From 4498f00b2a2341028cde847a901c7aba55a3e063 Mon Sep 17 00:00:00 2001
From: Lena Orobei <oorobei@magento.com>
Date: Wed, 29 May 2019 10:20:39 -0500
Subject: [PATCH] REPO-209: [EQP] Increase the severity level to 10 for
 insecure functions

---
 .../Sniffs/Security/InsecureFunctionSniff.php   |  9 +--------
 .../Tests/Security/InsecureFunctionUnitTest.php | 17 +++++++++--------
 Magento2/ruleset.xml                            |  8 ++++----
 3 files changed, 14 insertions(+), 20 deletions(-)

diff --git a/Magento2/Sniffs/Security/InsecureFunctionSniff.php b/Magento2/Sniffs/Security/InsecureFunctionSniff.php
index b432f454..16c69030 100644
--- a/Magento2/Sniffs/Security/InsecureFunctionSniff.php
+++ b/Magento2/Sniffs/Security/InsecureFunctionSniff.php
@@ -12,13 +12,6 @@
  */
 class InsecureFunctionSniff extends ForbiddenFunctionsSniff
 {
-    /**
-     * If true, an error will be thrown; otherwise a warning.
-     *
-     * @var boolean
-     */
-    public $error = false;
-
     /**
      * List of patterns for forbidden functions.
      *
@@ -38,7 +31,7 @@ class InsecureFunctionSniff extends ForbiddenFunctionsSniff
         'system' => null,
         'unserialize' => '\Magento\Framework\Serialize\SerializerInterface::unserialize',
         'srand' => null,
-        'mt_srand'=> null,
+        'mt_srand' => null,
         'mt_rand' => 'random_int',
     ];
 }
diff --git a/Magento2/Tests/Security/InsecureFunctionUnitTest.php b/Magento2/Tests/Security/InsecureFunctionUnitTest.php
index c7b8210e..772831f0 100644
--- a/Magento2/Tests/Security/InsecureFunctionUnitTest.php
+++ b/Magento2/Tests/Security/InsecureFunctionUnitTest.php
@@ -3,6 +3,7 @@
  * Copyright © Magento. All rights reserved.
  * See COPYING.txt for license details.
  */
+
 namespace Magento2\Tests\Security;
 
 use PHP_CodeSniffer\Tests\Standards\AbstractSniffUnitTest;
@@ -16,14 +17,6 @@ class InsecureFunctionUnitTest extends AbstractSniffUnitTest
      * @inheritdoc
      */
     public function getErrorList()
-    {
-        return [];
-    }
-
-    /**
-     * @inheritdoc
-     */
-    public function getWarningList()
     {
         return [
             3 => 1,
@@ -43,4 +36,12 @@ public function getWarningList()
             31 => 1,
         ];
     }
+
+    /**
+     * @inheritdoc
+     */
+    public function getWarningList()
+    {
+        return [];
+    }
 }
diff --git a/Magento2/ruleset.xml b/Magento2/ruleset.xml
index 91aa12fb..98f53fe2 100644
--- a/Magento2/ruleset.xml
+++ b/Magento2/ruleset.xml
@@ -65,6 +65,10 @@
         <exclude-pattern>*/Test/*</exclude-pattern>
         <exclude-pattern>*Test.php</exclude-pattern>
     </rule>
+    <rule ref="Magento2.Security.InsecureFunction">
+        <severity>10</severity>
+        <type>error</type>
+    </rule>
     <rule ref="Magento2.Security.LanguageConstruct">
         <severity>10</severity>
         <type>error</type>
@@ -104,10 +108,6 @@
         <severity>9</severity>
         <type>warning</type>
     </rule>
-    <rule ref="Magento2.Security.InsecureFunction">
-        <severity>9</severity>
-        <type>warning</type>
-    </rule>
     <rule ref="Magento2.Security.Superglobal.SuperglobalUsageWarning">
         <severity>9</severity>
         <type>warning</type>