From 645c9dcb4a348010b51629b2e98e4302abc8bed4 Mon Sep 17 00:00:00 2001
From: Claudio <claudio@r2c.dev>
Date: Mon, 8 Jul 2024 12:27:33 +0200
Subject: [PATCH] Fix subcategory

---
 go/lang/security/audit/crypto/missing-ssl-minversion.yaml  | 2 +-
 ...ntercom-settings-user-identifier-without-user-hash.yaml | 4 ++--
 python/django/security/django-no-csrf-token.yaml           | 4 ++--
 .../security/django-using-request-post-after-is-valid.yaml | 4 ++--
 terraform/aws/security/aws-provisioner-exec.yaml           | 7 +++++--
 5 files changed, 12 insertions(+), 9 deletions(-)

diff --git a/go/lang/security/audit/crypto/missing-ssl-minversion.yaml b/go/lang/security/audit/crypto/missing-ssl-minversion.yaml
index c2a9d46741..fdbcf08f88 100644
--- a/go/lang/security/audit/crypto/missing-ssl-minversion.yaml
+++ b/go/lang/security/audit/crypto/missing-ssl-minversion.yaml
@@ -23,7 +23,7 @@ rules:
     - go
     confidence: HIGH
     subcategory:
-    - guardrail
+    - audit
     likelihood: MEDIUM
     impact: LOW
   languages: [go]
diff --git a/javascript/intercom/security/audit/intercom-settings-user-identifier-without-user-hash.yaml b/javascript/intercom/security/audit/intercom-settings-user-identifier-without-user-hash.yaml
index c7adaef0fb..683a7a6dd2 100644
--- a/javascript/intercom/security/audit/intercom-settings-user-identifier-without-user-hash.yaml
+++ b/javascript/intercom/security/audit/intercom-settings-user-identifier-without-user-hash.yaml
@@ -27,7 +27,7 @@ rules:
           ...
           Intercom('boot', $VAR);
     message: Found an initialization of the Intercom Messenger that identifies a
-      User, but does not specify a `user_hash`.This configuration allows users
+      User, but does not specify a `user_hash`. This configuration allows users
       to impersonate one another. See the Intercom Identity Verification docs
       for more context
       https://www.intercom.com/help/en/articles/183-set-up-identity-verification-for-web-and-mobile
@@ -37,7 +37,7 @@ rules:
     metadata:
       category: security
       subcategory:
-        - guardrail
+        - audit
       cwe:
         - "CWE-287: Improper Authentication"
       confidence: MEDIUM
diff --git a/python/django/security/django-no-csrf-token.yaml b/python/django/security/django-no-csrf-token.yaml
index 945adc69c1..174d640029 100644
--- a/python/django/security/django-no-csrf-token.yaml
+++ b/python/django/security/django-no-csrf-token.yaml
@@ -14,7 +14,7 @@ rules:
           regex: (?i)(post|put|delete|patch)
       - pattern-not-inside: "<form...>...{% csrf_token %}...</form>"
       - pattern-not-inside: "<form...>...{{ $VAR.csrf_token }}...</form>"
-    message: Manually-created forms in django templates should specify a csrf_token to prevent CSRF attacks
+    message: Manually-created forms in django templates should specify a csrf_token to prevent CSRF attacks.
     languages: [generic]
     severity: WARNING
     metadata:
@@ -26,7 +26,7 @@ rules:
       likelihood: MEDIUM
       impact: MEDIUM
       subcategory:
-        - guardrail
+        - audit
       technology:
         - django
     paths:
diff --git a/python/django/security/django-using-request-post-after-is-valid.yaml b/python/django/security/django-using-request-post-after-is-valid.yaml
index 19f4f2e4bd..425eaa90d5 100644
--- a/python/django/security/django-using-request-post-after-is-valid.yaml
+++ b/python/django/security/django-using-request-post-after-is-valid.yaml
@@ -22,6 +22,6 @@ rules:
       likelihood: MEDIUM
       impact: MEDIUM
       subcategory:
-        - guardrail
+        - audit
       technology:
-        - django
\ No newline at end of file
+        - django
diff --git a/terraform/aws/security/aws-provisioner-exec.yaml b/terraform/aws/security/aws-provisioner-exec.yaml
index bfef15e3ba..d020eb9424 100644
--- a/terraform/aws/security/aws-provisioner-exec.yaml
+++ b/terraform/aws/security/aws-provisioner-exec.yaml
@@ -14,7 +14,10 @@ rules:
           ...
       }
   id: aws-provisioner-exec
-  message: Provisioners are a tool of last resort and should be avoided where possible. Provisioner behavior cannot be mapped by Terraform as part of a plan, and execute arbitrary shell commands by design.
+  message: >-
+    Provisioners are a tool of last resort and should be avoided where possible.
+    Provisioner behavior cannot be mapped by Terraform as part of a plan,
+    and execute arbitrary shell commands by design.
   languages:
   - terraform
   severity: WARNING
@@ -27,7 +30,7 @@ rules:
     - "CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection')"
     - "CWE-94: Improper Control of Generation of Code ('Code Injection')"
     subcategory:
-    - guardrail
+    - audit
     confidence: HIGH
     likelihood: HIGH
     impact: MEDIUM