10},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":588,"endLine":588,"startOffset":12,"endOffset":14},"msg":"+2 (incl 1 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":594,"endLine":594,"startOffset":12,"endOffset":14},"msg":"+2 (incl 1 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":600,"endLine":600,"startOffset":12,"endOffset":14},"msg":"+2 (incl 1 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":606,"endLine":606,"startOffset":12,"endOffset":14},"msg":"+2 (incl 1 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":612,"endLine":612,"startOffset":12,"endOffset":14},"msg":"+2 (incl 1 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":617,"endLine":617,"startOffset":12,"endOffset":14},"msg":"+2 (incl 1 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":624,"endLine":624,"startOffset":12,"endOffset":14},"msg":"+2 (incl 1 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":627,"endLine":627,"startOffset":12,"endOffset":14},"msg":"+2 (incl 1 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":628,"endLine":628,"startOffset":16,"endOffset":18},"msg":"+3 (incl 2 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":630,"endLine":630,"startOffset":20,"endOffset":22},"msg":"+1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":634,"endLine":634,"startOffset":20,"endOffset":22},"msg":"+4 (incl 3 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":639,"endLine":639,"startOffset":16,"endOffset":18},"msg":"+3 (incl 2 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":648,"endLine":648,"startOffset":16,"endOffset":18},"msg":"+3 (incl 2 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":654,"endLine":654,"startOffset":16,"endOffset":18},"msg":"+3 (incl 2 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":661,"endLine":661,"startOffset":12,"endOffset":14},"msg":"+2 (incl 1 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":668,"endLine":668,"startOffset":12,"endOffset":14},"msg":"+2 (incl 1 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":675,"endLine":675,"startOffset":12,"endOffset":14},"msg":"+2 (incl 1 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":679,"endLine":679,"startOffset":12,"endOffset":14},"msg":"+2 (incl 1 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":688,"endLine":688,"startOffset":12,"endOffset":14},"msg":"+2 (incl 1 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":696,"endLine":696,"startOffset":12,"endOffset":14},"msg":"+2 (incl 1 for nesting)"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":702,"endLine":702,"startOffset":12,"endOffset":14},"msg":"+2 (incl 1 for nesting)"}]}],"resolution":"FIXED","status":"CLOSED","message":"Refactor this function to reduce its Cognitive Complexity from 48 to the 25 allowed.","effort":"28min","debt":"28min","tags":["brain-overload"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T04:16:01+0000","updateDate":"2026-04-13T17:36:45+0000","closeDate":"2026-04-13T17:36:45+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"FOCUSED","cleanCodeAttributeCategory":"ADAPTABLE","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"HIGH"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QFsSTzC4JOHOn99","rule":"cpp:S6004","severity":"MINOR","component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","project":"owasp-modsecurity_ModSecurity","hash":"f25b6f1d0f3dcbe37a208487789ef9a5","textRange":{"startLine":761,"endLine":761,"startOffset":12,"endOffset":24},"flows":[{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":759,"endLine":760,"startOffset":8,"endOffset":47},"msg":"Variable \"result\" is declared here."}]}],"resolution":"FIXED","status":"CLOSED","message":"Use the init-statement to declare \"result\" inside the if statement.","effort":"2min","debt":"2min","tags":["clumsy","since-c++17"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T04:16:01+0000","updateDate":"2026-04-12T18:35:11+0000","closeDate":"2026-04-12T18:35:11+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CLEAR","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"LOW"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QGkSTzC4JOHOn-Q","rule":"cpp:S5812","severity":"MINOR","component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_simdjson.cc","project":"owasp-modsecurity_ModSecurity","hash":"9fd2a21d139fc56c609535d57e960d0c","textRange":{"startLine":32,"endLine":32,"startOffset":10,"endOffset":21},"flows":[{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_simdjson.cc","textRange":{"startLine":33,"endLine":33,"startOffset":10,"endOffset":30},"msg":"Nested namespace"}]}],"resolution":"FIXED","status":"CLOSED","message":"Concatenate this namespace with the nested one.","effort":"5min","debt":"5min","tags":["confusing","since-c++17"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T04:16:01+0000","updateDate":"2026-04-12T18:35:11+0000","closeDate":"2026-04-12T18:35:11+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CLEAR","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"LOW"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QGkSTzC4JOHOn-R","rule":"cpp:S6004","severity":"MINOR","component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_simdjson.cc","project":"owasp-modsecurity_ModSecurity","hash":"548b6737d920837df5c847e8372e3c21","textRange":{"startLine":224,"endLine":224,"startOffset":20,"endOffset":59},"flows":[{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_simdjson.cc","textRange":{"startLine":223,"endLine":223,"startOffset":16,"endOffset":71},"msg":"Variable \"sink_status\" is declared here."}]}],"resolution":"FIXED","status":"CLOSED","message":"Use the init-statement to declare \"sink_status\" inside the if statement.","effort":"2min","debt":"2min","tags":["clumsy","since-c++17"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T04:16:01+0000","updateDate":"2026-04-12T18:35:11+0000","closeDate":"2026-04-12T18:35:11+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CLEAR","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"LOW"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QGkSTzC4JOHOn-S","rule":"cpp:S6004","severity":"MINOR","component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_simdjson.cc","project":"owasp-modsecurity_ModSecurity","hash":"548b6737d920837df5c847e8372e3c21","textRange":{"startLine":238,"endLine":238,"startOffset":20,"endOffset":59},"flows":[{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_simdjson.cc","textRange":{"startLine":236,"endLine":237,"startOffset":16,"endOffset":59},"msg":"Variable \"sink_status\" is declared here."}]}],"resolution":"FIXED","status":"CLOSED","message":"Use the init-statement to declare \"sink_status\" inside the if statement.","effort":"2min","debt":"2min","tags":["clumsy","since-c++17"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T04:16:01+0000","updateDate":"2026-04-12T18:35:11+0000","closeDate":"2026-04-12T18:35:11+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CLEAR","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"LOW"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QGkSTzC4JOHOn-T","rule":"cpp:S6004","severity":"MINOR","component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_simdjson.cc","project":"owasp-modsecurity_ModSecurity","hash":"548b6737d920837df5c847e8372e3c21","textRange":{"startLine":251,"endLine":251,"startOffset":20,"endOffset":59},"flows":[{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_simdjson.cc","textRange":{"startLine":250,"endLine":250,"startOffset":16,"endOffset":78},"msg":"Variable \"sink_status\" is declared here."}]}],"resolution":"FIXED","status":"CLOSED","message":"Use the init-statement to declare \"sink_status\" inside the if statement.","effort":"2min","debt":"2min","tags":["clumsy","since-c++17"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T04:16:01+0000","updateDate":"2026-04-12T18:35:11+0000","closeDate":"2026-04-12T18:35:11+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CLEAR","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"LOW"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QGkSTzC4JOHOn-U","rule":"cpp:S6004","severity":"MINOR","component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_simdjson.cc","project":"owasp-modsecurity_ModSecurity","hash":"548b6737d920837df5c847e8372e3c21","textRange":{"startLine":268,"endLine":268,"startOffset":20,"endOffset":59},"flows":[{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_simdjson.cc","textRange":{"startLine":267,"endLine":267,"startOffset":16,"endOffset":62},"msg":"Variable \"sink_status\" is declared here."}]}],"resolution":"FIXED","status":"CLOSED","message":"Use the init-statement to declare \"sink_status\" inside the if statement.","effort":"2min","debt":"2min","tags":["clumsy","since-c++17"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T04:16:01+0000","updateDate":"2026-04-12T18:35:11+0000","closeDate":"2026-04-12T18:35:11+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CLEAR","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"LOW"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QGkSTzC4JOHOn-V","rule":"cpp:S6004","severity":"MINOR","component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_simdjson.cc","project":"owasp-modsecurity_ModSecurity","hash":"f25b6f1d0f3dcbe37a208487789ef9a5","textRange":{"startLine":290,"endLine":290,"startOffset":12,"endOffset":24},"flows":[{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_simdjson.cc","textRange":{"startLine":289,"endLine":289,"startOffset":8,"endOffset":63},"msg":"Variable \"result\" is declared here."}]}],"resolution":"FIXED","status":"CLOSED","message":"Use the init-statement to declare \"result\" inside the if statement.","effort":"2min","debt":"2min","tags":["clumsy","since-c++17"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T04:16:01+0000","updateDate":"2026-04-12T18:35:11+0000","closeDate":"2026-04-12T18:35:11+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CLEAR","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"LOW"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QGkSTzC4JOHOn-W","rule":"cpp:S6004","severity":"MINOR","component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_simdjson.cc","project":"owasp-modsecurity_ModSecurity","hash":"548b6737d920837df5c847e8372e3c21","textRange":{"startLine":313,"endLine":313,"startOffset":20,"endOffset":59},"flows":[{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_simdjson.cc","textRange":{"startLine":312,"endLine":312,"startOffset":16,"endOffset":62},"msg":"Variable \"sink_status\" is declared here."}]}],"resolution":"FIXED","status":"CLOSED","message":"Use the init-statement to declare \"sink_status\" inside the if statement.","effort":"2min","debt":"2min","tags":["clumsy","since-c++17"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T04:16:01+0000","updateDate":"2026-04-12T18:35:11+0000","closeDate":"2026-04-12T18:35:11+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CLEAR","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"LOW"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QGkSTzC4JOHOn-X","rule":"cpp:S6004","severity":"MINOR","component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_simdjson.cc","project":"owasp-modsecurity_ModSecurity","hash":"f25b6f1d0f3dcbe37a208487789ef9a5","textRange":{"startLine":412,"endLine":412,"startOffset":12,"endOffset":24},"flows":[{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_simdjson.cc","textRange":{"startLine":411,"endLine":411,"startOffset":8,"endOffset":72},"msg":"Variable \"result\" is declared here."}]}],"resolution":"FIXED","status":"CLOSED","message":"Use the init-statement to declare \"result\" inside the if statement.","effort":"2min","debt":"2min","tags":["clumsy","since-c++17"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T04:16:01+0000","updateDate":"2026-04-12T18:35:11+0000","closeDate":"2026-04-12T18:35:11+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CLEAR","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"LOW"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QGkSTzC4JOHOn-Y","rule":"cpp:S6004","severity":"MINOR","component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_simdjson.cc","project":"owasp-modsecurity_ModSecurity","hash":"548b6737d920837df5c847e8372e3c21","textRange":{"startLine":417,"endLine":417,"startOffset":12,"endOffset":51},"flows":[{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_simdjson.cc","textRange":{"startLine":416,"endLine":416,"startOffset":8,"endOffset":63},"msg":"Variable \"sink_status\" is declared here."}]}],"resolution":"FIXED","status":"CLOSED","message":"Use the init-statement to declare \"sink_status\" inside the if statement.","effort":"2min","debt":"2min","tags":["clumsy","since-c++17"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T04:16:01+0000","updateDate":"2026-04-12T18:35:11+0000","closeDate":"2026-04-12T18:35:11+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CLEAR","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"LOW"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QGkSTzC4JOHOn-Z","rule":"cpp:S6004","severity":"MINOR","component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_simdjson.cc","project":"owasp-modsecurity_ModSecurity","hash":"548b6737d920837df5c847e8372e3c21","textRange":{"startLine":429,"endLine":429,"startOffset":12,"endOffset":51},"flows":[{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_simdjson.cc","textRange":{"startLine":427,"endLine":427,"startOffset":8,"endOffset":66},"msg":"Variable \"sink_status\" is declared here."}]}],"resolution":"FIXED","status":"CLOSED","message":"Use the init-statement to declare \"sink_status\" inside the if statement.","effort":"2min","debt":"2min","tags":["clumsy","since-c++17"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T04:16:01+0000","updateDate":"2026-04-12T18:35:11+0000","closeDate":"2026-04-12T18:35:11+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CLEAR","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"LOW"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QGkSTzC4JOHOn-a","rule":"cpp:S6004","severity":"MINOR","component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_simdjson.cc","project":"owasp-modsecurity_ModSecurity","hash":"f25b6f1d0f3dcbe37a208487789ef9a5","textRange":{"startLine":439,"endLine":439,"startOffset":12,"endOffset":24},"flows":[{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_simdjson.cc","textRange":{"startLine":438,"endLine":438,"startOffset":8,"endOffset":76},"msg":"Variable \"result\" is declared here."}]}],"resolution":"FIXED","status":"CLOSED","message":"Use the init-statement to declare \"result\" inside the if statement.","effort":"2min","debt":"2min","tags":["clumsy","since-c++17"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T04:16:01+0000","updateDate":"2026-04-12T18:35:11+0000","closeDate":"2026-04-12T18:35:11+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CLEAR","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"LOW"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QGkSTzC4JOHOn-b","rule":"cpp:S6004","severity":"MINOR","component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_simdjson.cc","project":"owasp-modsecurity_ModSecurity","hash":"548b6737d920837df5c847e8372e3c21","textRange":{"startLine":444,"endLine":444,"startOffset":12,"endOffset":51},"flows":[{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_simdjson.cc","textRange":{"startLine":443,"endLine":443,"startOffset":8,"endOffset":70},"msg":"Variable \"sink_status\" is declared here."}]}],"resolution":"FIXED","status":"CLOSED","message":"Use the init-statement to declare \"sink_status\" inside the if statement.","effort":"2min","debt":"2min","tags":["clumsy","since-c++17"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T04:16:01+0000","updateDate":"2026-04-12T18:35:11+0000","closeDate":"2026-04-12T18:35:11+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CLEAR","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"LOW"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QHkSTzC4JOHOn-c","rule":"cpp:S7121","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:src/transaction.cc","project":"owasp-modsecurity_ModSecurity","hash":"08ce2624c89f9c4c6cbce4eccacd3aa5","textRange":{"startLine":1604,"endLine":1604,"startOffset":45,"endOffset":64},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Remove this redundant call to \"c_str\" when initializing a const \"std::string\" reference parameter.","effort":"5min","debt":"5min","tags":[],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T04:16:01+0000","updateDate":"2026-04-12T19:25:35+0000","closeDate":"2026-04-12T19:25:35+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"EFFICIENT","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"MEDIUM"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QA8STzC4JOHOn9j","rule":"cpp:S5812","severity":"MINOR","component":"owasp-modsecurity_ModSecurity:src/utils/json_writer.cc","project":"owasp-modsecurity_ModSecurity","hash":"9fd2a21d139fc56c609535d57e960d0c","textRange":{"startLine":21,"endLine":21,"startOffset":10,"endOffset":21},"flows":[{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/utils/json_writer.cc","textRange":{"startLine":22,"endLine":22,"startOffset":10,"endOffset":15},"msg":"Nested namespace"}]}],"resolution":"FIXED","status":"CLOSED","message":"Concatenate this namespace with the nested one.","effort":"5min","debt":"5min","tags":["confusing","since-c++17"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T04:16:01+0000","updateDate":"2026-04-12T18:35:11+0000","closeDate":"2026-04-12T18:35:11+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CLEAR","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"LOW"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QA8STzC4JOHOn9h","rule":"cpp:S3230","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:src/utils/json_writer.cc","project":"owasp-modsecurity_ModSecurity","hash":"e9c8503a39058a075c32875884a132ba","textRange":{"startLine":24,"endLine":24,"startOffset":6,"endOffset":16},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Remove this use of the constructor\u0027s initializer list for data member \"m_output\". It is redundant with default initialization behavior.","effort":"10min","debt":"10min","tags":["cppcoreguidelines","performance"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T04:16:01+0000","updateDate":"2026-04-12T19:25:35+0000","closeDate":"2026-04-12T19:25:35+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"COMPLETE","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"MEDIUM"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QA8STzC4JOHOn9i","rule":"cpp:S3230","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:src/utils/json_writer.cc","project":"owasp-modsecurity_ModSecurity","hash":"66d76e767861c37523cdb9ecbdc3683c","textRange":{"startLine":25,"endLine":25,"startOffset":6,"endOffset":15},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Remove this use of the constructor\u0027s initializer list for data member \"m_stack\". It is redundant with default initialization behavior.","effort":"10min","debt":"10min","tags":["cppcoreguidelines","performance"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T04:16:01+0000","updateDate":"2026-04-12T19:25:35+0000","closeDate":"2026-04-12T19:25:35+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"COMPLETE","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"MEDIUM"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QA8STzC4JOHOn9l","rule":"cpp:S3628","severity":"MINOR","component":"owasp-modsecurity_ModSecurity:src/utils/json_writer.cc","project":"owasp-modsecurity_ModSecurity","hash":"a2bca988de668c0315b1e308ad20c147","textRange":{"startLine":164,"endLine":164,"startOffset":32,"endOffset":38},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Convert this string literal to a raw string literal.","effort":"2min","debt":"2min","tags":["since-c++11"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T04:16:01+0000","updateDate":"2026-04-12T18:35:11+0000","closeDate":"2026-04-12T18:35:11+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CLEAR","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"LOW"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QA8STzC4JOHOn9m","rule":"cpp:S3628","severity":"MINOR","component":"owasp-modsecurity_ModSecurity:src/utils/json_writer.cc","project":"owasp-modsecurity_ModSecurity","hash":"dd2ac562d0c3b30ab4ac106ae5a4e7bf","textRange":{"startLine":167,"endLine":167,"startOffset":32,"endOffset":38},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Convert this string literal to a raw string literal.","effort":"2min","debt":"2min","tags":["since-c++11"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T04:16:01+0000","updateDate":"2026-04-12T18:35:11+0000","closeDate":"2026-04-12T18:35:11+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CLEAR","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"LOW"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QD4STzC4JOHOn9p","rule":"cpp:S5812","severity":"MINOR","component":"owasp-modsecurity_ModSecurity:src/utils/json_writer.h","project":"owasp-modsecurity_ModSecurity","hash":"9fd2a21d139fc56c609535d57e960d0c","textRange":{"startLine":24,"endLine":24,"startOffset":10,"endOffset":21},"flows":[{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/utils/json_writer.h","textRange":{"startLine":25,"endLine":25,"startOffset":10,"endOffset":15},"msg":"Nested namespace"}]}],"resolution":"FIXED","status":"CLOSED","message":"Concatenate this namespace with the nested one.","effort":"5min","debt":"5min","tags":["confusing","since-c++17"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T04:16:01+0000","updateDate":"2026-04-12T18:35:11+0000","closeDate":"2026-04-12T18:35:11+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CLEAR","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"LOW"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QIVSTzC4JOHOn-f","rule":"cpp:S5812","severity":"MINOR","component":"owasp-modsecurity_ModSecurity:test/common/json.h","project":"owasp-modsecurity_ModSecurity","hash":"213ed36b4248cce29da30f45b9e6b5f1","textRange":{"startLine":26,"endLine":26,"startOffset":10,"endOffset":26},"flows":[{"locations":[{"component":"owasp-modsecurity_ModSecurity:test/common/json.h","textRange":{"startLine":27,"endLine":27,"startOffset":10,"endOffset":14},"msg":"Nested namespace"}]}],"resolution":"FIXED","status":"CLOSED","message":"Concatenate this namespace with the nested one.","effort":"5min","debt":"5min","tags":["confusing","since-c++17"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T04:16:01+0000","updateDate":"2026-04-12T18:35:11+0000","closeDate":"2026-04-12T18:35:11+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CLEAR","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"LOW"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QI2STzC4JOHOn-s","rule":"cpp:S134","severity":"CRITICAL","component":"owasp-modsecurity_ModSecurity:test/common/modsecurity_test.cc","project":"owasp-modsecurity_ModSecurity","hash":"c472b2a3b4af89e3365e38bef3c61253","textRange":{"startLine":89,"endLine":89,"startOffset":16,"endOffset":18},"flows":[{"locations":[{"component":"owasp-modsecurity_ModSecurity:test/common/modsecurity_test.cc","textRange":{"startLine":68,"endLine":68,"startOffset":4,"endOffset":6},"msg":"Nesting level 1"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:test/common/modsecurity_test.cc","textRange":{"startLine":84,"endLine":84,"startOffset":8,"endOffset":11},"msg":"Nesting level 2"}]},{"locations":[{"component":"owasp-modsecurity_ModSecurity:test/common/modsecurity_test.cc","textRange":{"startLine":86,"endLine":86,"startOffset":12,"endOffset":14},"msg":"Nesting level 3"}]}],"resolution":"FIXED","status":"CLOSED","message":"Refactor this code to not nest more than 3 if|for|do|while|switch statements.","effort":"10min","debt":"10min","tags":["brain-overload"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T04:16:01+0000","updateDate":"2026-04-14T19:11:47+0000","closeDate":"2026-04-14T19:11:47+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"FOCUSED","cleanCodeAttributeCategory":"ADAPTABLE","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"HIGH"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QKvSTzC4JOHOn-x","rule":"cpp:S5415","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:test/regression/regression_test.cc","project":"owasp-modsecurity_ModSecurity","hash":"6315cd4438b958a79102c42e92460a3a","textRange":{"startLine":79,"endLine":79,"startOffset":40,"endOffset":63},"flows":[{"locations":[{"component":"owasp-modsecurity_ModSecurity:test/common/json.h","textRange":{"startLine":241,"endLine":241,"startOffset":16,"endOffset":38},"msg":"const reference parameter."}]}],"resolution":"FIXED","status":"CLOSED","message":"The result of \"std::move\" should not be passed as a const reference.","effort":"10min","debt":"10min","tags":["bad-practice","confusing","cppcoreguidelines","since-c++11","suspicious"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T04:16:01+0000","updateDate":"2026-04-12T19:25:35+0000","closeDate":"2026-04-12T19:25:35+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"LOGICAL","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"MEDIUM"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QKvSTzC4JOHOn-y","rule":"cpp:S5415","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:test/regression/regression_test.cc","project":"owasp-modsecurity_ModSecurity","hash":"6315cd4438b958a79102c42e92460a3a","textRange":{"startLine":219,"endLine":219,"startOffset":40,"endOffset":63},"flows":[{"locations":[{"component":"owasp-modsecurity_ModSecurity:test/common/json.h","textRange":{"startLine":241,"endLine":241,"startOffset":16,"endOffset":38},"msg":"const reference parameter."}]}],"resolution":"FIXED","status":"CLOSED","message":"The result of \"std::move\" should not be passed as a const reference.","effort":"10min","debt":"10min","tags":["bad-practice","confusing","cppcoreguidelines","since-c++11","suspicious"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T04:16:01+0000","updateDate":"2026-04-12T19:25:35+0000","closeDate":"2026-04-12T19:25:35+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"LOGICAL","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"MEDIUM"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QKvSTzC4JOHOn-z","rule":"cpp:S5415","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:test/regression/regression_test.cc","project":"owasp-modsecurity_ModSecurity","hash":"6315cd4438b958a79102c42e92460a3a","textRange":{"startLine":268,"endLine":268,"startOffset":40,"endOffset":63},"flows":[{"locations":[{"component":"owasp-modsecurity_ModSecurity:test/common/json.h","textRange":{"startLine":241,"endLine":241,"startOffset":16,"endOffset":38},"msg":"const reference parameter."}]}],"resolution":"FIXED","status":"CLOSED","message":"The result of \"std::move\" should not be passed as a const reference.","effort":"10min","debt":"10min","tags":["bad-practice","confusing","cppcoreguidelines","since-c++11","suspicious"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T04:16:01+0000","updateDate":"2026-04-12T19:25:35+0000","closeDate":"2026-04-12T19:25:35+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"LOGICAL","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"MEDIUM"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QKvSTzC4JOHOn-0","rule":"cpp:S5415","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:test/regression/regression_test.cc","project":"owasp-modsecurity_ModSecurity","hash":"6315cd4438b958a79102c42e92460a3a","textRange":{"startLine":295,"endLine":295,"startOffset":40,"endOffset":63},"flows":[{"locations":[{"component":"owasp-modsecurity_ModSecurity:test/common/json.h","textRange":{"startLine":241,"endLine":241,"startOffset":16,"endOffset":38},"msg":"const reference parameter."}]}],"resolution":"FIXED","status":"CLOSED","message":"The result of \"std::move\" should not be passed as a const reference.","effort":"10min","debt":"10min","tags":["bad-practice","confusing","cppcoreguidelines","since-c++11","suspicious"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T04:16:01+0000","updateDate":"2026-04-12T19:25:35+0000","closeDate":"2026-04-12T19:25:35+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"LOGICAL","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"MEDIUM"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QKvSTzC4JOHOn-1","rule":"cpp:S5415","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:test/regression/regression_test.cc","project":"owasp-modsecurity_ModSecurity","hash":"6315cd4438b958a79102c42e92460a3a","textRange":{"startLine":323,"endLine":323,"startOffset":40,"endOffset":63},"flows":[{"locations":[{"component":"owasp-modsecurity_ModSecurity:test/common/json.h","textRange":{"startLine":241,"endLine":241,"startOffset":16,"endOffset":38},"msg":"const reference parameter."}]}],"resolution":"FIXED","status":"CLOSED","message":"The result of \"std::move\" should not be passed as a const reference.","effort":"10min","debt":"10min","tags":["bad-practice","confusing","cppcoreguidelines","since-c++11","suspicious"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T04:16:01+0000","updateDate":"2026-04-12T19:25:35+0000","closeDate":"2026-04-12T19:25:35+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"LOGICAL","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"MEDIUM"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QKvSTzC4JOHOn-2","rule":"cpp:S5415","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:test/regression/regression_test.cc","project":"owasp-modsecurity_ModSecurity","hash":"6315cd4438b958a79102c42e92460a3a","textRange":{"startLine":358,"endLine":358,"startOffset":40,"endOffset":63},"flows":[{"locations":[{"component":"owasp-modsecurity_ModSecurity:test/common/json.h","textRange":{"startLine":241,"endLine":241,"startOffset":16,"endOffset":38},"msg":"const reference parameter."}]}],"resolution":"FIXED","status":"CLOSED","message":"The result of \"std::move\" should not be passed as a const reference.","effort":"10min","debt":"10min","tags":["bad-practice","confusing","cppcoreguidelines","since-c++11","suspicious"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T04:16:01+0000","updateDate":"2026-04-12T19:25:35+0000","closeDate":"2026-04-12T19:25:35+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"LOGICAL","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"MEDIUM"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QKvSTzC4JOHOn-3","rule":"cpp:S5415","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:test/regression/regression_test.cc","project":"owasp-modsecurity_ModSecurity","hash":"6315cd4438b958a79102c42e92460a3a","textRange":{"startLine":390,"endLine":390,"startOffset":40,"endOffset":63},"flows":[{"locations":[{"component":"owasp-modsecurity_ModSecurity:test/common/json.h","textRange":{"startLine":241,"endLine":241,"startOffset":16,"endOffset":38},"msg":"const reference parameter."}]}],"resolution":"FIXED","status":"CLOSED","message":"The result of \"std::move\" should not be passed as a const reference.","effort":"10min","debt":"10min","tags":["bad-practice","confusing","cppcoreguidelines","since-c++11","suspicious"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T04:16:01+0000","updateDate":"2026-04-12T19:25:35+0000","closeDate":"2026-04-12T19:25:35+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"LOGICAL","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"MEDIUM"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QKvSTzC4JOHOn-v","rule":"cpp:S5274","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:test/regression/regression_test.cc","project":"owasp-modsecurity_ModSecurity","hash":"a449ec6dd99717d29a30c39d0264a152","textRange":{"startLine":497,"endLine":497,"startOffset":16,"endOffset":19},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"moving a temporary object prevents copy elision","effort":"5min","debt":"5min","tags":["cppcoreguidelines","performance","since-c++11"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T04:16:01+0000","updateDate":"2026-04-12T19:25:35+0000","closeDate":"2026-04-12T19:25:35+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"EFFICIENT","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"MEDIUM"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QKvSTzC4JOHOn-w","rule":"cpp:S5274","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:test/regression/regression_test.cc","project":"owasp-modsecurity_ModSecurity","hash":"2f1f05ba05b942bed940474975d8d93b","textRange":{"startLine":503,"endLine":503,"startOffset":34,"endOffset":37},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"moving a temporary object prevents copy elision","effort":"5min","debt":"5min","tags":["cppcoreguidelines","performance","since-c++11"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T04:16:01+0000","updateDate":"2026-04-12T19:25:35+0000","closeDate":"2026-04-12T19:25:35+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"EFFICIENT","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"MEDIUM"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QKvSTzC4JOHOn-5","rule":"cpp:S1481","severity":"MINOR","component":"owasp-modsecurity_ModSecurity:test/regression/regression_test.cc","project":"owasp-modsecurity_ModSecurity","hash":"c59ab7b4e05d1931875c42c04774f15a","textRange":{"startLine":523,"endLine":523,"startOffset":39,"endOffset":45},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Remove the unused lambda capture \"writer\".","effort":"5min","debt":"5min","tags":["unused"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T04:16:01+0000","updateDate":"2026-04-12T19:25:35+0000","closeDate":"2026-04-12T19:25:35+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CLEAR","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"LOW"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QJKSTzC4JOHOn-t","rule":"cpp:S5415","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:test/unit/unit_test.cc","project":"owasp-modsecurity_ModSecurity","hash":"6315cd4438b958a79102c42e92460a3a","textRange":{"startLine":168,"endLine":168,"startOffset":40,"endOffset":63},"flows":[{"locations":[{"component":"owasp-modsecurity_ModSecurity:test/common/json.h","textRange":{"startLine":241,"endLine":241,"startOffset":16,"endOffset":38},"msg":"const reference parameter."}]}],"resolution":"FIXED","status":"CLOSED","message":"The result of \"std::move\" should not be passed as a const reference.","effort":"10min","debt":"10min","tags":["bad-practice","confusing","cppcoreguidelines","since-c++11","suspicious"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T04:16:01+0000","updateDate":"2026-04-12T19:25:35+0000","closeDate":"2026-04-12T19:25:35+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"LOGICAL","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"MEDIUM"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QJYSTzC4JOHOn-u","rule":"cpp:S836","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:test/unit/unit_test.h","project":"owasp-modsecurity_ModSecurity","hash":"f1ec57ad5aff290665d75befbeb5ef1e","textRange":{"startLine":28,"endLine":28,"startOffset":6,"endOffset":20},"flows":[{"locations":[{"component":"owasp-modsecurity_ModSecurity:test/unit/unit_test.h","textRange":{"startLine":28,"endLine":28,"startOffset":6,"endOffset":20},"msg":"Value assigned to field \u0027ret\u0027 in implicit constructor is garbage or undefined"}]}],"resolution":"FIXED","status":"CLOSED","message":"Value assigned to field \u0027ret\u0027 in implicit constructor is garbage or undefined","effort":"15min","debt":"15min","tags":["based-on-misra","cwe","symbolic-execution"],"transitions":[],"actions":[],"comments":[],"creationDate":"2024-08-13T21:06:23+0000","updateDate":"2026-04-12T13:08:55+0000","closeDate":"2026-04-12T13:08:55+0000","type":"BUG","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"LOGICAL","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"RELIABILITY","severity":"MEDIUM"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QGTSTzC4JOHOn-F","rule":"cpp:S5812","severity":"MINOR","component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json.cc","project":"owasp-modsecurity_ModSecurity","hash":"9fd2a21d139fc56c609535d57e960d0c","textRange":{"startLine":30,"endLine":30,"startOffset":10,"endOffset":21},"flows":[{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json.cc","textRange":{"startLine":31,"endLine":31,"startOffset":10,"endOffset":30},"msg":"Nested namespace"}]}],"resolution":"FIXED","status":"CLOSED","message":"Concatenate this namespace with the nested one.","effort":"5min","debt":"5min","tags":["confusing","since-c++17"],"transitions":[],"actions":[],"comments":[],"creationDate":"2016-06-30T00:55:41+0000","updateDate":"2026-04-12T18:35:11+0000","closeDate":"2026-04-12T18:35:11+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CLEAR","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"LOW"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QEtSTzC4JOHOn9s","rule":"cpp:S5812","severity":"MINOR","component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json.h","project":"owasp-modsecurity_ModSecurity","hash":"9fd2a21d139fc56c609535d57e960d0c","textRange":{"startLine":27,"endLine":27,"startOffset":10,"endOffset":21},"flows":[{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json.h","textRange":{"startLine":28,"endLine":28,"startOffset":10,"endOffset":30},"msg":"Nested namespace"}]}],"resolution":"FIXED","status":"CLOSED","message":"Concatenate this namespace with the nested one.","effort":"5min","debt":"5min","tags":["confusing","since-c++17"],"transitions":[],"actions":[],"comments":[],"creationDate":"2016-06-30T00:55:41+0000","updateDate":"2026-04-12T18:35:11+0000","closeDate":"2026-04-12T18:35:11+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CLEAR","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"LOW"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ1-dn4cXISY38E6Txog","rule":"cpp:S4962","severity":"CRITICAL","component":"owasp-modsecurity_ModSecurity:src/utils/msc_tree.cc","project":"owasp-modsecurity_ModSecurity","hash":"f681cb533cbad91b7b3756679633cfbf","textRange":{"startLine":986,"endLine":986,"startOffset":18,"endOffset":22},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Use the \"nullptr\" literal.","effort":"1min","debt":"1min","tags":["bad-practice","cppcoreguidelines","since-c++11"],"transitions":[],"actions":[],"comments":[],"creationDate":"2016-06-16T03:03:57+0000","updateDate":"2026-04-12T18:35:11+0000","closeDate":"2026-04-12T18:35:11+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CONVENTIONAL","cleanCodeAttributeCategory":"CONSISTENT","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"HIGH"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ1-dn4cXISY38E6Txoi","rule":"cpp:S4962","severity":"CRITICAL","component":"owasp-modsecurity_ModSecurity:src/utils/msc_tree.cc","project":"owasp-modsecurity_ModSecurity","hash":"e719ac61624cec43ea6f602591691ce5","textRange":{"startLine":988,"endLine":988,"startOffset":22,"endOffset":26},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Use the \"nullptr\" literal.","effort":"1min","debt":"1min","tags":["bad-practice","cppcoreguidelines","since-c++11"],"transitions":[],"actions":[],"comments":[],"creationDate":"2016-06-16T03:03:57+0000","updateDate":"2026-04-12T18:35:11+0000","closeDate":"2026-04-12T18:35:11+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CONVENTIONAL","cleanCodeAttributeCategory":"CONSISTENT","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"HIGH"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ1-dn4cXISY38E6Txoj","rule":"cpp:S4962","severity":"CRITICAL","component":"owasp-modsecurity_ModSecurity:src/utils/msc_tree.cc","project":"owasp-modsecurity_ModSecurity","hash":"cb14d82c801816c9480aa36b3ade7baf","textRange":{"startLine":991,"endLine":991,"startOffset":18,"endOffset":22},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Use the \"nullptr\" literal.","effort":"1min","debt":"1min","tags":["bad-practice","cppcoreguidelines","since-c++11"],"transitions":[],"actions":[],"comments":[],"creationDate":"2016-06-16T03:03:57+0000","updateDate":"2026-04-12T18:35:11+0000","closeDate":"2026-04-12T18:35:11+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CONVENTIONAL","cleanCodeAttributeCategory":"CONSISTENT","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"HIGH"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ1-dn4cXISY38E6Txok","rule":"cpp:S4962","severity":"CRITICAL","component":"owasp-modsecurity_ModSecurity:src/utils/msc_tree.cc","project":"owasp-modsecurity_ModSecurity","hash":"d7ec5ee6fcf7b8ca4bdecadf7abf242e","textRange":{"startLine":993,"endLine":993,"startOffset":32,"endOffset":36},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Use the \"nullptr\" literal.","effort":"1min","debt":"1min","tags":["bad-practice","cppcoreguidelines","since-c++11"],"transitions":[],"actions":[],"comments":[],"creationDate":"2016-06-16T03:03:57+0000","updateDate":"2026-04-12T18:35:11+0000","closeDate":"2026-04-12T18:35:11+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CONVENTIONAL","cleanCodeAttributeCategory":"CONSISTENT","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"HIGH"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]},{"key":"AZ1-dn4cXISY38E6Txol","rule":"cpp:S4962","severity":"CRITICAL","component":"owasp-modsecurity_ModSecurity:src/utils/msc_tree.cc","project":"owasp-modsecurity_ModSecurity","hash":"33f8b4048adbc75111b52f2c6bd1a8f1","textRange":{"startLine":1002,"endLine":1002,"startOffset":21,"endOffset":25},"flows":[],"resolution":"FIXED","status":"CLOSED","message":"Use the \"nullptr\" literal.","effort":"1min","debt":"1min","tags":["bad-practice","cppcoreguidelines","since-c++11"],"transitions":[],"actions":[],"comments":[],"creationDate":"2016-06-16T03:03:57+0000","updateDate":"2026-04-12T18:35:11+0000","closeDate":"2026-04-12T18:35:11+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CONVENTIONAL","cleanCodeAttributeCategory":"CONSISTENT","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"HIGH"}],"issueStatus":"FIXED","projectName":"ModSecurity","internalTags":[]}],"components":[{"organization":"owasp-modsecurity","key":"owasp-modsecurity_ModSecurity:src/utils/msc_tree.cc","uuid":"AZ1-dnjOXISY38E6Txgf","enabled":true,"qualifier":"FIL","name":"msc_tree.cc","longName":"src/utils/msc_tree.cc","path":"src/utils/msc_tree.cc","pullRequest":"3540"},{"organization":"owasp-modsecurity","key":"owasp-modsecurity_ModSecurity:src/request_body_processor/json.h","uuid":"AZ190PqISTzC4JOHOn4b","enabled":true,"qualifier":"FIL","name":"json.h","longName":"src/request_body_processor/json.h","path":"src/request_body_processor/json.h","pullRequest":"3540"},{"organization":"owasp-modsecurity","key":"owasp-modsecurity_ModSecurity:test/regression/regression_test.cc","uuid":"AZ190PqJSTzC4JOHOn9B","enabled":true,"qualifier":"FIL","name":"regression_test.cc","longName":"test/regression/regression_test.cc","path":"test/regression/regression_test.cc","pullRequest":"3540"},{"organization":"owasp-modsecurity","key":"owasp-modsecurity_ModSecurity:src/request_body_processor/xml.cc","uuid":"AZ2NS_5A-fxIQtZsdoUD","enabled":true,"qualifier":"FIL","name":"xml.cc","longName":"src/request_body_processor/xml.cc","path":"src/request_body_processor/xml.cc","pullRequest":"3540"},{"organization":"owasp-modsecurity","key":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","uuid":"AZ1-dnjQXISY38E6TxoE","enabled":true,"qualifier":"FIL","name":"json_benchmark.cc","longName":"test/benchmark/json_benchmark.cc","path":"test/benchmark/json_benchmark.cc","pullRequest":"3540"},{"organization":"owasp-modsecurity","key":"owasp-modsecurity_ModSecurity:test/unit/unit_test.cc","uuid":"AZ190PqJSTzC4JOHOn85","enabled":true,"qualifier":"FIL","name":"unit_test.cc","longName":"test/unit/unit_test.cc","path":"test/unit/unit_test.cc","pullRequest":"3540"},{"organization":"owasp-modsecurity","key":"owasp-modsecurity_ModSecurity:test/common/json.h","uuid":"AZ190PqJSTzC4JOHOn8u","enabled":true,"qualifier":"FIL","name":"json.h","longName":"test/common/json.h","path":"test/common/json.h","pullRequest":"3540"},{"organization":"owasp-modsecurity","key":"owasp-modsecurity_ModSecurity:test/benchmark/run-json-benchmarks.sh","uuid":"AZ1-dnjQXISY38E6TxoD","enabled":true,"qualifier":"FIL","name":"run-json-benchmarks.sh","longName":"test/benchmark/run-json-benchmarks.sh","path":"test/benchmark/run-json-benchmarks.sh","pullRequest":"3540"},{"organization":"owasp-modsecurity","key":"owasp-modsecurity_ModSecurity","uuid":"AZ19zODIui8tjlZZYgU6","enabled":true,"qualifier":"TRK","name":"ModSecurity","longName":"ModSecurity","pullRequest":"3540"},{"organization":"owasp-modsecurity","key":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_simdjson.cc","uuid":"AZ190PqISTzC4JOHOn4k","enabled":true,"qualifier":"FIL","name":"json_backend_simdjson.cc","longName":"src/request_body_processor/json_backend_simdjson.cc","path":"src/request_body_processor/json_backend_simdjson.cc","pullRequest":"3540"},{"organization":"owasp-modsecurity","key":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_adapter.cc","uuid":"AZ190PqISTzC4JOHOn4f","enabled":true,"qualifier":"FIL","name":"json_adapter.cc","longName":"src/request_body_processor/json_adapter.cc","path":"src/request_body_processor/json_adapter.cc","pullRequest":"3540"},{"organization":"owasp-modsecurity","key":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","uuid":"AZ190PqISTzC4JOHOn4e","enabled":true,"qualifier":"FIL","name":"json_backend_jsoncons.cc","longName":"src/request_body_processor/json_backend_jsoncons.cc","path":"src/request_body_processor/json_backend_jsoncons.cc","pullRequest":"3540"},{"organization":"owasp-modsecurity","key":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend.h","uuid":"AZ190PqISTzC4JOHOn4j","enabled":true,"qualifier":"FIL","name":"json_backend.h","longName":"src/request_body_processor/json_backend.h","path":"src/request_body_processor/json_backend.h","pullRequest":"3540"},{"organization":"owasp-modsecurity","key":"owasp-modsecurity_ModSecurity:src/request_body_processor/json.cc","uuid":"AZ190PqISTzC4JOHOn4h","enabled":true,"qualifier":"FIL","name":"json.cc","longName":"src/request_body_processor/json.cc","path":"src/request_body_processor/json.cc","pullRequest":"3540"},{"organization":"owasp-modsecurity","key":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_adapter.h","uuid":"AZ190PqISTzC4JOHOn4g","enabled":true,"qualifier":"FIL","name":"json_adapter.h","longName":"src/request_body_processor/json_adapter.h","path":"src/request_body_processor/json_adapter.h","pullRequest":"3540"},{"organization":"owasp-modsecurity","key":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_instrumentation.cc","uuid":"AZ1-dnjPXISY38E6Txj2","enabled":true,"qualifier":"FIL","name":"json_instrumentation.cc","longName":"src/request_body_processor/json_instrumentation.cc","path":"src/request_body_processor/json_instrumentation.cc","pullRequest":"3540"},{"organization":"owasp-modsecurity","key":"owasp-modsecurity_ModSecurity:test/unit/json_backend_depth_tests.cc","uuid":"AZ2CA_aZGCkM6OziEPeP","enabled":true,"qualifier":"FIL","name":"json_backend_depth_tests.cc","longName":"test/unit/json_backend_depth_tests.cc","path":"test/unit/json_backend_depth_tests.cc","pullRequest":"3540"},{"organization":"owasp-modsecurity","key":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_instrumentation.h","uuid":"AZ1-dnjPXISY38E6Txj1","enabled":true,"qualifier":"FIL","name":"json_instrumentation.h","longName":"src/request_body_processor/json_instrumentation.h","path":"src/request_body_processor/json_instrumentation.h","pullRequest":"3540"},{"organization":"owasp-modsecurity","key":"owasp-modsecurity_ModSecurity:src/utils/json_writer.cc","uuid":"AZ190PqHSTzC4JOHOn01","enabled":true,"qualifier":"FIL","name":"json_writer.cc","longName":"src/utils/json_writer.cc","path":"src/utils/json_writer.cc","pullRequest":"3540"},{"organization":"owasp-modsecurity","key":"owasp-modsecurity_ModSecurity:test/common/modsecurity_test.cc","uuid":"AZ190PqJSTzC4JOHOn8z","enabled":true,"qualifier":"FIL","name":"modsecurity_test.cc","longName":"test/common/modsecurity_test.cc","path":"test/common/modsecurity_test.cc","pullRequest":"3540"},{"organization":"owasp-modsecurity","key":"owasp-modsecurity_ModSecurity:src/transaction.cc","uuid":"AZ190PqISTzC4JOHOn4z","enabled":true,"qualifier":"FIL","name":"transaction.cc","longName":"src/transaction.cc","path":"src/transaction.cc","pullRequest":"3540"},{"organization":"owasp-modsecurity","key":"owasp-modsecurity_ModSecurity:test/run-json-backend-matrix.sh","uuid":"AZ1-dnjQXISY38E6TxoI","enabled":true,"qualifier":"FIL","name":"run-json-backend-matrix.sh","longName":"test/run-json-backend-matrix.sh","path":"test/run-json-backend-matrix.sh","pullRequest":"3540"},{"organization":"owasp-modsecurity","key":"owasp-modsecurity_ModSecurity:src/utils/json_writer.h","uuid":"AZ190PqHSTzC4JOHOn06","enabled":true,"qualifier":"FIL","name":"json_writer.h","longName":"src/utils/json_writer.h","path":"src/utils/json_writer.h","pullRequest":"3540"},{"organization":"owasp-modsecurity","key":"owasp-modsecurity_ModSecurity:src/operators/validate_byte_range.cc","uuid":"AZ190PqISTzC4JOHOn3W","enabled":true,"qualifier":"FIL","name":"validate_byte_range.cc","longName":"src/operators/validate_byte_range.cc","path":"src/operators/validate_byte_range.cc","pullRequest":"3540"},{"organization":"owasp-modsecurity","key":"owasp-modsecurity_ModSecurity:test/unit/unit_test.h","uuid":"AZ190PqJSTzC4JOHOn86","enabled":true,"qualifier":"FIL","name":"unit_test.h","longName":"test/unit/unit_test.h","path":"test/unit/unit_test.h","pullRequest":"3540"}],"organizations":[{"key":"owasp-modsecurity","name":"OWASP ModSecurity"}],"rules":[{"key":"cpp:S5827","name":"\"auto\" should be used to avoid repetition of types","lang":"cpp","status":"READY","langName":"C++"},{"key":"cpp:S5945","name":"C-style array should not be used","lang":"cpp","status":"READY","langName":"C++"},{"key":"cpp:S1172","name":"Unused function parameters should be removed","lang":"cpp","status":"READY","langName":"C++"},{"key":"cpp:S5421","name":"Non-const global variables should not be used","lang":"cpp","status":"READY","langName":"C++"},{"key":"cpp:S1155","name":"\"empty()\" should be used to test for emptiness","lang":"cpp","status":"READY","langName":"C++"},{"key":"cpp:S5415","name":"\"std::move\" should only be used where moving can happen","lang":"cpp","status":"READY","langName":"C++"},{"key":"cpp:S3628","name":"Raw string literals should be used","lang":"cpp","status":"READY","langName":"C++"},{"key":"cpp:S995","name":"Pointer and reference parameters should be \"const\" if the corresponding object is not modified","lang":"cpp","status":"READY","langName":"C++"},{"key":"cpp:S4144","name":"Methods should not have identical implementations","lang":"cpp","status":"READY","langName":"C++"},{"key":"shelldre:S7682","name":"Functions should end with explicit return statement","lang":"shell","status":"READY","langName":"Shell"},{"key":"cpp:S134","name":"Control flow statements \"if\", \"for\", \"while\", \"switch\" and \"try\" should not be nested too deeply","lang":"cpp","status":"READY","langName":"C++"},{"key":"shelldre:S7688","name":"Use \"[[\" instead of \"[\" for conditional tests","lang":"shell","status":"READY","langName":"Shell"},{"key":"cpp:S1135","name":"Track uses of \"TODO\" tags","lang":"cpp","status":"READY","langName":"C++"},{"key":"cpp:S3230","name":"Member data should be initialized in-class or in a constructor initialization list","lang":"cpp","status":"READY","langName":"C++"},{"key":"cpp:S6018","name":"Inline variables should be used to declare global variables in header files","lang":"cpp","status":"DEPRECATED","langName":"C++"},{"key":"cpp:S3624","name":"Classes should have regular copy and move semantic","lang":"cpp","status":"READY","langName":"C++"},{"key":"cpp:S4962","name":"\"nullptr\" should be used to denote the null pointer","lang":"cpp","status":"READY","langName":"C++"},{"key":"cpp:S6004","name":"\"if\" and \"switch\" initializer should be used to reduce scope of variables","lang":"cpp","status":"READY","langName":"C++"},{"key":"cpp:S3776","name":"Cognitive Complexity of functions should not be too high","lang":"cpp","status":"READY","langName":"C++"},{"key":"cpp:S6009","name":"\"std::string_view\" should be used to pass a read-only string to a function","lang":"cpp","status":"READY","langName":"C++"},{"key":"cpp:S4998","name":"Function parameters should not be of type \"std::unique_ptr\u003cT\u003e const \u0026\"","lang":"cpp","status":"READY","langName":"C++"},{"key":"cpp:S5817","name":"Member functions that don\u0027t mutate their objects should be declared \"const\"","lang":"cpp","status":"READY","langName":"C++"},{"key":"cpp:S5812","name":"Concise syntax should be used for concatenatable namespaces","lang":"cpp","status":"READY","langName":"C++"},{"key":"cpp:S1121","name":"Assignments should not be made from within conditions","lang":"cpp","status":"READY","langName":"C++"},{"key":"cpp:S112","name":"Generic exceptions should never be thrown","lang":"cpp","status":"READY","langName":"C++"},{"key":"cpp:S886","name":"The three expressions of a \"for\" statement should only be concerned with loop control","lang":"cpp","status":"READY","langName":"C++"},{"key":"cpp:S836","name":"Variables should be initialized before use","lang":"cpp","status":"READY","langName":"C++"},{"key":"cpp:S5274","name":"\"std::move\" should not inhibit optimizations","lang":"cpp","status":"READY","langName":"C++"},{"key":"cpp:S5025","name":"Memory should not be managed manually","lang":"cpp","status":"READY","langName":"C++"},{"key":"cpp:S1481","name":"Unused local variables should be removed","lang":"cpp","status":"READY","langName":"C++"},{"key":"cpp:S1117","name":"Variables should not be shadowed","lang":"cpp","status":"READY","langName":"C++"},{"key":"cpp:S7121","name":"Calls to c_str() should not implicitly recreate strings or string_views","lang":"cpp","status":"READY","langName":"C++"},{"key":"cpp:S7127","name":"\"std::size\" should be used to determine the size of arrays","lang":"cpp","status":"READY","langName":"C++"}],"users":[],"languages":[{"key":"cs","name":"C#"},{"key":"plsql","name":"PL/SQL"},{"key":"java","name":"Java"},{"key":"groovy","name":"Groovy"},{"key":"xml","name":"XML"},{"key":"swift","name":"Swift"},{"key":"c","name":"C"},{"key":"cpp","name":"C++"},{"key":"objc","name":"Objective-C"},{"key":"py","name":"Python"},{"key":"ipynb","name":"IPython Notebooks"},{"key":"vbnet","name":"VB.NET"},{"key":"vb","name":"Vb"},{"key":"apex","name":"Apex"},{"key":"js","name":"JavaScript"},{"key":"ts","name":"TypeScript"},{"key":"css","name":"CSS"},{"key":"abap","name":"ABAP"},{"key":"terraform","name":"Terraform"},{"key":"cloudformation","name":"CloudFormation"},{"key":"kubernetes","name":"Kubernetes"},{"key":"docker","name":"Docker"},{"key":"azureresourcemanager","name":"Azure Resource Manager"},{"key":"yaml","name":"YAML"},{"key":"json","name":"JSON"},{"key":"ansible","name":"Ansible"},{"key":"githubactions","name":"GitHub Actions"},{"key":"azurepipelines","name":"Azure Pipelines"},{"key":"shell","name":"Shell"},{"key":"scala","name":"Scala"},{"key":"dart","name":"Dart"},{"key":"rust","name":"Rust"},{"key":"jcl","name":"JCL"},{"key":"web","name":"HTML"},{"key":"jsp","name":"JSP"},{"key":"flex","name":"Flex"},{"key":"go","name":"Go"},{"key":"rpg","name":"RPG"},{"key":"kotlin","name":"Kotlin"},{"key":"pli","name":"PL/I"},{"key":"tsql","name":"T-SQL"},{"key":"ruby","name":"Ruby"},{"key":"secrets","name":"Secrets"},{"key":"text","name":"Text"},{"key":"cobol","name":"COBOL"},{"key":"php","name":"PHP"}],"facets":[]} \ No newline at end of file diff --git a/analysis/pr3540_issues_open.json b/analysis/pr3540_issues_open.json new file mode 100644 index 0000000000..6307c2bd93 --- /dev/null +++ b/analysis/pr3540_issues_open.json @@ -0,0 +1 @@ +{"total":34,"p":1,"ps":500,"paging":{"pageIndex":1,"pageSize":500,"total":34},"effortTotal":249,"debtTotal":249,"issues":[{"key":"AZ2NbA47JpYMQiJwV1lh","rule":"cpp:S1066","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:src/request_body_processor/xml.cc","project":"owasp-modsecurity_ModSecurity","line":331,"hash":"828ec5128b85f17af532cdf9a6c9c7b9","textRange":{"startLine":331,"endLine":331,"startOffset":12,"endOffset":14},"flows":[{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/xml.cc","textRange":{"startLine":322,"endLine":322,"startOffset":8,"endOffset":10},"msg":"Enclosing \"if\" statement"}]}],"status":"OPEN","message":"Merge this \"if\" statement with the enclosing one.","effort":"5min","debt":"5min","tags":["clumsy"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-14T19:11:47+0000","updateDate":"2026-04-14T19:11:47+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CLEAR","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"MEDIUM"}],"issueStatus":"OPEN","projectName":"ModSecurity","internalTags":[]},{"key":"AZ2H7l4Bym_e-6l8FQml","rule":"cpp:S6009","severity":"MINOR","component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json.cc","project":"owasp-modsecurity_ModSecurity","line":42,"hash":"83f94b0215aff169bf5a529d59771611","textRange":{"startLine":42,"endLine":42,"startOffset":4,"endOffset":29},"flows":[],"status":"OPEN","message":"Replace this const reference to \"std::string\" by a \"std::string_view\".","effort":"2min","debt":"2min","tags":["since-c++17"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-13T17:36:45+0000","updateDate":"2026-04-13T17:36:45+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"EFFICIENT","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"LOW"}],"issueStatus":"OPEN","projectName":"ModSecurity","internalTags":[]},{"key":"AZ2H7l3vym_e-6l8FQmj","rule":"cpp:S6024","severity":"MINOR","component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_adapter.cc","project":"owasp-modsecurity_ModSecurity","line":56,"hash":"7e6ae4c73308c178c0cff63f78cf446a","textRange":{"startLine":56,"endLine":56,"startOffset":10,"endOffset":28},"flows":[{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_adapter.cc","textRange":{"startLine":64,"endLine":64,"startOffset":8,"endOffset":19},"msg":"Use free function \"std::empty\""}]}],"status":"OPEN","message":"Prefer free functions over member functions when handling objects of generic type \"InputType\".","effort":"2min","debt":"2min","tags":["clumsy","since-c++11"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-13T17:36:45+0000","updateDate":"2026-04-13T17:36:45+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"MODULAR","cleanCodeAttributeCategory":"ADAPTABLE","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"LOW"}],"issueStatus":"OPEN","projectName":"ModSecurity","internalTags":[]},{"key":"AZ2H7l3vym_e-6l8FQmk","rule":"cpp:S995","severity":"MINOR","component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_adapter.cc","project":"owasp-modsecurity_ModSecurity","line":57,"hash":"93a612b2d52be41e26423b16146c4796","textRange":{"startLine":57,"endLine":57,"startOffset":50,"endOffset":69},"flows":[],"status":"OPEN","message":"Make the type of this parameter a pointer-to-const. The current type of \"sink\" is \"class modsecurity::RequestBodyProcessor::JsonEventSink *\".","effort":"2min","debt":"2min","tags":["bad-practice","misra-c++2008","misra-c2004","misra-c2012"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-13T17:36:45+0000","updateDate":"2026-04-13T17:36:45+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CONVENTIONAL","cleanCodeAttributeCategory":"CONSISTENT","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"LOW"}],"issueStatus":"OPEN","projectName":"ModSecurity","internalTags":[]},{"key":"AZ2H7l3jym_e-6l8FQmi","rule":"cpp:S6004","severity":"MINOR","component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","project":"owasp-modsecurity_ModSecurity","line":623,"hash":"d8340d293940b8eb342ebc2819286dd2","textRange":{"startLine":623,"endLine":623,"startOffset":8,"endOffset":71},"flows":[{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","textRange":{"startLine":622,"endLine":622,"startOffset":4,"endOffset":27},"msg":"Variable \"sync_detail\" is declared here."}]}],"status":"OPEN","message":"Use the init-statement to declare \"sync_detail\" inside the if statement.","effort":"2min","debt":"2min","tags":["clumsy","since-c++17"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-13T17:36:45+0000","updateDate":"2026-04-13T17:36:45+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CLEAR","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"LOW"}],"issueStatus":"OPEN","projectName":"ModSecurity","internalTags":[]},{"key":"AZ2HqeBsWym3B0O6okyS","rule":"cpp:S5952","severity":"MINOR","component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","project":"owasp-modsecurity_ModSecurity","line":71,"hash":"8143d3621f0062e144742086e66dfdc8","textRange":{"startLine":71,"endLine":71,"startOffset":6,"endOffset":24},"flows":[{"locations":[{"component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","textRange":{"startLine":73,"endLine":73,"startOffset":13,"endOffset":31},"msg":"Removable constructor"},{"component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","textRange":{"startLine":71,"endLine":71,"startOffset":6,"endOffset":24},"msg":"The derived class"}]}],"status":"OPEN","message":"Add a using-declaration to this derived class to inherit the constructors of \"runtime_error\", and remove the ones you manually duplicated. Note that this may add other constructors to your derived class.","effort":"5min","debt":"5min","tags":["clumsy","cppcoreguidelines","since-c++11"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-13T16:21:29+0000","updateDate":"2026-04-13T16:21:29+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CLEAR","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"LOW"}],"issueStatus":"OPEN","projectName":"ModSecurity","internalTags":[]},{"key":"AZ2HqeBsWym3B0O6okyT","rule":"cpp:S6004","severity":"MINOR","component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","project":"owasp-modsecurity_ModSecurity","line":144,"hash":"b7d78fb68f8e153c83986ceb21eeaac4","textRange":{"startLine":144,"endLine":144,"startOffset":12,"endOffset":69},"flows":[{"locations":[{"component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","textRange":{"startLine":143,"endLine":143,"startOffset":8,"endOffset":42},"msg":"Variable \"current\" is declared here."}]}],"status":"OPEN","message":"Use the init-statement to declare \"current\" inside the if statement.","effort":"2min","debt":"2min","tags":["clumsy","since-c++17"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-13T16:21:29+0000","updateDate":"2026-04-13T16:21:29+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CLEAR","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"LOW"}],"issueStatus":"OPEN","projectName":"ModSecurity","internalTags":[]},{"key":"AZ2DWE24t-zbsGOGdN_K","rule":"cpp:S4998","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","project":"owasp-modsecurity_ModSecurity","line":316,"hash":"8134bae04600681c7a43f451f7971919","textRange":{"startLine":316,"endLine":316,"startOffset":20,"endOffset":61},"flows":[],"status":"OPEN","message":"Replace this use of \"unique_ptr\" by a raw pointer or a reference (possibly const).","effort":"1min","debt":"1min","tags":["bad-practice","clumsy","cppcoreguidelines","design","since-c++11"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-12T20:14:00+0000","updateDate":"2026-04-12T20:14:00+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CLEAR","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"MEDIUM"}],"issueStatus":"OPEN","projectName":"ModSecurity","internalTags":[]},{"key":"AZ2DVDgODPiZK5yPV1-J","rule":"cpp:S1188","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:test/regression/regression_test.cc","project":"owasp-modsecurity_ModSecurity","line":235,"hash":"3d4c4f43c83874298c98736646457cbd","textRange":{"startLine":235,"endLine":235,"startOffset":31,"endOffset":38},"flows":[{"locations":[{"component":"owasp-modsecurity_ModSecurity:test/regression/regression_test.cc","textRange":{"startLine":256,"endLine":258,"startOffset":12,"endOffset":5}}]}],"status":"OPEN","message":"This lambda has 23 lines, which is greater than the 20 lines authorized. Split it into several lambdas or functions, or make it a named function.","effort":"20min","debt":"20min","tags":["since-c++11"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-12T20:09:39+0000","updateDate":"2026-04-12T20:09:39+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"FOCUSED","cleanCodeAttributeCategory":"ADAPTABLE","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"MEDIUM"}],"issueStatus":"OPEN","projectName":"ModSecurity","internalTags":[]},{"key":"AZ2CBI6Kkud7vHWq0tqj","rule":"cpp:S6022","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:src/operators/validate_byte_range.cc","project":"owasp-modsecurity_ModSecurity","line":157,"hash":"62e98b4d860d5e19e51aa4828b5f07e1","textRange":{"startLine":157,"endLine":157,"startOffset":23,"endOffset":36},"flows":[],"status":"OPEN","message":"Use \"std::byte\" for byte-oriented data manipulation.","effort":"5min","debt":"5min","tags":["clumsy","pitfall","since-c++17"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-12T14:03:03+0000","updateDate":"2026-04-12T14:03:03+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CLEAR","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"MEDIUM"}],"issueStatus":"OPEN","projectName":"ModSecurity","internalTags":[]},{"key":"AZ2CA_xuGCkM6OziEPeu","rule":"cpp:S4144","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:test/unit/json_backend_depth_tests.cc","project":"owasp-modsecurity_ModSecurity","line":50,"hash":"6040313afc9ece968a767d8619fc7a90","textRange":{"startLine":50,"endLine":50,"startOffset":19,"endOffset":28},"flows":[{"locations":[{"component":"owasp-modsecurity_ModSecurity:test/unit/json_backend_depth_tests.cc","textRange":{"startLine":45,"endLine":45,"startOffset":19,"endOffset":25},"msg":"Original implementation"}]}],"status":"OPEN","message":"Update this method so that its implementation is not identical to on_key.","effort":"15min","debt":"15min","tags":["confusing","duplicate","suspicious"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-12T14:01:45+0000","updateDate":"2026-04-12T14:02:28+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"DISTINCT","cleanCodeAttributeCategory":"ADAPTABLE","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"MEDIUM"}],"issueStatus":"OPEN","projectName":"ModSecurity","internalTags":[]},{"key":"AZ1-doCWXISY38E6TxpK","rule":"cpp:S6009","severity":"MINOR","component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","project":"owasp-modsecurity_ModSecurity","line":321,"hash":"6107faec1fbb4544f480196c4eb65fd3","textRange":{"startLine":321,"endLine":321,"startOffset":34,"endOffset":57},"flows":[],"status":"OPEN","message":"Replace this const reference to \"std::string\" by a \"std::string_view\".","effort":"2min","debt":"2min","tags":["since-c++17"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T21:28:19+0000","updateDate":"2026-04-11T21:29:06+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"EFFICIENT","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"LOW"}],"issueStatus":"OPEN","projectName":"ModSecurity","internalTags":[]},{"key":"AZ1-doCWXISY38E6TxpR","rule":"cpp:S6009","severity":"MINOR","component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","project":"owasp-modsecurity_ModSecurity","line":419,"hash":"06228169fdda788d3ce665d5bc73b3f1","textRange":{"startLine":419,"endLine":419,"startOffset":39,"endOffset":62},"flows":[],"status":"OPEN","message":"Replace this const reference to \"std::string\" by a \"std::string_view\".","effort":"2min","debt":"2min","tags":["since-c++17"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T21:28:19+0000","updateDate":"2026-04-11T21:29:06+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"EFFICIENT","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"LOW"}],"issueStatus":"OPEN","projectName":"ModSecurity","internalTags":[]},{"key":"AZ1-doCWXISY38E6TxpU","rule":"cpp:S6009","severity":"MINOR","component":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","project":"owasp-modsecurity_ModSecurity","line":486,"hash":"b5f786438b57dd46b8fb35512c496b1b","textRange":{"startLine":486,"endLine":486,"startOffset":48,"endOffset":71},"flows":[],"status":"OPEN","message":"Replace this const reference to \"std::string\" by a \"std::string_view\".","effort":"2min","debt":"2min","tags":["since-c++17"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T21:28:19+0000","updateDate":"2026-04-11T21:29:06+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"EFFICIENT","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"LOW"}],"issueStatus":"OPEN","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QEMSTzC4JOHOn9q","rule":"cpp:S6022","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:src/operators/validate_byte_range.cc","project":"owasp-modsecurity_ModSecurity","line":73,"hash":"64855354d1aded43f15813cdb8108f2e","textRange":{"startLine":73,"endLine":74,"startOffset":28,"endOffset":57},"flows":[],"status":"OPEN","message":"Use \"std::byte\" for byte-oriented data manipulation.","effort":"5min","debt":"5min","tags":["clumsy","pitfall","since-c++17"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T17:37:34+0000","updateDate":"2026-04-11T18:28:24+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CLEAR","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"MEDIUM"}],"issueStatus":"OPEN","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QFsSTzC4JOHOn9u","rule":"cpp:S3562","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","project":"owasp-modsecurity_ModSecurity","line":220,"hash":"e7d7790353500a9dfc42c582675b2eaf","textRange":{"startLine":220,"endLine":220,"startOffset":16,"endOffset":34},"flows":[],"status":"OPEN","message":"4 enumeration values not handled in switch: \u0027int64_value\u0027, \u0027uint64_value\u0027, \u0027half_value\u0027...","effort":"10min","debt":"10min","tags":["suspicious"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T04:16:01+0000","updateDate":"2026-04-11T18:28:24+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"COMPLETE","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"MEDIUM"}],"issueStatus":"OPEN","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QA8STzC4JOHOn9k","rule":"cpp:S5945","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:src/utils/json_writer.cc","project":"owasp-modsecurity_ModSecurity","line":156,"hash":"9b2560feaabbd666a6a43ef42c8b8993","textRange":{"startLine":156,"endLine":156,"startOffset":4,"endOffset":25},"flows":[],"status":"OPEN","message":"Use \"std::string\" instead of a C-style char array.","effort":"10min","debt":"10min","tags":["bad-practice","clumsy","cppcoreguidelines"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T04:16:01+0000","updateDate":"2026-04-11T18:28:24+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"COMPLETE","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"MEDIUM"}],"issueStatus":"OPEN","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QA8STzC4JOHOn9n","rule":"cpp:S6022","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:src/utils/json_writer.cc","project":"owasp-modsecurity_ModSecurity","line":184,"hash":"8eae5c071d3a05848725e4eb6a475e4d","textRange":{"startLine":184,"endLine":184,"startOffset":46,"endOffset":52},"flows":[],"status":"OPEN","message":"Use \"std::byte\" for byte-oriented data manipulation.","effort":"5min","debt":"5min","tags":["clumsy","pitfall","since-c++17"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T04:16:01+0000","updateDate":"2026-04-11T18:28:24+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CLEAR","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"MEDIUM"}],"issueStatus":"OPEN","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QA8STzC4JOHOn9o","rule":"cpp:S6022","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:src/utils/json_writer.cc","project":"owasp-modsecurity_ModSecurity","line":185,"hash":"858c40a31d2fd35d5e53b0a0479a32cc","textRange":{"startLine":185,"endLine":185,"startOffset":45,"endOffset":53},"flows":[],"status":"OPEN","message":"Use \"std::byte\" for byte-oriented data manipulation.","effort":"5min","debt":"5min","tags":["clumsy","pitfall","since-c++17"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T04:16:01+0000","updateDate":"2026-04-11T18:28:24+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CLEAR","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"MEDIUM"}],"issueStatus":"OPEN","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QIVSTzC4JOHOn-g","rule":"cpp:S2807","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:test/common/json.h","project":"owasp-modsecurity_ModSecurity","line":78,"hash":"32872b5f2aff53c2e9da3873def2337b","textRange":{"startLine":78,"endLine":78,"startOffset":13,"endOffset":23},"flows":[],"status":"OPEN","message":"Make this member overloaded operator a hidden friend.","effort":"15min","debt":"15min","tags":["api-design","cppcoreguidelines"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T04:16:01+0000","updateDate":"2026-04-11T18:28:24+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CONVENTIONAL","cleanCodeAttributeCategory":"CONSISTENT","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"MEDIUM"}],"issueStatus":"OPEN","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QIVSTzC4JOHOn-h","rule":"cpp:S2807","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:test/common/json.h","project":"owasp-modsecurity_ModSecurity","line":123,"hash":"32872b5f2aff53c2e9da3873def2337b","textRange":{"startLine":123,"endLine":123,"startOffset":13,"endOffset":23},"flows":[],"status":"OPEN","message":"Make this member overloaded operator a hidden friend.","effort":"15min","debt":"15min","tags":["api-design","cppcoreguidelines"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T04:16:01+0000","updateDate":"2026-04-11T18:28:24+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CONVENTIONAL","cleanCodeAttributeCategory":"CONSISTENT","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"MEDIUM"}],"issueStatus":"OPEN","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QIVSTzC4JOHOn-i","rule":"cpp:S1181","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:test/common/json.h","project":"owasp-modsecurity_ModSecurity","line":219,"hash":"17e2bc369d92302dc4f4a91269570980","textRange":{"startLine":219,"endLine":219,"startOffset":17,"endOffset":48},"flows":[],"status":"OPEN","message":"Catch a more specific exception instead of a generic one.","effort":"20min","debt":"20min","tags":["bad-practice","cert","cppcoreguidelines","cwe","error-handling"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T04:16:01+0000","updateDate":"2026-04-11T18:28:24+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CONVENTIONAL","cleanCodeAttributeCategory":"CONSISTENT","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"MEDIUM"}],"issueStatus":"OPEN","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QIVSTzC4JOHOn-j","rule":"cpp:S995","severity":"MINOR","component":"owasp-modsecurity_ModSecurity:test/common/json.h","project":"owasp-modsecurity_ModSecurity","line":232,"hash":"842a1d5ef3f8f7c6d4201e8ebc34597e","textRange":{"startLine":232,"endLine":232,"startOffset":4,"endOffset":32},"flows":[],"status":"OPEN","message":"Make the type of this parameter a pointer-to-const. The current type of \"error\" is \"std::string *\".","effort":"2min","debt":"2min","tags":["bad-practice","misra-c++2008","misra-c2004","misra-c2012"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T04:16:01+0000","updateDate":"2026-04-11T18:28:24+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CONVENTIONAL","cleanCodeAttributeCategory":"CONSISTENT","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"LOW"}],"issueStatus":"OPEN","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QIVSTzC4JOHOn-k","rule":"cpp:S995","severity":"MINOR","component":"owasp-modsecurity_ModSecurity:test/common/json.h","project":"owasp-modsecurity_ModSecurity","line":242,"hash":"842a1d5ef3f8f7c6d4201e8ebc34597e","textRange":{"startLine":242,"endLine":242,"startOffset":4,"endOffset":32},"flows":[],"status":"OPEN","message":"Make the type of this parameter a pointer-to-const. The current type of \"error\" is \"std::string *\".","effort":"2min","debt":"2min","tags":["bad-practice","misra-c++2008","misra-c2004","misra-c2012"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T04:16:01+0000","updateDate":"2026-04-11T18:28:24+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CONVENTIONAL","cleanCodeAttributeCategory":"CONSISTENT","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"LOW"}],"issueStatus":"OPEN","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QIVSTzC4JOHOn-l","rule":"cpp:S995","severity":"MINOR","component":"owasp-modsecurity_ModSecurity:test/common/json.h","project":"owasp-modsecurity_ModSecurity","line":252,"hash":"842a1d5ef3f8f7c6d4201e8ebc34597e","textRange":{"startLine":252,"endLine":252,"startOffset":4,"endOffset":32},"flows":[],"status":"OPEN","message":"Make the type of this parameter a pointer-to-const. The current type of \"error\" is \"std::string *\".","effort":"2min","debt":"2min","tags":["bad-practice","misra-c++2008","misra-c2004","misra-c2012"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T04:16:01+0000","updateDate":"2026-04-11T18:28:24+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CONVENTIONAL","cleanCodeAttributeCategory":"CONSISTENT","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"LOW"}],"issueStatus":"OPEN","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QIVSTzC4JOHOn-m","rule":"cpp:S995","severity":"MINOR","component":"owasp-modsecurity_ModSecurity:test/common/json.h","project":"owasp-modsecurity_ModSecurity","line":262,"hash":"842a1d5ef3f8f7c6d4201e8ebc34597e","textRange":{"startLine":262,"endLine":262,"startOffset":4,"endOffset":32},"flows":[],"status":"OPEN","message":"Make the type of this parameter a pointer-to-const. The current type of \"error\" is \"std::string *\".","effort":"2min","debt":"2min","tags":["bad-practice","misra-c++2008","misra-c2004","misra-c2012"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T04:16:01+0000","updateDate":"2026-04-11T18:28:24+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CONVENTIONAL","cleanCodeAttributeCategory":"CONSISTENT","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"LOW"}],"issueStatus":"OPEN","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QIVSTzC4JOHOn-n","rule":"cpp:S995","severity":"MINOR","component":"owasp-modsecurity_ModSecurity:test/common/json.h","project":"owasp-modsecurity_ModSecurity","line":269,"hash":"842a1d5ef3f8f7c6d4201e8ebc34597e","textRange":{"startLine":269,"endLine":269,"startOffset":4,"endOffset":32},"flows":[],"status":"OPEN","message":"Make the type of this parameter a pointer-to-const. The current type of \"error\" is \"std::string *\".","effort":"2min","debt":"2min","tags":["bad-practice","misra-c++2008","misra-c2004","misra-c2012"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T04:16:01+0000","updateDate":"2026-04-11T18:28:24+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CONVENTIONAL","cleanCodeAttributeCategory":"CONSISTENT","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"LOW"}],"issueStatus":"OPEN","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QIVSTzC4JOHOn-o","rule":"cpp:S995","severity":"MINOR","component":"owasp-modsecurity_ModSecurity:test/common/json.h","project":"owasp-modsecurity_ModSecurity","line":279,"hash":"842a1d5ef3f8f7c6d4201e8ebc34597e","textRange":{"startLine":279,"endLine":279,"startOffset":4,"endOffset":32},"flows":[],"status":"OPEN","message":"Make the type of this parameter a pointer-to-const. The current type of \"error\" is \"std::string *\".","effort":"2min","debt":"2min","tags":["bad-practice","misra-c++2008","misra-c2004","misra-c2012"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T04:16:01+0000","updateDate":"2026-04-11T18:28:24+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CONVENTIONAL","cleanCodeAttributeCategory":"CONSISTENT","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"LOW"}],"issueStatus":"OPEN","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QIVSTzC4JOHOn-p","rule":"cpp:S1181","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:test/common/json.h","project":"owasp-modsecurity_ModSecurity","line":309,"hash":"07812996fb80c9dea4faaf28584629d4","textRange":{"startLine":309,"endLine":309,"startOffset":13,"endOffset":35},"flows":[],"status":"OPEN","message":"Catch a more specific exception instead of a generic one.","effort":"20min","debt":"20min","tags":["bad-practice","cert","cppcoreguidelines","cwe","error-handling"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T04:16:01+0000","updateDate":"2026-04-11T18:28:24+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CONVENTIONAL","cleanCodeAttributeCategory":"CONSISTENT","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"MEDIUM"}],"issueStatus":"OPEN","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QIVSTzC4JOHOn-q","rule":"cpp:S1181","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:test/common/json.h","project":"owasp-modsecurity_ModSecurity","line":321,"hash":"07812996fb80c9dea4faaf28584629d4","textRange":{"startLine":321,"endLine":321,"startOffset":13,"endOffset":35},"flows":[],"status":"OPEN","message":"Catch a more specific exception instead of a generic one.","effort":"20min","debt":"20min","tags":["bad-practice","cert","cppcoreguidelines","cwe","error-handling"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T04:16:01+0000","updateDate":"2026-04-11T18:28:24+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CONVENTIONAL","cleanCodeAttributeCategory":"CONSISTENT","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"MEDIUM"}],"issueStatus":"OPEN","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QIVSTzC4JOHOn-r","rule":"cpp:S1181","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:test/common/json.h","project":"owasp-modsecurity_ModSecurity","line":333,"hash":"07812996fb80c9dea4faaf28584629d4","textRange":{"startLine":333,"endLine":333,"startOffset":13,"endOffset":35},"flows":[],"status":"OPEN","message":"Catch a more specific exception instead of a generic one.","effort":"20min","debt":"20min","tags":["bad-practice","cert","cppcoreguidelines","cwe","error-handling"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T04:16:01+0000","updateDate":"2026-04-11T18:28:24+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CONVENTIONAL","cleanCodeAttributeCategory":"CONSISTENT","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"MEDIUM"}],"issueStatus":"OPEN","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QKvSTzC4JOHOn-4","rule":"cpp:S5817","severity":"MAJOR","component":"owasp-modsecurity_ModSecurity:test/regression/regression_test.cc","project":"owasp-modsecurity_ModSecurity","line":431,"hash":"065e68dc7b86028fedad09338e4b604d","textRange":{"startLine":431,"endLine":431,"startOffset":22,"endOffset":44},"flows":[],"status":"OPEN","message":"This function should be declared \"const\".","effort":"5min","debt":"5min","tags":["confusing","pitfall"],"transitions":[],"actions":[],"comments":[],"creationDate":"2026-04-11T04:16:01+0000","updateDate":"2026-04-11T18:28:24+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CLEAR","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"MEDIUM"}],"issueStatus":"OPEN","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QIESTzC4JOHOn-d","rule":"cpp:S886","severity":"MINOR","component":"owasp-modsecurity_ModSecurity:src/modsecurity.cc","project":"owasp-modsecurity_ModSecurity","line":232,"hash":"30820c7d26f88e7d119ac338c53bb296","textRange":{"startLine":232,"endLine":232,"startOffset":4,"endOffset":7},"flows":[{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/modsecurity.cc","textRange":{"startLine":232,"endLine":232,"startOffset":69,"endOffset":80},"msg":"This loop has no counter"}]}],"status":"OPEN","message":"Refactor this loop so that it is less error-prone.","effort":"10min","debt":"10min","tags":["based-on-misra"],"transitions":[],"actions":[],"comments":[],"creationDate":"2024-05-10T02:28:13+0000","updateDate":"2026-04-08T17:49:44+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CLEAR","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"LOW"}],"issueStatus":"OPEN","projectName":"ModSecurity","internalTags":[]},{"key":"AZ190QIESTzC4JOHOn-e","rule":"cpp:S886","severity":"MINOR","component":"owasp-modsecurity_ModSecurity:src/modsecurity.cc","project":"owasp-modsecurity_ModSecurity","line":288,"hash":"a51922f68dc76713f72f470d8fb1fda0","textRange":{"startLine":288,"endLine":288,"startOffset":4,"endOffset":7},"flows":[{"locations":[{"component":"owasp-modsecurity_ModSecurity:src/modsecurity.cc","textRange":{"startLine":288,"endLine":288,"startOffset":67,"endOffset":78},"msg":"This loop has no counter"}]}],"status":"OPEN","message":"Refactor this loop so that it is less error-prone.","effort":"10min","debt":"10min","tags":["based-on-misra"],"transitions":[],"actions":[],"comments":[],"creationDate":"2024-05-10T02:28:13+0000","updateDate":"2026-04-08T17:49:44+0000","type":"CODE_SMELL","organization":"owasp-modsecurity","pullRequest":"3540","cleanCodeAttribute":"CLEAR","cleanCodeAttributeCategory":"INTENTIONAL","impacts":[{"softwareQuality":"MAINTAINABILITY","severity":"LOW"}],"issueStatus":"OPEN","projectName":"ModSecurity","internalTags":[]}],"components":[{"organization":"owasp-modsecurity","key":"owasp-modsecurity_ModSecurity:test/benchmark/json_benchmark.cc","uuid":"AZ1-dnjQXISY38E6TxoE","enabled":true,"qualifier":"FIL","name":"json_benchmark.cc","longName":"test/benchmark/json_benchmark.cc","path":"test/benchmark/json_benchmark.cc","pullRequest":"3540"},{"organization":"owasp-modsecurity","key":"owasp-modsecurity_ModSecurity:test/common/json.h","uuid":"AZ190PqJSTzC4JOHOn8u","enabled":true,"qualifier":"FIL","name":"json.h","longName":"test/common/json.h","path":"test/common/json.h","pullRequest":"3540"},{"organization":"owasp-modsecurity","key":"owasp-modsecurity_ModSecurity","uuid":"AZ19zODIui8tjlZZYgU6","enabled":true,"qualifier":"TRK","name":"ModSecurity","longName":"ModSecurity","pullRequest":"3540"},{"organization":"owasp-modsecurity","key":"owasp-modsecurity_ModSecurity:test/regression/regression_test.cc","uuid":"AZ190PqJSTzC4JOHOn9B","enabled":true,"qualifier":"FIL","name":"regression_test.cc","longName":"test/regression/regression_test.cc","path":"test/regression/regression_test.cc","pullRequest":"3540"},{"organization":"owasp-modsecurity","key":"owasp-modsecurity_ModSecurity:src/request_body_processor/xml.cc","uuid":"AZ2NS_5A-fxIQtZsdoUD","enabled":true,"qualifier":"FIL","name":"xml.cc","longName":"src/request_body_processor/xml.cc","path":"src/request_body_processor/xml.cc","pullRequest":"3540"},{"organization":"owasp-modsecurity","key":"owasp-modsecurity_ModSecurity:test/unit/json_backend_depth_tests.cc","uuid":"AZ2CA_aZGCkM6OziEPeP","enabled":true,"qualifier":"FIL","name":"json_backend_depth_tests.cc","longName":"test/unit/json_backend_depth_tests.cc","path":"test/unit/json_backend_depth_tests.cc","pullRequest":"3540"},{"organization":"owasp-modsecurity","key":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_adapter.cc","uuid":"AZ190PqISTzC4JOHOn4f","enabled":true,"qualifier":"FIL","name":"json_adapter.cc","longName":"src/request_body_processor/json_adapter.cc","path":"src/request_body_processor/json_adapter.cc","pullRequest":"3540"},{"organization":"owasp-modsecurity","key":"owasp-modsecurity_ModSecurity:src/utils/json_writer.cc","uuid":"AZ190PqHSTzC4JOHOn01","enabled":true,"qualifier":"FIL","name":"json_writer.cc","longName":"src/utils/json_writer.cc","path":"src/utils/json_writer.cc","pullRequest":"3540"},{"organization":"owasp-modsecurity","key":"owasp-modsecurity_ModSecurity:src/request_body_processor/json_backend_jsoncons.cc","uuid":"AZ190PqISTzC4JOHOn4e","enabled":true,"qualifier":"FIL","name":"json_backend_jsoncons.cc","longName":"src/request_body_processor/json_backend_jsoncons.cc","path":"src/request_body_processor/json_backend_jsoncons.cc","pullRequest":"3540"},{"organization":"owasp-modsecurity","key":"owasp-modsecurity_ModSecurity:src/modsecurity.cc","uuid":"AZ190PqISTzC4JOHOn5J","enabled":true,"qualifier":"FIL","name":"modsecurity.cc","longName":"src/modsecurity.cc","path":"src/modsecurity.cc","pullRequest":"3540"},{"organization":"owasp-modsecurity","key":"owasp-modsecurity_ModSecurity:src/operators/validate_byte_range.cc","uuid":"AZ190PqISTzC4JOHOn3W","enabled":true,"qualifier":"FIL","name":"validate_byte_range.cc","longName":"src/operators/validate_byte_range.cc","path":"src/operators/validate_byte_range.cc","pullRequest":"3540"},{"organization":"owasp-modsecurity","key":"owasp-modsecurity_ModSecurity:src/request_body_processor/json.cc","uuid":"AZ190PqISTzC4JOHOn4h","enabled":true,"qualifier":"FIL","name":"json.cc","longName":"src/request_body_processor/json.cc","path":"src/request_body_processor/json.cc","pullRequest":"3540"}],"organizations":[{"key":"owasp-modsecurity","name":"OWASP ModSecurity"}],"rules":[{"key":"cpp:S6009","name":"\"std::string_view\" should be used to pass a read-only string to a function","lang":"cpp","status":"READY","langName":"C++"},{"key":"cpp:S4998","name":"Function parameters should not be of type \"std::unique_ptr\u003cT\u003e const \u0026\"","lang":"cpp","status":"READY","langName":"C++"},{"key":"cpp:S1188","name":"Lambdas should not have too many lines","lang":"cpp","status":"READY","langName":"C++"},{"key":"cpp:S6024","name":"Free functions should be preferred to member functions when accessing a container in a generic context","lang":"cpp","status":"READY","langName":"C++"},{"key":"cpp:S5817","name":"Member functions that don\u0027t mutate their objects should be declared \"const\"","lang":"cpp","status":"READY","langName":"C++"},{"key":"cpp:S6022","name":"\"std::byte\" should be used when you need byte-oriented memory access","lang":"cpp","status":"READY","langName":"C++"},{"key":"cpp:S5945","name":"C-style array should not be used","lang":"cpp","status":"READY","langName":"C++"},{"key":"cpp:S3562","name":"\"switch\" statements should cover all cases","lang":"cpp","status":"READY","langName":"C++"},{"key":"cpp:S995","name":"Pointer and reference parameters should be \"const\" if the corresponding object is not modified","lang":"cpp","status":"READY","langName":"C++"},{"key":"cpp:S1181","name":"Generic exceptions should not be caught","lang":"cpp","status":"READY","langName":"C++"},{"key":"cpp:S4144","name":"Methods should not have identical implementations","lang":"cpp","status":"READY","langName":"C++"},{"key":"cpp:S886","name":"The three expressions of a \"for\" statement should only be concerned with loop control","lang":"cpp","status":"READY","langName":"C++"},{"key":"cpp:S2807","name":"Binary operators should be overloaded as hidden friend functions","lang":"cpp","status":"READY","langName":"C++"},{"key":"cpp:S5952","name":"Inheriting constructors should be used","lang":"cpp","status":"READY","langName":"C++"},{"key":"cpp:S1066","name":"Mergeable \"if\" statements should be combined","lang":"cpp","status":"READY","langName":"C++"},{"key":"cpp:S6004","name":"\"if\" and \"switch\" initializer should be used to reduce scope of variables","lang":"cpp","status":"READY","langName":"C++"}],"users":[],"languages":[{"key":"cs","name":"C#"},{"key":"plsql","name":"PL/SQL"},{"key":"java","name":"Java"},{"key":"groovy","name":"Groovy"},{"key":"xml","name":"XML"},{"key":"swift","name":"Swift"},{"key":"c","name":"C"},{"key":"cpp","name":"C++"},{"key":"objc","name":"Objective-C"},{"key":"py","name":"Python"},{"key":"ipynb","name":"IPython Notebooks"},{"key":"vbnet","name":"VB.NET"},{"key":"vb","name":"Vb"},{"key":"apex","name":"Apex"},{"key":"js","name":"JavaScript"},{"key":"ts","name":"TypeScript"},{"key":"css","name":"CSS"},{"key":"abap","name":"ABAP"},{"key":"terraform","name":"Terraform"},{"key":"cloudformation","name":"CloudFormation"},{"key":"kubernetes","name":"Kubernetes"},{"key":"docker","name":"Docker"},{"key":"azureresourcemanager","name":"Azure Resource Manager"},{"key":"yaml","name":"YAML"},{"key":"json","name":"JSON"},{"key":"ansible","name":"Ansible"},{"key":"githubactions","name":"GitHub Actions"},{"key":"azurepipelines","name":"Azure Pipelines"},{"key":"shell","name":"Shell"},{"key":"scala","name":"Scala"},{"key":"dart","name":"Dart"},{"key":"rust","name":"Rust"},{"key":"jcl","name":"JCL"},{"key":"web","name":"HTML"},{"key":"jsp","name":"JSP"},{"key":"flex","name":"Flex"},{"key":"go","name":"Go"},{"key":"rpg","name":"RPG"},{"key":"kotlin","name":"Kotlin"},{"key":"pli","name":"PL/I"},{"key":"tsql","name":"T-SQL"},{"key":"ruby","name":"Ruby"},{"key":"secrets","name":"Secrets"},{"key":"text","name":"Text"},{"key":"cobol","name":"COBOL"},{"key":"php","name":"PHP"}],"facets":[]} \ No newline at end of file diff --git a/analysis/pr3540_measures.json b/analysis/pr3540_measures.json new file mode 100644 index 0000000000..1f11cb582c --- /dev/null +++ b/analysis/pr3540_measures.json @@ -0,0 +1 @@ +{"component":{"id":"AZ19zODIui8tjlZZYgU6","key":"owasp-modsecurity_ModSecurity","name":"ModSecurity","qualifier":"TRK","measures":[{"metric":"reliability_rating","value":"1.0","bestValue":true},{"metric":"code_smells","value":"34","bestValue":false},{"metric":"duplicated_lines_density","value":"2.1","bestValue":false},{"metric":"new_vulnerabilities","periods":[{"index":1,"value":"0","bestValue":true}]},{"metric":"security_rating","value":"1.0","bestValue":true},{"metric":"new_reliability_rating","periods":[{"index":1,"value":"1.0","bestValue":true}]},{"metric":"new_security_rating","periods":[{"index":1,"value":"1.0","bestValue":true}]},{"metric":"security_hotspots","value":"0","bestValue":true},{"metric":"new_bugs","periods":[{"index":1,"value":"0","bestValue":true}]},{"metric":"new_code_smells","periods":[{"index":1,"value":"34","bestValue":false}]},{"metric":"sqale_rating","value":"1.0","bestValue":true},{"metric":"alert_status","value":"OK"},{"metric":"bugs","value":"0","bestValue":true},{"metric":"new_security_hotspots","periods":[{"index":1,"value":"0","bestValue":true}]},{"metric":"ncloc","value":"12225"},{"metric":"vulnerabilities","value":"0","bestValue":true},{"metric":"new_maintainability_rating","periods":[{"index":1,"value":"1.0","bestValue":true}]},{"metric":"new_security_hotspots_reviewed","periods":[{"index":1,"value":"100.0","bestValue":true}]},{"metric":"new_duplicated_lines_density","periods":[{"index":1,"value":"0.0","bestValue":true}]}],"pullRequest":"3540"}} \ No newline at end of file diff --git a/analysis/pr3540_open_findings_table.md b/analysis/pr3540_open_findings_table.md new file mode 100644 index 0000000000..dff7972be2 --- /dev/null +++ b/analysis/pr3540_open_findings_table.md @@ -0,0 +1,36 @@ +| ID | Kategorie | Regelcode | Severity | Datei | Zeile | Kurzbeschreibung | Konkreter technischer Fix | Risiko der Änderung | +|---|---|---|---|---|---:|---|---|---| +| AZ2NbA47JpYMQiJwV1lh | Issue | cpp:S1066 | MAJOR | src/request_body_processor/xml.cc | 331 | Merge this "if" statement with the enclosing one. | Code an Regel anpassen (sonarspezifisch, je Fundstelle). | Niedrig bis Mittel (abhängig von Logikänderung). | +| AZ2H7l4Bym_e-6l8FQml | Issue | cpp:S6009 | MINOR | src/request_body_processor/json.cc | 42 | Replace this const reference to "std::string" by a "std::string_view". | Code an Regel anpassen (sonarspezifisch, je Fundstelle). | Niedrig bis Mittel (abhängig von Logikänderung). | +| AZ2H7l3vym_e-6l8FQmj | Issue | cpp:S6024 | MINOR | src/request_body_processor/json_adapter.cc | 56 | Prefer free functions over member functions when handling objects of generic type "InputType". | Code an Regel anpassen (sonarspezifisch, je Fundstelle). | Niedrig bis Mittel (abhängig von Logikänderung). | +| AZ2H7l3vym_e-6l8FQmk | Issue | cpp:S995 | MINOR | src/request_body_processor/json_adapter.cc | 57 | Make the type of this parameter a pointer-to-const. The current type of "sink" is "class modsecurity::RequestBodyProcessor::JsonEventSink *". | Code an Regel anpassen (sonarspezifisch, je Fundstelle). | Niedrig bis Mittel (abhängig von Logikänderung). | +| AZ2H7l3jym_e-6l8FQmi | Issue | cpp:S6004 | MINOR | src/request_body_processor/json_backend_jsoncons.cc | 623 | Use the init-statement to declare "sync_detail" inside the if statement. | Code an Regel anpassen (sonarspezifisch, je Fundstelle). | Niedrig bis Mittel (abhängig von Logikänderung). | +| AZ2HqeBsWym3B0O6okyS | Issue | cpp:S5952 | MINOR | test/benchmark/json_benchmark.cc | 71 | Add a using-declaration to this derived class to inherit the constructors of "runtime_error", and remove the ones you manually duplicated. Note that this may add other constructors to your derived class. | Code an Regel anpassen (sonarspezifisch, je Fundstelle). | Niedrig bis Mittel (abhängig von Logikänderung). | +| AZ2HqeBsWym3B0O6okyT | Issue | cpp:S6004 | MINOR | test/benchmark/json_benchmark.cc | 144 | Use the init-statement to declare "current" inside the if statement. | Code an Regel anpassen (sonarspezifisch, je Fundstelle). | Niedrig bis Mittel (abhängig von Logikänderung). | +| AZ2DWE24t-zbsGOGdN_K | Issue | cpp:S4998 | MAJOR | test/benchmark/json_benchmark.cc | 316 | Replace this use of "unique_ptr" by a raw pointer or a reference (possibly const). | Code an Regel anpassen (sonarspezifisch, je Fundstelle). | Niedrig bis Mittel (abhängig von Logikänderung). | +| AZ2DVDgODPiZK5yPV1-J | Issue | cpp:S1188 | MAJOR | test/regression/regression_test.cc | 235 | This lambda has 23 lines, which is greater than the 20 lines authorized. Split it into several lambdas or functions, or make it a named function. | Code an Regel anpassen (sonarspezifisch, je Fundstelle). | Niedrig bis Mittel (abhängig von Logikänderung). | +| AZ2CBI6Kkud7vHWq0tqj | Issue | cpp:S6022 | MAJOR | src/operators/validate_byte_range.cc | 157 | Use "std::byte" for byte-oriented data manipulation. | Code an Regel anpassen (sonarspezifisch, je Fundstelle). | Niedrig bis Mittel (abhängig von Logikänderung). | +| AZ2CA_xuGCkM6OziEPeu | Issue | cpp:S4144 | MAJOR | test/unit/json_backend_depth_tests.cc | 50 | Update this method so that its implementation is not identical to on_key. | Code an Regel anpassen (sonarspezifisch, je Fundstelle). | Niedrig bis Mittel (abhängig von Logikänderung). | +| AZ1-doCWXISY38E6TxpK | Issue | cpp:S6009 | MINOR | test/benchmark/json_benchmark.cc | 321 | Replace this const reference to "std::string" by a "std::string_view". | Code an Regel anpassen (sonarspezifisch, je Fundstelle). | Niedrig bis Mittel (abhängig von Logikänderung). | +| AZ1-doCWXISY38E6TxpR | Issue | cpp:S6009 | MINOR | test/benchmark/json_benchmark.cc | 419 | Replace this const reference to "std::string" by a "std::string_view". | Code an Regel anpassen (sonarspezifisch, je Fundstelle). | Niedrig bis Mittel (abhängig von Logikänderung). | +| AZ1-doCWXISY38E6TxpU | Issue | cpp:S6009 | MINOR | test/benchmark/json_benchmark.cc | 486 | Replace this const reference to "std::string" by a "std::string_view". | Code an Regel anpassen (sonarspezifisch, je Fundstelle). | Niedrig bis Mittel (abhängig von Logikänderung). | +| AZ190QEMSTzC4JOHOn9q | Issue | cpp:S6022 | MAJOR | src/operators/validate_byte_range.cc | 73 | Use "std::byte" for byte-oriented data manipulation. | Code an Regel anpassen (sonarspezifisch, je Fundstelle). | Niedrig bis Mittel (abhängig von Logikänderung). | +| AZ190QFsSTzC4JOHOn9u | Issue | cpp:S3562 | MAJOR | src/request_body_processor/json_backend_jsoncons.cc | 220 | 4 enumeration values not handled in switch: 'int64_value', 'uint64_value', 'half_value'... | Code an Regel anpassen (sonarspezifisch, je Fundstelle). | Niedrig bis Mittel (abhängig von Logikänderung). | +| AZ190QA8STzC4JOHOn9k | Issue | cpp:S5945 | MAJOR | src/utils/json_writer.cc | 156 | Use "std::string" instead of a C-style char array. | Code an Regel anpassen (sonarspezifisch, je Fundstelle). | Niedrig bis Mittel (abhängig von Logikänderung). | +| AZ190QA8STzC4JOHOn9n | Issue | cpp:S6022 | MAJOR | src/utils/json_writer.cc | 184 | Use "std::byte" for byte-oriented data manipulation. | Code an Regel anpassen (sonarspezifisch, je Fundstelle). | Niedrig bis Mittel (abhängig von Logikänderung). | +| AZ190QA8STzC4JOHOn9o | Issue | cpp:S6022 | MAJOR | src/utils/json_writer.cc | 185 | Use "std::byte" for byte-oriented data manipulation. | Code an Regel anpassen (sonarspezifisch, je Fundstelle). | Niedrig bis Mittel (abhängig von Logikänderung). | +| AZ190QIVSTzC4JOHOn-g | Issue | cpp:S2807 | MAJOR | test/common/json.h | 78 | Make this member overloaded operator a hidden friend. | Code an Regel anpassen (sonarspezifisch, je Fundstelle). | Niedrig bis Mittel (abhängig von Logikänderung). | +| AZ190QIVSTzC4JOHOn-h | Issue | cpp:S2807 | MAJOR | test/common/json.h | 123 | Make this member overloaded operator a hidden friend. | Code an Regel anpassen (sonarspezifisch, je Fundstelle). | Niedrig bis Mittel (abhängig von Logikänderung). | +| AZ190QIVSTzC4JOHOn-i | Issue | cpp:S1181 | MAJOR | test/common/json.h | 219 | Catch a more specific exception instead of a generic one. | Code an Regel anpassen (sonarspezifisch, je Fundstelle). | Niedrig bis Mittel (abhängig von Logikänderung). | +| AZ190QIVSTzC4JOHOn-j | Issue | cpp:S995 | MINOR | test/common/json.h | 232 | Make the type of this parameter a pointer-to-const. The current type of "error" is "std::string *". | Code an Regel anpassen (sonarspezifisch, je Fundstelle). | Niedrig bis Mittel (abhängig von Logikänderung). | +| AZ190QIVSTzC4JOHOn-k | Issue | cpp:S995 | MINOR | test/common/json.h | 242 | Make the type of this parameter a pointer-to-const. The current type of "error" is "std::string *". | Code an Regel anpassen (sonarspezifisch, je Fundstelle). | Niedrig bis Mittel (abhängig von Logikänderung). | +| AZ190QIVSTzC4JOHOn-l | Issue | cpp:S995 | MINOR | test/common/json.h | 252 | Make the type of this parameter a pointer-to-const. The current type of "error" is "std::string *". | Code an Regel anpassen (sonarspezifisch, je Fundstelle). | Niedrig bis Mittel (abhängig von Logikänderung). | +| AZ190QIVSTzC4JOHOn-m | Issue | cpp:S995 | MINOR | test/common/json.h | 262 | Make the type of this parameter a pointer-to-const. The current type of "error" is "std::string *". | Code an Regel anpassen (sonarspezifisch, je Fundstelle). | Niedrig bis Mittel (abhängig von Logikänderung). | +| AZ190QIVSTzC4JOHOn-n | Issue | cpp:S995 | MINOR | test/common/json.h | 269 | Make the type of this parameter a pointer-to-const. The current type of "error" is "std::string *". | Code an Regel anpassen (sonarspezifisch, je Fundstelle). | Niedrig bis Mittel (abhängig von Logikänderung). | +| AZ190QIVSTzC4JOHOn-o | Issue | cpp:S995 | MINOR | test/common/json.h | 279 | Make the type of this parameter a pointer-to-const. The current type of "error" is "std::string *". | Code an Regel anpassen (sonarspezifisch, je Fundstelle). | Niedrig bis Mittel (abhängig von Logikänderung). | +| AZ190QIVSTzC4JOHOn-p | Issue | cpp:S1181 | MAJOR | test/common/json.h | 309 | Catch a more specific exception instead of a generic one. | Code an Regel anpassen (sonarspezifisch, je Fundstelle). | Niedrig bis Mittel (abhängig von Logikänderung). | +| AZ190QIVSTzC4JOHOn-q | Issue | cpp:S1181 | MAJOR | test/common/json.h | 321 | Catch a more specific exception instead of a generic one. | Code an Regel anpassen (sonarspezifisch, je Fundstelle). | Niedrig bis Mittel (abhängig von Logikänderung). | +| AZ190QIVSTzC4JOHOn-r | Issue | cpp:S1181 | MAJOR | test/common/json.h | 333 | Catch a more specific exception instead of a generic one. | Code an Regel anpassen (sonarspezifisch, je Fundstelle). | Niedrig bis Mittel (abhängig von Logikänderung). | +| AZ190QKvSTzC4JOHOn-4 | Issue | cpp:S5817 | MAJOR | test/regression/regression_test.cc | 431 | This function should be declared "const". | Code an Regel anpassen (sonarspezifisch, je Fundstelle). | Niedrig bis Mittel (abhängig von Logikänderung). | +| AZ190QIESTzC4JOHOn-d | Issue | cpp:S886 | MINOR | src/modsecurity.cc | 232 | Refactor this loop so that it is less error-prone. | Code an Regel anpassen (sonarspezifisch, je Fundstelle). | Niedrig bis Mittel (abhängig von Logikänderung). | +| AZ190QIESTzC4JOHOn-e | Issue | cpp:S886 | MINOR | src/modsecurity.cc | 288 | Refactor this loop so that it is less error-prone. | Code an Regel anpassen (sonarspezifisch, je Fundstelle). | Niedrig bis Mittel (abhängig von Logikänderung). | \ No newline at end of file diff --git a/analysis/pr3540_pull.json b/analysis/pr3540_pull.json new file mode 100644 index 0000000000..e75d4dbfa2 --- /dev/null +++ b/analysis/pr3540_pull.json @@ -0,0 +1,379 @@ +{ + "url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/pulls/3540", + "id": 3518020184, + "node_id": "PR_kwDOABQmks7RsLpY", + "html_url": "https://github.com/owasp-modsecurity/ModSecurity/pull/3540", + "diff_url": "https://github.com/owasp-modsecurity/ModSecurity/pull/3540.diff", + "patch_url": "https://github.com/owasp-modsecurity/ModSecurity/pull/3540.patch", + "issue_url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/issues/3540", + "number": 3540, + "state": "open", + "locked": false, + "title": "Prototype 2: Evaluating alternatives to YAJL for JSON processing", + "user": { + "login": "Easton97-Jens", + "id": 66330090, + "node_id": "MDQ6VXNlcjY2MzMwMDkw", + "avatar_url": "https://avatars.githubusercontent.com/u/66330090?v=4", + "gravatar_id": "", + "url": "https://api.github.com/users/Easton97-Jens", + "html_url": "https://github.com/Easton97-Jens", + "followers_url": "https://api.github.com/users/Easton97-Jens/followers", + "following_url": "https://api.github.com/users/Easton97-Jens/following{/other_user}", + "gists_url": "https://api.github.com/users/Easton97-Jens/gists{/gist_id}", + "starred_url": "https://api.github.com/users/Easton97-Jens/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/Easton97-Jens/subscriptions", + "organizations_url": "https://api.github.com/users/Easton97-Jens/orgs", + "repos_url": "https://api.github.com/users/Easton97-Jens/repos", + "events_url": "https://api.github.com/users/Easton97-Jens/events{/privacy}", + "received_events_url": "https://api.github.com/users/Easton97-Jens/received_events", + "type": "User", + "user_view_type": "public", + "site_admin": false + }, + "body": "## what\r\n\r\nThis pull request introduces the second prototype for evaluating alternatives to YAJL in JSON processing.\r\n\r\nThe prototype has been reduced to the following JSON libraries:\r\n\r\n- SIMDJSON\r\n- JSONCONS\r\n\r\nAs part of this change, YAJL has been completely removed.\r\n\r\n## why\r\n\r\nThe goal of this prototype is to continue the evaluation of possible improvements to JSON handling in terms of:\r\n\r\n- maintainability\r\n- performance\r\n- security\r\n- modernization of dependencies\r\n\r\nBy removing YAJL entirely and reducing the number of candidate libraries, this prototype provides a more focused base for validation, comparison, and further development.\r\n\r\n## references\r\n\r\n- Related issue: #3308", + "created_at": "2026-04-11T18:27:49Z", + "updated_at": "2026-04-14T19:16:07Z", + "closed_at": null, + "merged_at": null, + "merge_commit_sha": "d768b87be1bdb53c2019c21f0f1a59f62afcfb5d", + "assignees": [ + + ], + "requested_reviewers": [ + + ], + "requested_teams": [ + + ], + "labels": [ + + ], + "milestone": null, + "draft": false, + "commits_url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/pulls/3540/commits", + "review_comments_url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/pulls/3540/comments", + "review_comment_url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/pulls/comments{/number}", + "comments_url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/issues/3540/comments", + "statuses_url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/statuses/9c29515ef87b85baaf22bcb004c4403cd14ed0ce", + "head": { + "label": "Easton97-Jens:v3/master-json2", + "ref": "v3/master-json2", + "sha": "9c29515ef87b85baaf22bcb004c4403cd14ed0ce", + "user": { + "login": "Easton97-Jens", + "id": 66330090, + "node_id": "MDQ6VXNlcjY2MzMwMDkw", + "avatar_url": "https://avatars.githubusercontent.com/u/66330090?v=4", + "gravatar_id": "", + "url": "https://api.github.com/users/Easton97-Jens", + "html_url": "https://github.com/Easton97-Jens", + "followers_url": "https://api.github.com/users/Easton97-Jens/followers", + "following_url": "https://api.github.com/users/Easton97-Jens/following{/other_user}", + "gists_url": "https://api.github.com/users/Easton97-Jens/gists{/gist_id}", + "starred_url": "https://api.github.com/users/Easton97-Jens/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/Easton97-Jens/subscriptions", + "organizations_url": "https://api.github.com/users/Easton97-Jens/orgs", + "repos_url": "https://api.github.com/users/Easton97-Jens/repos", + "events_url": "https://api.github.com/users/Easton97-Jens/events{/privacy}", + "received_events_url": "https://api.github.com/users/Easton97-Jens/received_events", + "type": "User", + "user_view_type": "public", + "site_admin": false + }, + "repo": { + "id": 1111635599, + "node_id": "R_kgDOQkI2jw", + "name": "ModSecurity", + "full_name": "Easton97-Jens/ModSecurity", + "private": false, + "owner": { + "login": "Easton97-Jens", + "id": 66330090, + "node_id": "MDQ6VXNlcjY2MzMwMDkw", + "avatar_url": "https://avatars.githubusercontent.com/u/66330090?v=4", + "gravatar_id": "", + "url": "https://api.github.com/users/Easton97-Jens", + "html_url": "https://github.com/Easton97-Jens", + "followers_url": "https://api.github.com/users/Easton97-Jens/followers", + "following_url": "https://api.github.com/users/Easton97-Jens/following{/other_user}", + "gists_url": "https://api.github.com/users/Easton97-Jens/gists{/gist_id}", + "starred_url": "https://api.github.com/users/Easton97-Jens/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/Easton97-Jens/subscriptions", + "organizations_url": "https://api.github.com/users/Easton97-Jens/orgs", + "repos_url": "https://api.github.com/users/Easton97-Jens/repos", + "events_url": "https://api.github.com/users/Easton97-Jens/events{/privacy}", + "received_events_url": "https://api.github.com/users/Easton97-Jens/received_events", + "type": "User", + "user_view_type": "public", + "site_admin": false + }, + "html_url": "https://github.com/Easton97-Jens/ModSecurity", + "description": "ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx. It has a robust event-based programming language which provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis.", + "fork": true, + "url": "https://api.github.com/repos/Easton97-Jens/ModSecurity", + "forks_url": "https://api.github.com/repos/Easton97-Jens/ModSecurity/forks", + "keys_url": "https://api.github.com/repos/Easton97-Jens/ModSecurity/keys{/key_id}", + "collaborators_url": "https://api.github.com/repos/Easton97-Jens/ModSecurity/collaborators{/collaborator}", + "teams_url": "https://api.github.com/repos/Easton97-Jens/ModSecurity/teams", + "hooks_url": "https://api.github.com/repos/Easton97-Jens/ModSecurity/hooks", + "issue_events_url": "https://api.github.com/repos/Easton97-Jens/ModSecurity/issues/events{/number}", + "events_url": "https://api.github.com/repos/Easton97-Jens/ModSecurity/events", + "assignees_url": "https://api.github.com/repos/Easton97-Jens/ModSecurity/assignees{/user}", + "branches_url": "https://api.github.com/repos/Easton97-Jens/ModSecurity/branches{/branch}", + "tags_url": "https://api.github.com/repos/Easton97-Jens/ModSecurity/tags", + "blobs_url": "https://api.github.com/repos/Easton97-Jens/ModSecurity/git/blobs{/sha}", + "git_tags_url": "https://api.github.com/repos/Easton97-Jens/ModSecurity/git/tags{/sha}", + "git_refs_url": "https://api.github.com/repos/Easton97-Jens/ModSecurity/git/refs{/sha}", + "trees_url": "https://api.github.com/repos/Easton97-Jens/ModSecurity/git/trees{/sha}", + "statuses_url": "https://api.github.com/repos/Easton97-Jens/ModSecurity/statuses/{sha}", + "languages_url": "https://api.github.com/repos/Easton97-Jens/ModSecurity/languages", + "stargazers_url": "https://api.github.com/repos/Easton97-Jens/ModSecurity/stargazers", + "contributors_url": "https://api.github.com/repos/Easton97-Jens/ModSecurity/contributors", + "subscribers_url": "https://api.github.com/repos/Easton97-Jens/ModSecurity/subscribers", + "subscription_url": "https://api.github.com/repos/Easton97-Jens/ModSecurity/subscription", + "commits_url": "https://api.github.com/repos/Easton97-Jens/ModSecurity/commits{/sha}", + "git_commits_url": "https://api.github.com/repos/Easton97-Jens/ModSecurity/git/commits{/sha}", + "comments_url": "https://api.github.com/repos/Easton97-Jens/ModSecurity/comments{/number}", + "issue_comment_url": "https://api.github.com/repos/Easton97-Jens/ModSecurity/issues/comments{/number}", + "contents_url": "https://api.github.com/repos/Easton97-Jens/ModSecurity/contents/{+path}", + "compare_url": "https://api.github.com/repos/Easton97-Jens/ModSecurity/compare/{base}...{head}", + "merges_url": "https://api.github.com/repos/Easton97-Jens/ModSecurity/merges", + "archive_url": "https://api.github.com/repos/Easton97-Jens/ModSecurity/{archive_format}{/ref}", + "downloads_url": "https://api.github.com/repos/Easton97-Jens/ModSecurity/downloads", + "issues_url": "https://api.github.com/repos/Easton97-Jens/ModSecurity/issues{/number}", + "pulls_url": "https://api.github.com/repos/Easton97-Jens/ModSecurity/pulls{/number}", + "milestones_url": "https://api.github.com/repos/Easton97-Jens/ModSecurity/milestones{/number}", + "notifications_url": "https://api.github.com/repos/Easton97-Jens/ModSecurity/notifications{?since,all,participating}", + "labels_url": "https://api.github.com/repos/Easton97-Jens/ModSecurity/labels{/name}", + "releases_url": "https://api.github.com/repos/Easton97-Jens/ModSecurity/releases{/id}", + "deployments_url": "https://api.github.com/repos/Easton97-Jens/ModSecurity/deployments", + "created_at": "2025-12-07T10:53:44Z", + "updated_at": "2026-04-14T19:11:14Z", + "pushed_at": "2026-04-14T19:12:25Z", + "git_url": "git://github.com/Easton97-Jens/ModSecurity.git", + "ssh_url": "git@github.com:Easton97-Jens/ModSecurity.git", + "clone_url": "https://github.com/Easton97-Jens/ModSecurity.git", + "svn_url": "https://github.com/Easton97-Jens/ModSecurity", + "homepage": "https://www.modsecurity.org", + "size": 51025, + "stargazers_count": 0, + "watchers_count": 0, + "language": "C++", + "has_issues": false, + "has_projects": true, + "has_downloads": true, + "has_wiki": true, + "has_pages": false, + "has_discussions": false, + "forks_count": 0, + "mirror_url": null, + "archived": false, + "disabled": false, + "open_issues_count": 13, + "license": { + "key": "apache-2.0", + "name": "Apache License 2.0", + "spdx_id": "Apache-2.0", + "url": "https://api.github.com/licenses/apache-2.0", + "node_id": "MDc6TGljZW5zZTI=" + }, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "has_pull_requests": true, + "pull_request_creation_policy": "all", + "topics": [ + + ], + "visibility": "public", + "forks": 0, + "open_issues": 13, + "watchers": 0, + "default_branch": "v3/master-json2" + } + }, + "base": { + "label": "owasp-modsecurity:v3/master", + "ref": "v3/master", + "sha": "8c658f00394b194e06e6d04a903fd366b8f1aeaf", + "user": { + "login": "owasp-modsecurity", + "id": 157431874, + "node_id": "O_kgDOCWI4Qg", + "avatar_url": "https://avatars.githubusercontent.com/u/157431874?v=4", + "gravatar_id": "", + "url": "https://api.github.com/users/owasp-modsecurity", + "html_url": "https://github.com/owasp-modsecurity", + "followers_url": "https://api.github.com/users/owasp-modsecurity/followers", + "following_url": "https://api.github.com/users/owasp-modsecurity/following{/other_user}", + "gists_url": "https://api.github.com/users/owasp-modsecurity/gists{/gist_id}", + "starred_url": "https://api.github.com/users/owasp-modsecurity/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/owasp-modsecurity/subscriptions", + "organizations_url": "https://api.github.com/users/owasp-modsecurity/orgs", + "repos_url": "https://api.github.com/users/owasp-modsecurity/repos", + "events_url": "https://api.github.com/users/owasp-modsecurity/events{/privacy}", + "received_events_url": "https://api.github.com/users/owasp-modsecurity/received_events", + "type": "Organization", + "user_view_type": "public", + "site_admin": false + }, + "repo": { + "id": 1320594, + "node_id": "MDEwOlJlcG9zaXRvcnkxMzIwNTk0", + "name": "ModSecurity", + "full_name": "owasp-modsecurity/ModSecurity", + "private": false, + "owner": { + "login": "owasp-modsecurity", + "id": 157431874, + "node_id": "O_kgDOCWI4Qg", + "avatar_url": "https://avatars.githubusercontent.com/u/157431874?v=4", + "gravatar_id": "", + "url": "https://api.github.com/users/owasp-modsecurity", + "html_url": "https://github.com/owasp-modsecurity", + "followers_url": "https://api.github.com/users/owasp-modsecurity/followers", + "following_url": "https://api.github.com/users/owasp-modsecurity/following{/other_user}", + "gists_url": "https://api.github.com/users/owasp-modsecurity/gists{/gist_id}", + "starred_url": "https://api.github.com/users/owasp-modsecurity/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/owasp-modsecurity/subscriptions", + "organizations_url": "https://api.github.com/users/owasp-modsecurity/orgs", + "repos_url": "https://api.github.com/users/owasp-modsecurity/repos", + "events_url": "https://api.github.com/users/owasp-modsecurity/events{/privacy}", + "received_events_url": "https://api.github.com/users/owasp-modsecurity/received_events", + "type": "Organization", + "user_view_type": "public", + "site_admin": false + }, + "html_url": "https://github.com/owasp-modsecurity/ModSecurity", + "description": "ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx. It has a robust event-based programming language which provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis.", + "fork": false, + "url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity", + "forks_url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/forks", + "keys_url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/keys{/key_id}", + "collaborators_url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/collaborators{/collaborator}", + "teams_url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/teams", + "hooks_url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/hooks", + "issue_events_url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/issues/events{/number}", + "events_url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/events", + "assignees_url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/assignees{/user}", + "branches_url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/branches{/branch}", + "tags_url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/tags", + "blobs_url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/git/blobs{/sha}", + "git_tags_url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/git/tags{/sha}", + "git_refs_url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/git/refs{/sha}", + "trees_url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/git/trees{/sha}", + "statuses_url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/statuses/{sha}", + "languages_url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/languages", + "stargazers_url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/stargazers", + "contributors_url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/contributors", + "subscribers_url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/subscribers", + "subscription_url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/subscription", + "commits_url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/commits{/sha}", + "git_commits_url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/git/commits{/sha}", + "comments_url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/comments{/number}", + "issue_comment_url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/issues/comments{/number}", + "contents_url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/contents/{+path}", + "compare_url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/compare/{base}...{head}", + "merges_url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/merges", + "archive_url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/{archive_format}{/ref}", + "downloads_url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/downloads", + "issues_url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/issues{/number}", + "pulls_url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/pulls{/number}", + "milestones_url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/milestones{/number}", + "notifications_url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/notifications{?since,all,participating}", + "labels_url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/labels{/name}", + "releases_url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/releases{/id}", + "deployments_url": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/deployments", + "created_at": "2011-02-02T14:57:01Z", + "updated_at": "2026-04-13T17:22:39Z", + "pushed_at": "2026-04-13T17:22:33Z", + "git_url": "git://github.com/owasp-modsecurity/ModSecurity.git", + "ssh_url": "git@github.com:owasp-modsecurity/ModSecurity.git", + "clone_url": "https://github.com/owasp-modsecurity/ModSecurity.git", + "svn_url": "https://github.com/owasp-modsecurity/ModSecurity", + "homepage": "https://www.modsecurity.org", + "size": 77887, + "stargazers_count": 9595, + "watchers_count": 9595, + "language": "C++", + "has_issues": true, + "has_projects": true, + "has_downloads": true, + "has_wiki": true, + "has_pages": true, + "has_discussions": false, + "forks_count": 1723, + "mirror_url": null, + "archived": false, + "disabled": false, + "open_issues_count": 298, + "license": { + "key": "apache-2.0", + "name": "Apache License 2.0", + "spdx_id": "Apache-2.0", + "url": "https://api.github.com/licenses/apache-2.0", + "node_id": "MDc6TGljZW5zZTI=" + }, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "has_pull_requests": true, + "pull_request_creation_policy": "all", + "topics": [ + "apache", + "apache2", + "modsecurity", + "nginx", + "waf" + ], + "visibility": "public", + "forks": 1723, + "open_issues": 298, + "watchers": 9595, + "default_branch": "v3/master" + } + }, + "_links": { + "self": { + "href": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/pulls/3540" + }, + "html": { + "href": "https://github.com/owasp-modsecurity/ModSecurity/pull/3540" + }, + "issue": { + "href": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/issues/3540" + }, + "comments": { + "href": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/issues/3540/comments" + }, + "review_comments": { + "href": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/pulls/3540/comments" + }, + "review_comment": { + "href": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/pulls/comments{/number}" + }, + "commits": { + "href": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/pulls/3540/commits" + }, + "statuses": { + "href": "https://api.github.com/repos/owasp-modsecurity/ModSecurity/statuses/9c29515ef87b85baaf22bcb004c4403cd14ed0ce" + } + }, + "author_association": "CONTRIBUTOR", + "auto_merge": null, + "assignee": null, + "active_lock_reason": null, + "merged": false, + "mergeable": true, + "rebaseable": true, + "mergeable_state": "unstable", + "merged_by": null, + "comments": 1, + "review_comments": 0, + "maintainer_can_modify": true, + "commits": 15, + "additions": 7005, + "deletions": 1679, + "changed_files": 85 +} diff --git a/analysis/pr3540_qg.json b/analysis/pr3540_qg.json new file mode 100644 index 0000000000..3b437268e5 --- /dev/null +++ b/analysis/pr3540_qg.json @@ -0,0 +1 @@ +{"projectStatus":{"status":"OK","conditions":[{"status":"OK","metricKey":"new_reliability_rating","comparator":"GT","periodIndex":1,"errorThreshold":"1","actualValue":"1"},{"status":"OK","metricKey":"new_security_rating","comparator":"GT","periodIndex":1,"errorThreshold":"1","actualValue":"1"},{"status":"OK","metricKey":"new_maintainability_rating","comparator":"GT","periodIndex":1,"errorThreshold":"1","actualValue":"1"},{"status":"OK","metricKey":"new_duplicated_lines_density","comparator":"GT","periodIndex":1,"errorThreshold":"3","actualValue":"0.0"},{"status":"OK","metricKey":"new_security_hotspots_reviewed","comparator":"LT","periodIndex":1,"errorThreshold":"100","actualValue":"100.0"}],"periods":[],"ignoredConditions":false}} \ No newline at end of file diff --git a/analysis/pr3540_summary.json b/analysis/pr3540_summary.json new file mode 100644 index 0000000000..dcebec66b7 --- /dev/null +++ b/analysis/pr3540_summary.json @@ -0,0 +1,58 @@ +{ + "total_findings": 220, + "issues_total": 215, + "issues_open": 34, + "issues_closed": 181, + "hotspots_total": 0, + "hotspots_open": 0, + "hotspots_reviewed": 0, + "severity_counts": { + "MAJOR": 107, + "MINOR": 77, + "CRITICAL": 30, + "INFO": 1 + }, + "rule_counts": { + "cpp:S1066": 1, + "cpp:S6009": 7, + "cpp:S6024": 1, + "cpp:S995": 13, + "cpp:S6004": 31, + "cpp:S5952": 1, + "cpp:S4998": 2, + "cpp:S1188": 1, + "cpp:S6022": 4, + "cpp:S4144": 2, + "cpp:S3562": 1, + "cpp:S5945": 4, + "cpp:S2807": 2, + "cpp:S1181": 4, + "cpp:S5817": 2, + "cpp:S886": 3, + "cpp:S134": 10, + "cpp:S1172": 3, + "cpp:S6018": 1, + "cpp:S3776": 9, + "cpp:S112": 31, + "cpp:S1121": 5, + "cpp:S1117": 2, + "cpp:S3628": 5, + "shelldre:S7688": 22, + "cpp:S5812": 13, + "cpp:S1135": 1, + "cpp:S5025": 1, + "cpp:S5827": 1, + "cpp:S5421": 2, + "cpp:S4962": 6, + "cpp:S7127": 1, + "cpp:S7121": 2, + "shelldre:S7682": 3, + "cpp:S3230": 3, + "cpp:S1155": 2, + "cpp:S3624": 1, + "cpp:S5415": 8, + "cpp:S5274": 2, + "cpp:S1481": 1, + "cpp:S836": 1 + } +} \ No newline at end of file diff --git a/headers/modsecurity/audit_log.h b/headers/modsecurity/audit_log.h index ab1e798dd7..dce0175873 100644 --- a/headers/modsecurity/audit_log.h +++ b/headers/modsecurity/audit_log.h @@ -17,6 +17,7 @@ #include #include #include +#include #endif #ifndef HEADERS_MODSECURITY_AUDIT_LOG_H_ diff --git a/headers/modsecurity/rules_set_phases.h b/headers/modsecurity/rules_set_phases.h index 849d8ec1bf..473d939f8e 100644 --- a/headers/modsecurity/rules_set_phases.h +++ b/headers/modsecurity/rules_set_phases.h @@ -20,6 +20,7 @@ #ifdef __cplusplus #include #include +#include #include #include #include @@ -60,4 +61,4 @@ class RulesSetPhases { } // namespace modsecurity #endif -#endif // HEADERS_MODSECURITY_RULES_SET_PHASES_H_ \ No newline at end of file +#endif // HEADERS_MODSECURITY_RULES_SET_PHASES_H_ diff --git a/headers/modsecurity/rules_set_properties.h b/headers/modsecurity/rules_set_properties.h index e16db04665..19a310fbe7 100644 --- a/headers/modsecurity/rules_set_properties.h +++ b/headers/modsecurity/rules_set_properties.h @@ -25,6 +25,7 @@ #ifdef __cplusplus #include #include +#include #include #include #include diff --git a/src/actions/ctl/rule_remove_by_id.h b/src/actions/ctl/rule_remove_by_id.h index f731db31cc..53cd379e76 100644 --- a/src/actions/ctl/rule_remove_by_id.h +++ b/src/actions/ctl/rule_remove_by_id.h @@ -13,7 +13,9 @@ * */ +#include #include +#include #include "modsecurity/actions/action.h" #include "modsecurity/transaction.h" diff --git a/src/anchored_set_variable.cc b/src/anchored_set_variable.cc index 4c81dab412..eb04adf410 100644 --- a/src/anchored_set_variable.cc +++ b/src/anchored_set_variable.cc @@ -16,6 +16,7 @@ #include #include #include +#include #include #include diff --git a/src/anchored_variable.cc b/src/anchored_variable.cc index 51860d1fe6..83f4209a3e 100644 --- a/src/anchored_variable.cc +++ b/src/anchored_variable.cc @@ -16,6 +16,7 @@ #include #include #include +#include #include #include diff --git a/src/audit_log/audit_log.cc b/src/audit_log/audit_log.cc index 4115d5f34a..3068cbdd63 100644 --- a/src/audit_log/audit_log.cc +++ b/src/audit_log/audit_log.cc @@ -20,6 +20,7 @@ #include #include +#include #include "modsecurity/transaction.h" #include "modsecurity/rule_message.h" diff --git a/src/operators/pm_from_file.cc b/src/operators/pm_from_file.cc index 52651e95cc..7bd778dc62 100644 --- a/src/operators/pm_from_file.cc +++ b/src/operators/pm_from_file.cc @@ -15,6 +15,7 @@ #include "src/operators/pm_from_file.h" +#include #include #include "src/operators/operator.h" diff --git a/src/operators/validate_byte_range.cc b/src/operators/validate_byte_range.cc index 9ad4d2921c..2ee7725c70 100644 --- a/src/operators/validate_byte_range.cc +++ b/src/operators/validate_byte_range.cc @@ -15,6 +15,7 @@ #include "src/operators/validate_byte_range.h" +#include #include #include #include diff --git a/src/request_body_processor/json.cc b/src/request_body_processor/json.cc index 502f8ec369..800377cd54 100644 --- a/src/request_body_processor/json.cc +++ b/src/request_body_processor/json.cc @@ -20,10 +20,12 @@ #include "src/request_body_processor/json.h" #include +#include #include #include #include +#include "modsecurity/transaction.h" #include "src/request_body_processor/json_adapter.h" #include "src/request_body_processor/json_instrumentation.h" @@ -31,7 +33,8 @@ namespace modsecurity::RequestBodyProcessor { static const double json_depth_limit_default = 10000.0; -static const char* json_depth_limit_exceeded_msg = ". Parsing depth limit exceeded"; +static const char *const json_depth_limit_exceeded_msg = + ". Parsing depth limit exceeded"; namespace { @@ -119,11 +122,7 @@ JsonSinkStatus addStringViewAsSinkStatus(JSON *json, std::string_view value) { } // namespace JSON::JSON(Transaction *transaction) : m_transaction(transaction), - m_current_key(""), - m_data(""), - m_max_depth(json_depth_limit_default), - m_current_depth(0), - m_depth_limit_exceeded(false) { + m_max_depth(json_depth_limit_default) { } @@ -185,11 +184,11 @@ bool JSON::complete(std::string *err) { int JSON::addArgument(const std::string& value) { - std::string data(""); + std::string data; std::string path; - for (size_t i = 0; i < m_containers.size(); i++) { - const JSONContainerArray *a = dynamic_cast( + for (size_t i = 0; i < m_containers.size(); i++) { + const auto *a = dynamic_cast( m_containers[i].get()); path = path + m_containers[i]->m_name; if (a != nullptr) { @@ -199,8 +198,8 @@ int JSON::addArgument(const std::string& value) { } } - if (m_containers.size() > 0) { - JSONContainerArray *a = dynamic_cast( + if (!m_containers.empty()) { + auto *a = dynamic_cast( m_containers.back().get()); if (a) { a->m_elementCounter++; diff --git a/src/request_body_processor/json.h b/src/request_body_processor/json.h index 9c70c2ebcf..79c0da958a 100644 --- a/src/request_body_processor/json.h +++ b/src/request_body_processor/json.h @@ -16,15 +16,19 @@ #ifndef SRC_REQUEST_BODY_PROCESSOR_JSON_H_ #define SRC_REQUEST_BODY_PROCESSOR_JSON_H_ +#include #include #include #include #include +#include -#include "modsecurity/transaction.h" -#include "modsecurity/rules_set.h" #include "src/request_body_processor/json_backend.h" +namespace modsecurity { +class Transaction; +} + namespace modsecurity::RequestBodyProcessor { @@ -32,22 +36,21 @@ namespace modsecurity::RequestBodyProcessor { class JSONContainer { public: explicit JSONContainer(const std::string &name) : m_name(name) { } - virtual ~JSONContainer() { } + virtual ~JSONContainer() = default; std::string m_name; }; class JSONContainerArray : public JSONContainer { public: - explicit JSONContainerArray(const std::string &name) : JSONContainer(name), - m_elementCounter(0) { } - size_t m_elementCounter; + using JSONContainer::JSONContainer; + size_t m_elementCounter = 0; }; class JSONContainerMap : public JSONContainer { public: - explicit JSONContainerMap(const std::string &name) : JSONContainer(name) { } + using JSONContainer::JSONContainer; }; @@ -88,7 +91,7 @@ class JSON : public JsonEventSink { std::string getCurrentKey(bool emptyIsNull = false) { std::string ret(m_current_key); - if (m_containers.size() == 0) { + if (m_containers.empty()) { return "json"; } if (m_current_key.empty()) { @@ -109,12 +112,12 @@ class JSON : public JsonEventSink { void clearContainers(); std::deque> m_containers; - Transaction *m_transaction; + Transaction *m_transaction = nullptr; std::string m_current_key; std::string m_data; - double m_max_depth; - int64_t m_current_depth; - bool m_depth_limit_exceeded; + double m_max_depth = 0.0; + int64_t m_current_depth = 0; + bool m_depth_limit_exceeded = false; }; diff --git a/src/request_body_processor/json_backend_jsoncons.cc b/src/request_body_processor/json_backend_jsoncons.cc index 5c64d96929..098b3952a7 100644 --- a/src/request_body_processor/json_backend_jsoncons.cc +++ b/src/request_body_processor/json_backend_jsoncons.cc @@ -22,11 +22,11 @@ #include #include +#include #include #include #include #include -#include #include "src/request_body_processor/json_instrumentation.h" #include @@ -89,13 +89,69 @@ bool isDigit(char value) { return std::isdigit(static_cast(value)) != 0; } -bool isValidJsonNumber(std::string_view token) { - std::size_t index = 0; +bool isExponentMarker(char value) { + return value == 'e' || value == 'E'; +} + +bool isSignedExponent(std::string_view token, std::size_t index) { + return index < token.size() && (token[index] == '+' || token[index] == '-'); +} + +bool parseIntegerPart(std::string_view token, std::size_t *index) { + if (token[*index] == '0') { + (*index)++; + return true; + } + + if (!isDigit(token[*index]) || token[*index] == '0') { + return false; + } + + while (*index < token.size() && isDigit(token[*index])) { + (*index)++; + } + return true; +} + +bool parseFractionPart(std::string_view token, std::size_t *index) { + if (*index >= token.size() || token[*index] != '.') { + return true; + } + + (*index)++; + if (*index == token.size() || !isDigit(token[*index])) { + return false; + } + while (*index < token.size() && isDigit(token[*index])) { + (*index)++; + } + return true; +} +bool parseExponentPart(std::string_view token, std::size_t *index) { + if (*index >= token.size() || !isExponentMarker(token[*index])) { + return true; + } + + (*index)++; + if (isSignedExponent(token, *index)) { + (*index)++; + } + if (*index == token.size() || !isDigit(token[*index])) { + return false; + } + while (*index < token.size() && isDigit(token[*index])) { + (*index)++; + } + return true; +} + +bool isValidJsonNumber(std::string_view token) { if (token.empty()) { return false; } + std::size_t index = 0; if (token[index] == '-') { index++; if (index == token.size()) { @@ -103,38 +159,14 @@ bool isValidJsonNumber(std::string_view token) { } } - if (token[index] == '0') { - index++; - } else { - if (!isDigit(token[index]) || token[index] == '0') { - return false; - } - while (index < token.size() && isDigit(token[index])) { - index++; - } + if (!parseIntegerPart(token, &index)) { + return false; } - - if (index < token.size() && token[index] == '.') { - index++; - if (index == token.size() || !isDigit(token[index])) { - return false; - } - while (index < token.size() && isDigit(token[index])) { - index++; - } + if (!parseFractionPart(token, &index)) { + return false; } - - if (index < token.size() && (token[index] == 'e' || token[index] == 'E')) { - index++; - if (index < token.size() && (token[index] == '+' || token[index] == '-')) { - index++; - } - if (index == token.size() || !isDigit(token[index])) { - return false; - } - while (index < token.size() && isDigit(token[index])) { - index++; - } + if (!parseExponentPart(token, &index)) { + return false; } return index == token.size(); @@ -272,6 +304,13 @@ class RawJsonTokenCursor { } private: + static bool setError(std::string *detail, const char *message) { + if (detail != nullptr) { + *detail = message; + } + return false; + } + static bool isWhitespace(char value) { return std::isspace(static_cast(value)) != 0; } @@ -350,10 +389,8 @@ class RawJsonTokenCursor { const std::size_t start = *offset; if (*offset >= m_input.size() || m_input[*offset] != '"') { - if (detail != nullptr) { - *detail = "Expected raw JSON string token while synchronizing jsoncons events."; - } - return false; + return setError(detail, + "Expected raw JSON string token while synchronizing jsoncons events."); } (*offset)++; @@ -361,27 +398,9 @@ class RawJsonTokenCursor { char current = m_input[*offset]; (*offset)++; if (current == '\\') { - if (*offset >= m_input.size()) { - if (detail != nullptr) { - *detail = "Truncated escape sequence while synchronizing raw JSON string token."; - } + if (!consumeEscapedCharacter(offset, detail)) { return false; } - - char escaped = m_input[*offset]; - (*offset)++; - if (escaped == 'u') { - for (int i = 0; i < 4; i++) { - if (*offset >= m_input.size() - || !isHexDigit(m_input[*offset])) { - if (detail != nullptr) { - *detail = "Invalid Unicode escape while synchronizing raw JSON string token."; - } - return false; - } - (*offset)++; - } - } continue; } @@ -392,17 +411,13 @@ class RawJsonTokenCursor { } if (static_cast(current) < 0x20) { - if (detail != nullptr) { - *detail = "Unexpected control character while synchronizing raw JSON string token."; - } - return false; + return setError(detail, + "Unexpected control character while synchronizing raw JSON string token."); } } - if (detail != nullptr) { - *detail = "Unterminated string token while synchronizing jsoncons events."; - } - return false; + return setError(detail, + "Unterminated string token while synchronizing jsoncons events."); } bool consumeNumber(std::string_view *raw_token, std::string *detail) { @@ -413,63 +428,103 @@ class RawJsonTokenCursor { std::string *detail) const { const std::size_t start = *offset; + if (!consumeNumberSign(offset) + || !consumeIntegerComponent(offset, detail) + || !consumeFractionComponent(offset, detail) + || !consumeExponentComponent(offset, detail)) { + return false; + } + + *raw_token = std::string_view(m_input.data() + start, *offset - start); + return true; + } + + bool consumeEscapedCharacter(std::size_t *offset, std::string *detail) const { + if (*offset >= m_input.size()) { + return setError(detail, + "Truncated escape sequence while synchronizing raw JSON string token."); + } + + const char escaped = m_input[*offset]; + (*offset)++; + if (escaped != 'u') { + return true; + } + + for (int i = 0; i < 4; i++) { + if (*offset >= m_input.size() || !isHexDigit(m_input[*offset])) { + return setError(detail, + "Invalid Unicode escape while synchronizing raw JSON string token."); + } + (*offset)++; + } + return true; + } + + bool consumeNumberSign(std::size_t *offset) const { if (*offset < m_input.size() && m_input[*offset] == '-') { (*offset)++; } + return true; + } + bool consumeIntegerComponent(std::size_t *offset, std::string *detail) const { if (*offset >= m_input.size()) { - if (detail != nullptr) { - *detail = "Unexpected end of input while synchronizing raw JSON number token."; - } - return false; + return setError(detail, + "Unexpected end of input while synchronizing raw JSON number token."); } if (m_input[*offset] == '0') { (*offset)++; - } else { - if (!isDigit(m_input[*offset]) || m_input[*offset] == '0') { - if (detail != nullptr) { - *detail = "Invalid integer component while synchronizing raw JSON number token."; - } - return false; - } - while (*offset < m_input.size() && isDigit(m_input[*offset])) { - (*offset)++; - } + return true; + } + + if (!isDigit(m_input[*offset]) || m_input[*offset] == '0') { + return setError(detail, + "Invalid integer component while synchronizing raw JSON number token."); } - if (*offset < m_input.size() && m_input[*offset] == '.') { + while (*offset < m_input.size() && isDigit(m_input[*offset])) { (*offset)++; - if (*offset >= m_input.size() || !isDigit(m_input[*offset])) { - if (detail != nullptr) { - *detail = "Invalid fraction component while synchronizing raw JSON number token."; - } - return false; - } - while (*offset < m_input.size() && isDigit(m_input[*offset])) { - (*offset)++; - } + } + return true; + } + + bool consumeFractionComponent(std::size_t *offset, std::string *detail) const { + if (*offset >= m_input.size() || m_input[*offset] != '.') { + return true; } + (*offset)++; + if (*offset >= m_input.size() || !isDigit(m_input[*offset])) { + return setError(detail, + "Invalid fraction component while synchronizing raw JSON number token."); + } + + while (*offset < m_input.size() && isDigit(m_input[*offset])) { + (*offset)++; + } + return true; + } + + bool consumeExponentComponent(std::size_t *offset, std::string *detail) const { + if (*offset >= m_input.size() || !isExponentMarker(m_input[*offset])) { + return true; + } + + (*offset)++; if (*offset < m_input.size() - && (m_input[*offset] == 'e' || m_input[*offset] == 'E')) { + && (m_input[*offset] == '+' || m_input[*offset] == '-')) { (*offset)++; - if (*offset < m_input.size() - && (m_input[*offset] == '+' || m_input[*offset] == '-')) { - (*offset)++; - } - if (*offset >= m_input.size() || !isDigit(m_input[*offset])) { - if (detail != nullptr) { - *detail = "Invalid exponent component while synchronizing raw JSON number token."; - } - return false; - } - while (*offset < m_input.size() && isDigit(m_input[*offset])) { - (*offset)++; - } + } + if (*offset >= m_input.size() || !isDigit(m_input[*offset])) { + return setError(detail, + "Invalid exponent component while synchronizing raw JSON number token."); } - *raw_token = std::string_view(m_input.data() + start, *offset - start); + while (*offset < m_input.size() && isDigit(m_input[*offset])) { + (*offset)++; + } return true; } @@ -704,7 +759,7 @@ JsonParseResult parseDocumentWithJsoncons(const std::string &input, std::chrono::steady_clock::now() - event_loop_start).count())); }; const auto finish_with_event_loop = [&record_event_loop]( - JsonParseResult result) { + const JsonParseResult &result) { record_event_loop(); return result; }; @@ -717,8 +772,9 @@ JsonParseResult parseDocumentWithJsoncons(const std::string &input, cursor.current(), cursor.context()); !result.ok()) { #ifdef MSC_JSON_AUDIT_INSTRUMENTATION return finish_with_event_loop(result); -#endif +#else return result; +#endif } cursor.next(error); @@ -726,8 +782,9 @@ JsonParseResult parseDocumentWithJsoncons(const std::string &input, #ifdef MSC_JSON_AUDIT_INSTRUMENTATION return finish_with_event_loop( fromJsonconsError(error, cursor.context())); -#endif +#else return fromJsonconsError(error, cursor.context()); +#endif } } @@ -736,8 +793,9 @@ JsonParseResult parseDocumentWithJsoncons(const std::string &input, #ifdef MSC_JSON_AUDIT_INSTRUMENTATION return finish_with_event_loop(fromJsonconsError(error, cursor.context())); -#endif +#else return fromJsonconsError(error, cursor.context()); +#endif } #ifdef MSC_JSON_AUDIT_INSTRUMENTATION diff --git a/src/request_body_processor/json_backend_simdjson.cc b/src/request_body_processor/json_backend_simdjson.cc index ac7108b5e2..525c1560b3 100644 --- a/src/request_body_processor/json_backend_simdjson.cc +++ b/src/request_body_processor/json_backend_simdjson.cc @@ -22,6 +22,7 @@ #include #include +#include #include #include #include @@ -107,12 +108,12 @@ simdjson::ondemand::parser &getReusableSimdjsonParser() { if (parser == nullptr) { #ifdef MSC_JSON_AUDIT_INSTRUMENTATION const auto parser_start = std::chrono::steady_clock::now(); - parser.reset(new simdjson::ondemand::parser()); + parser = std::make_unique(); recordSimdjsonParserConstruction(static_cast( std::chrono::duration_cast( std::chrono::steady_clock::now() - parser_start).count())); #else - parser.reset(new simdjson::ondemand::parser()); + parser = std::make_unique(); #endif } return *parser; @@ -398,7 +399,7 @@ class JsonBackendWalker { "handling a boolean"); } - JsonParseResult enforceTechnicalDepth(simdjson::ondemand::value value) { + JsonParseResult enforceTechnicalDepth(simdjson::ondemand::value value) const { const int32_t current_depth = value.current_depth(); if (current_depth <= 0) { return makeResult(JsonParseStatus::InternalError, diff --git a/src/request_body_processor/json_instrumentation.cc b/src/request_body_processor/json_instrumentation.cc index b5fae287e6..1d241e84d5 100644 --- a/src/request_body_processor/json_instrumentation.cc +++ b/src/request_body_processor/json_instrumentation.cc @@ -5,6 +5,8 @@ #include "src/request_body_processor/json_instrumentation.h" #include +#include +#include namespace modsecurity::RequestBodyProcessor { namespace { diff --git a/src/request_body_processor/multipart.cc b/src/request_body_processor/multipart.cc index 3ae591671e..02d7f5daf5 100644 --- a/src/request_body_processor/multipart.cc +++ b/src/request_body_processor/multipart.cc @@ -15,6 +15,7 @@ #include "src/request_body_processor/multipart.h" +#include #include #include #include diff --git a/src/request_body_processor/multipart.h b/src/request_body_processor/multipart.h index 08d4ffe920..48c1de304e 100644 --- a/src/request_body_processor/multipart.h +++ b/src/request_body_processor/multipart.h @@ -13,11 +13,14 @@ * */ +#include +#include #include #include #include #include #include +#include #ifndef SRC_REQUEST_BODY_PROCESSOR_MULTIPART_H_ #define SRC_REQUEST_BODY_PROCESSOR_MULTIPART_H_ diff --git a/src/request_body_processor/xml.cc b/src/request_body_processor/xml.cc index cbb7894c9b..a790a43f42 100644 --- a/src/request_body_processor/xml.cc +++ b/src/request_body_processor/xml.cc @@ -15,38 +15,51 @@ #include "src/request_body_processor/xml.h" -#include -#include +#include #include +#include "modsecurity/rules_set.h" +#include "modsecurity/rules_set_properties.h" +#include "modsecurity/transaction.h" -namespace modsecurity { -namespace RequestBodyProcessor { + +namespace modsecurity::RequestBodyProcessor { #ifdef WITH_LIBXML2 +namespace { +bool finalizeArgsParsingContext(xml_data *data, std::string *error) { + if (xmlParseChunk(data->parsing_ctx_arg, nullptr, 0, 1) == 0) { + xmlFreeParserCtxt(data->parsing_ctx_arg); + data->parsing_ctx_arg = nullptr; + return true; + } + + if (!data->xml_error.empty()) { + error->assign(data->xml_error); + } else { + error->assign("XML: Failed to parse document for ARGS."); + } + xmlFreeParserCtxt(data->parsing_ctx_arg); + data->parsing_ctx_arg = nullptr; + return false; +} +} // namespace /* * NodeData for parsing XML into args */ -NodeData::NodeData() { - has_child = false; -} +NodeData::NodeData() = default; -NodeData::~NodeData() {}; +NodeData::~NodeData() = default; /* * XMLNodes for parsing XML into args */ XMLNodes::XMLNodes(Transaction *transaction) - : nodes{}, - node_depth(0), - currpath(""), - currval(""), - currval_is_set(false), - m_transaction(transaction) + : m_transaction(transaction) {} -XMLNodes::~XMLNodes() {}; +XMLNodes::~XMLNodes() = default; /* * SAX handler for parsing XML into args @@ -57,59 +70,56 @@ class MSCSAXHandler { std::string name = reinterpret_cast(localname); - XMLNodes* xml_data = static_cast(ctx); + auto *xml_data = static_cast(ctx); xml_data->nodes.push_back(std::make_shared()); xml_data->node_depth++; - // FIXME - later if we want to check the depth of XML tree - /* if (max_depth > 0 && max_depth > xml_data->node_depth) { - std::cout << "Depth of XML tree reached the given maximum value " << xml_data->node_depth << std::endl; - exit(1); - } */ // if it's not the first (root) item, then append a '.' // note, the condition should always be true because there is always a pseudo root element: 'xml' if (xml_data->nodes.size() > 1) { xml_data->currpath.append("."); - xml_data->nodes[xml_data->nodes.size()-2]->has_child = true; + const std::size_t parent_index = xml_data->nodes.size() - 2; + xml_data->nodes[parent_index]->has_child = true; } xml_data->currpath.append(name); // set the current value empty // this is necessary because if there is any text between the tags (new line, etc) // it will be added to the current value - xml_data->currval = ""; + xml_data->currval.clear(); xml_data->currval_is_set = false; } void onEndElement(void * ctx, const xmlChar *localname) { std::string name = reinterpret_cast(localname); - XMLNodes* xml_data = static_cast(ctx); - const std::shared_ptr& nd = xml_data->nodes[xml_data->nodes.size()-1]; - if (nd->has_child == false) { + auto *xml_data = static_cast(ctx); + if (const auto &nd = + xml_data->nodes.back(); + !nd->has_child && !xml_data->m_transaction->addArgument( + "XML", xml_data->currpath, xml_data->currval, 0)) { // check the return value // if false, then stop parsing // this means the number of arguments reached the limit - if (xml_data->m_transaction->addArgument("XML", xml_data->currpath, xml_data->currval, 0) == false) { - xmlStopParser(xml_data->parsing_ctx_arg); - } + xmlStopParser(xml_data->parsing_ctx_arg); } - if (xml_data->currpath.length() > 0) { + if (!xml_data->currpath.empty()) { // set an offset to store whether this is the first item, in order to know whether to remove the '.' - int offset = (xml_data->nodes.size() > 1) ? 1 : 0; - xml_data->currpath.erase(xml_data->currpath.length() - (name.length()+offset)); + const std::size_t offset = (xml_data->nodes.size() > 1) ? 1 : 0; + xml_data->currpath.erase( + xml_data->currpath.size() - (name.size() + offset)); } xml_data->nodes.pop_back(); xml_data->node_depth--; - xml_data->currval = ""; + xml_data->currval.clear(); xml_data->currval_is_set = false; } void onCharacters(void *ctx, const xmlChar *ch, int len) { - XMLNodes* xml_data = static_cast(ctx); + auto *xml_data = static_cast(ctx); std::string content(reinterpret_cast(ch), len); // libxml2 SAX parser will call this function multiple times // during the parsing of a single node, if the value has multibyte // characters, so we need to concatenate the values - if (xml_data->currval_is_set == false) { + if (!xml_data->currval_is_set) { xml_data->currval = content; xml_data->currval_is_set = true; } else { @@ -121,64 +131,56 @@ class MSCSAXHandler { extern "C" { void MSC_startElement(void *userData, const xmlChar *name, - const xmlChar *prefix, - const xmlChar *URI, - int nb_namespaces, - const xmlChar **namespaces, - int nb_attributes, - int nb_defaulted, - const xmlChar **attributes) { - - MSCSAXHandler* handler = static_cast(userData); + const xmlChar *, + const xmlChar *, + int, + const xmlChar **, + int, + int, + const xmlChar **) { + + auto *handler = static_cast(userData); handler->onStartElement(userData, name); } void MSC_endElement( void *userData, const xmlChar *name, - const xmlChar* prefix, - const xmlChar* URI) { + const xmlChar*, + const xmlChar*) { - MSCSAXHandler* handler = static_cast(userData); + auto *handler = static_cast(userData); handler->onEndElement(userData, name); } void MSC_xmlcharacters(void *userData, const xmlChar *ch, int len) { - MSCSAXHandler* handler = static_cast(userData); + auto *handler = static_cast(userData); handler->onCharacters(userData, ch, len); } } XML::XML(Transaction *transaction) - : m_transaction(transaction) { - m_data.doc = NULL; - m_data.parsing_ctx = NULL; - m_data.sax_handler = NULL; - m_data.xml_error = ""; - m_data.parsing_ctx_arg = NULL; - m_data.xml_parser_state = NULL; -} + : m_transaction(transaction) { } XML::~XML() { - if (m_data.parsing_ctx != NULL) { + if (m_data.parsing_ctx != nullptr) { xmlFreeParserCtxt(m_data.parsing_ctx); - m_data.parsing_ctx = NULL; + m_data.parsing_ctx = nullptr; } - if (m_data.doc != NULL) { + if (m_data.doc != nullptr) { xmlFreeDoc(m_data.doc); - m_data.doc = NULL; + m_data.doc = nullptr; } } bool XML::init() { - //xmlParserInputBufferCreateFilenameFunc entity; if (m_transaction->m_rules->m_secXMLExternalEntity == RulesSetProperties::TrueConfigBoolean) { - /*entity = */xmlParserInputBufferCreateFilenameDefault( + xmlParserInputBufferCreateFilenameDefault( __xmlParserInputBufferCreateFilename); } else { - /*entity = */xmlParserInputBufferCreateFilenameDefault( + xmlParserInputBufferCreateFilenameDefault( this->unloadExternalEntity); } if (m_transaction->m_secXMLParseXmlIntoArgs @@ -198,8 +200,6 @@ bool XML::init() { // set the parser state struct m_data.xml_parser_state = std::make_unique(m_transaction); - m_data.xml_parser_state->node_depth = 0; - m_data.xml_parser_state->currval = ""; // the XML will contain at least one node, which is the pseudo root node 'xml' m_data.xml_parser_state->currpath = "xml."; } @@ -208,9 +208,9 @@ bool XML::init() { } -xmlParserInputBufferPtr XML::unloadExternalEntity(const char *URI, - xmlCharEncoding enc) { - return NULL; +xmlParserInputBufferPtr XML::unloadExternalEntity(const char *, + xmlCharEncoding) { + return nullptr; } @@ -220,30 +220,17 @@ bool XML::processChunk(const char *buf, unsigned int size, * enable us to pass it the first chunk of data so that * it can attempt to auto-detect the encoding. */ - if (m_data.parsing_ctx == NULL && m_data.parsing_ctx_arg == NULL) { + if (m_data.parsing_ctx == nullptr && m_data.parsing_ctx_arg == nullptr) { /* First invocation. */ ms_dbg_a(m_transaction, 4, "XML: Initialising parser."); - /* NOTE When Sax interface is used libxml will not - * create the document object, but we need it. - - msr->xml->sax_handler = (xmlSAXHandler *)apr_pcalloc(msr->mp, - sizeof(xmlSAXHandler)); - if (msr->xml->sax_handler == NULL) return -1; - msr->xml->sax_handler->error = xml_receive_sax_error; - msr->xml->sax_handler->warning = xml_receive_sax_error; - msr->xml->parsing_ctx = xmlCreatePushParserCtxt(msr->xml->sax_handler, - msr, buf, size, "body.xml"); - - */ - if (m_transaction->m_secXMLParseXmlIntoArgs != RulesSetProperties::OnlyArgsConfigXMLParseXmlIntoArgs) { - m_data.parsing_ctx = xmlCreatePushParserCtxt(NULL, NULL, + m_data.parsing_ctx = xmlCreatePushParserCtxt(nullptr, nullptr, buf, size, "body.xml"); - if (m_data.parsing_ctx == NULL) { + if (m_data.parsing_ctx == nullptr) { ms_dbg_a(m_transaction, 4, "XML: Failed to create parsing context."); error->assign("XML: Failed to create parsing context."); @@ -262,8 +249,8 @@ bool XML::processChunk(const char *buf, unsigned int size, m_data.xml_parser_state.get(), buf, size, - NULL); - if (m_data.parsing_ctx_arg == NULL) { + nullptr); + if (m_data.parsing_ctx_arg == nullptr) { error->assign("XML: Failed to create parsing context for ARGS."); return false; } @@ -275,7 +262,7 @@ bool XML::processChunk(const char *buf, unsigned int size, } /* Not a first invocation. */ - if (m_data.parsing_ctx != NULL && + if (m_data.parsing_ctx != nullptr && m_transaction->m_secXMLParseXmlIntoArgs != RulesSetProperties::OnlyArgsConfigXMLParseXmlIntoArgs) { xmlParseChunk(m_data.parsing_ctx, buf, size, 0); @@ -287,7 +274,7 @@ bool XML::processChunk(const char *buf, unsigned int size, } } - if (m_data.parsing_ctx_arg != NULL && + if (m_data.parsing_ctx_arg != nullptr && ( m_transaction->m_secXMLParseXmlIntoArgs == RulesSetProperties::OnlyArgsConfigXMLParseXmlIntoArgs @@ -309,12 +296,12 @@ bool XML::processChunk(const char *buf, unsigned int size, bool XML::complete(std::string *error) { /* Only if we have a context, meaning we've done some work. */ - if (m_data.parsing_ctx != NULL || m_data.parsing_ctx_arg != NULL) { - if (m_data.parsing_ctx != NULL && + if (m_data.parsing_ctx != nullptr || m_data.parsing_ctx_arg != nullptr) { + if (m_data.parsing_ctx != nullptr && m_transaction->m_secXMLParseXmlIntoArgs != RulesSetProperties::OnlyArgsConfigXMLParseXmlIntoArgs) { /* This is how we signal the end of parsing to libxml. */ - xmlParseChunk(m_data.parsing_ctx, NULL, 0, 1); + xmlParseChunk(m_data.parsing_ctx, nullptr, 0, 1); /* Preserve the results for our reference. */ m_data.well_formed = m_data.parsing_ctx->wellFormed; @@ -322,7 +309,7 @@ bool XML::complete(std::string *error) { /* Clean up everything else. */ xmlFreeParserCtxt(m_data.parsing_ctx); - m_data.parsing_ctx = NULL; + m_data.parsing_ctx = nullptr; ms_dbg_a(m_transaction, 4, "XML: Parsing complete (well_formed " \ + std::to_string(m_data.well_formed) + ")."); @@ -332,7 +319,7 @@ bool XML::complete(std::string *error) { return false; } } - if (m_data.parsing_ctx_arg != NULL && + if (m_data.parsing_ctx_arg != nullptr && ( m_transaction->m_secXMLParseXmlIntoArgs == RulesSetProperties::OnlyArgsConfigXMLParseXmlIntoArgs @@ -341,19 +328,9 @@ bool XML::complete(std::string *error) { == RulesSetProperties::TrueConfigXMLParseXmlIntoArgs) ) { /* This is how we signale the end of parsing to libxml. */ - if (xmlParseChunk(m_data.parsing_ctx_arg, NULL, 0, 1) != 0) { - if (m_data.xml_error != "") { - error->assign(m_data.xml_error); - } - else { - error->assign("XML: Failed to parse document for ARGS."); - } - xmlFreeParserCtxt(m_data.parsing_ctx_arg); - m_data.parsing_ctx_arg = NULL; + if (!finalizeArgsParsingContext(&m_data, error)) { return false; } - xmlFreeParserCtxt(m_data.parsing_ctx_arg); - m_data.parsing_ctx_arg = NULL; } } @@ -362,5 +339,4 @@ bool XML::complete(std::string *error) { #endif -} // namespace RequestBodyProcessor -} // namespace modsecurity +} // namespace modsecurity::RequestBodyProcessor diff --git a/src/request_body_processor/xml.h b/src/request_body_processor/xml.h index df766d03b7..87f614fee2 100644 --- a/src/request_body_processor/xml.h +++ b/src/request_body_processor/xml.h @@ -19,18 +19,19 @@ #include #endif +#include #include -#include - -#include "modsecurity/transaction.h" -#include "modsecurity/rules_set.h" +#include #ifndef SRC_REQUEST_BODY_PROCESSOR_XML_H_ #define SRC_REQUEST_BODY_PROCESSOR_XML_H_ - namespace modsecurity { -namespace RequestBodyProcessor { +class Transaction; +} + + +namespace modsecurity::RequestBodyProcessor { #ifdef WITH_LIBXML2 @@ -42,7 +43,7 @@ class NodeData { explicit NodeData(); ~NodeData(); - bool has_child; + bool has_child = false; }; /* @@ -51,14 +52,14 @@ class NodeData { class XMLNodes { public: std::vector> nodes; - unsigned long int node_depth; + unsigned long int node_depth = 0; std::string currpath; std::string currval; - bool currval_is_set; - Transaction *m_transaction; + bool currval_is_set = false; + Transaction *m_transaction = nullptr; // need to store context - this is the same as in xml_data // need to stop parsing if the number of arguments reached the limit - xmlParserCtxtPtr parsing_ctx_arg; + xmlParserCtxtPtr parsing_ctx_arg = nullptr; explicit XMLNodes (Transaction *); ~XMLNodes(); @@ -66,23 +67,21 @@ class XMLNodes { struct xml_data { std::unique_ptr sax_handler; - xmlParserCtxtPtr parsing_ctx; - xmlDocPtr doc; + xmlParserCtxtPtr parsing_ctx = nullptr; + xmlDocPtr doc = nullptr; - unsigned int well_formed; + unsigned int well_formed = 0; /* error reporting and XML array flag */ std::string xml_error; /* additional parser context for arguments */ - xmlParserCtxtPtr parsing_ctx_arg; + xmlParserCtxtPtr parsing_ctx_arg = nullptr; /* parser state for SAX parser */ std::unique_ptr xml_parser_state; }; -typedef struct xml_data xml_data; - class XML { public: explicit XML(Transaction *transaction); @@ -96,13 +95,12 @@ class XML { xml_data m_data; private: - Transaction *m_transaction; + Transaction *m_transaction = nullptr; std::string m_header; }; #endif -} // namespace RequestBodyProcessor -} // namespace modsecurity +} // namespace modsecurity::RequestBodyProcessor #endif // SRC_REQUEST_BODY_PROCESSOR_XML_H_ diff --git a/src/rule_with_actions.cc b/src/rule_with_actions.cc index f6642b67e6..7469be8fe9 100644 --- a/src/rule_with_actions.cc +++ b/src/rule_with_actions.cc @@ -26,6 +26,7 @@ #include #include #include +#include #include "modsecurity/rules_set.h" #include "src/operators/operator.h" diff --git a/src/rule_with_operator.cc b/src/rule_with_operator.cc index 9c356b8fb0..0f8b14c4bb 100644 --- a/src/rule_with_operator.cc +++ b/src/rule_with_operator.cc @@ -18,12 +18,14 @@ #include #include +#include #include #include #include #include #include #include +#include #include "modsecurity/rules_set.h" #include "src/operators/operator.h" diff --git a/src/rules_exceptions.cc b/src/rules_exceptions.cc index 2fb0cf857f..352d3cab83 100644 --- a/src/rules_exceptions.cc +++ b/src/rules_exceptions.cc @@ -15,7 +15,10 @@ #include "modsecurity/rules_exceptions.h" +#include #include +#include +#include #include "src/utils/string.h" #include "src/variables/variable.h" diff --git a/src/rules_set_phases.cc b/src/rules_set_phases.cc index a781930498..88731edda9 100644 --- a/src/rules_set_phases.cc +++ b/src/rules_set_phases.cc @@ -16,6 +16,7 @@ #include #include #include +#include #include #include diff --git a/src/run_time_string.cc b/src/run_time_string.cc index 45f298bc3d..48feeef38b 100644 --- a/src/run_time_string.cc +++ b/src/run_time_string.cc @@ -15,6 +15,7 @@ #include +#include #include "src/run_time_string.h" diff --git a/src/transaction.cc b/src/transaction.cc index 935da02462..c9e1401b7a 100644 --- a/src/transaction.cc +++ b/src/transaction.cc @@ -23,12 +23,16 @@ #include #include +#include #include #include #include #include +#include #include +#include #include +#include #include #include "modsecurity/actions/action.h" diff --git a/src/utils/json_writer.cc b/src/utils/json_writer.cc index 4cd7b1ba5d..1be155f123 100644 --- a/src/utils/json_writer.cc +++ b/src/utils/json_writer.cc @@ -15,6 +15,7 @@ #include "src/utils/json_writer.h" +#include #include #include diff --git a/src/utils/json_writer.h b/src/utils/json_writer.h index ac549d592b..130ec022ea 100644 --- a/src/utils/json_writer.h +++ b/src/utils/json_writer.h @@ -16,6 +16,7 @@ #ifndef SRC_UTILS_JSON_WRITER_H_ #define SRC_UTILS_JSON_WRITER_H_ +#include #include #include #include diff --git a/src/utils/sha1.h b/src/utils/sha1.h index a40d7fa1c8..aa9132c652 100644 --- a/src/utils/sha1.h +++ b/src/utils/sha1.h @@ -16,7 +16,9 @@ #ifndef SRC_UTILS_SHA1_H_ #define SRC_UTILS_SHA1_H_ +#include #include +#include #include #include "src/utils/string.h" diff --git a/src/utils/string.h b/src/utils/string.h index ca2967aa5f..8933a5f884 100644 --- a/src/utils/string.h +++ b/src/utils/string.h @@ -18,6 +18,7 @@ #include #include +#include #include #include #include diff --git a/src/variables/variable.cc b/src/variables/variable.cc index caf8f6fd88..ca1eacfe56 100644 --- a/src/variables/variable.cc +++ b/src/variables/variable.cc @@ -16,6 +16,7 @@ #include "src/variables/variable.h" #include +#include #include #include #include diff --git a/test/common/modsecurity_test.cc b/test/common/modsecurity_test.cc index bec67285c4..dc3e55a261 100644 --- a/test/common/modsecurity_test.cc +++ b/test/common/modsecurity_test.cc @@ -45,6 +45,13 @@ std::string ModSecurityTest::header() { template bool ModSecurityTest::load_test_json(const std::string &file) { + auto reportParsingError = [&file](const std::string &error_message) { + std::cout << "Problems parsing file: " << file << std::endl; + if (error_message.empty() == false) { + std::cout << error_message << std::endl; + } + }; + std::string error; modsecurity_test::json::JsonDocument document; @@ -58,10 +65,7 @@ bool ModSecurityTest::load_test_json(const std::string &file) { if (modsecurity_test::json::load_document(file, &document, &error) == false) { - std::cout << "Problems parsing file: " << file << std::endl; - if (error.empty() == false) { - std::cout << error << std::endl; - } + reportParsingError(error); return false; } @@ -74,10 +78,7 @@ bool ModSecurityTest::load_test_json(const std::string &file) { modsecurity_test::json::JsonArray tests; if (modsecurity_test::json::get(document.get_array(), &tests, &error) == false) { - std::cout << "Problems parsing file: " << file << std::endl; - if (error.empty() == false) { - std::cout << error << std::endl; - } + reportParsingError(error); return false; } @@ -85,10 +86,7 @@ bool ModSecurityTest::load_test_json(const std::string &file) { modsecurity_test::json::JsonValue value; if (modsecurity_test::json::get(std::move(test_result), &value, &error) == false) { - std::cout << "Problems parsing file: " << file << std::endl; - if (error.empty() == false) { - std::cout << error << std::endl; - } + reportParsingError(error); return false; }