Update rationale.adoc (#3520)

SonarSource · Dec 21, 2023 · 014db5e · 014db5e
1 parent 50c8c02
commit 014db5e
Show file tree

Hide file tree

Showing 4 changed files with 9 additions and 10 deletions.
diff --git a/rules/S2225/vbnet/rule.adoc b/rules/S2225/vbnet/rule.adoc
@@ -1,6 +1,6 @@
 == Why is this an issue?
 
-Calling https://learn.microsoft.com/en-us/dotnet/api/system.object.tostring[ToString()] on an object should always return a `string`. Thus, overriding the ToString method should never return `Nothing`, as it breaks the method's implicit contract, and as a result the consumer's expectations.
+Calling https://learn.microsoft.com/en-us/dotnet/api/system.object.tostring[ToString()] on an object should always return a `string`. Thus, overriding the ToString method should never return `Nothing` because it breaks the method's implicit contract, and as a result the consumer's expectations.
 
 [source,vbnet,diff-id=1,diff-type=noncompliant]
 ----

diff --git a/rules/S5542/rationale.adoc b/rules/S5542/rationale.adoc
@@ -17,11 +17,10 @@ For these reasons, as soon as cryptography is included in a project, it is
 important to choose encryption algorithms that are considered strong and secure
 by the cryptography community.
 
-For AES, the weakest modes are CBC (Cipher Block Chaining) and ECB
-
-(Electronic Codebook), as they are either vulnerable to padding oracles or do
+For AES, the weakest modes are CBC (Cipher Block Chaining) and ECB (Electronic Codebook) 
+because they are either vulnerable to padding oracles or do
 not provide authentication mechanisms.
 
-And for RSA, the weakest algorithms are either using it without padding or
+For RSA, the weakest algorithms are either using it without padding or
 using the PKCS1v1.5 padding scheme.
 
diff --git a/rules/S5547/rationale.adoc b/rules/S5547/rationale.adoc
@@ -2,9 +2,9 @@ Encryption algorithms are essential for protecting sensitive information and
 ensuring secure communication in various domains. They are used for several
 important reasons:
 
-* Confidentiality, privacy, and intellectual property protection.
-* Security during transmission or on storage devices.
-* Data integrity, general trust, and authentication.
+* Confidentiality, privacy, and intellectual property protection
+* Security during transmission or on storage devices
+* Data integrity, general trust, and authentication
 
 When selecting encryption algorithms, tools, or combinations, you should also
 consider two things:

diff --git a/rules/S5659/common/fix/decode.adoc b/rules/S5659/common/fix/decode.adoc
@@ -10,7 +10,7 @@ Every time your application receives a JWT, it needs to decode the token to
 extract the information contained within. It is during this decoding process
 that the signature of the JWT should also be checked.
 
-To resolve the issue follow these instructions:
+To resolve the issue, follow these instructions:
 
 1. Use framework-specific functions for signature verification: Most programming
 frameworks that support JWTs provide specific functions to not only decode a
@@ -19,7 +19,7 @@ functions when handling incoming tokens.
 
 2. Handle invalid signatures appropriately: If a JWT's signature does not
 validate correctly, it means the token is not trustworthy, indicating potential
-tampering. The action to take on encountering an invalid token should be denying
+tampering. The action to take when encountering an invalid token should be denying
 the request carrying it and logging the event for further investigation.
 
 3. Incorporate signature validation in your tests: When you are writing tests