SONARJAVA-5601 Update rule metadata

alban-auzeill · alban-auzeill · commit 2249ea0625c6 · 2025-05-28T14:27:04.000+02:00
diff --git a/java-symbolic-execution/java-symbolic-execution-plugin/src/main/resources/org/sonar/l10n/java/rules/javase/S2755.html b/java-symbolic-execution/java-symbolic-execution-plugin/src/main/resources/org/sonar/l10n/java/rules/javase/S2755.html
@@ -170,9 +170,13 @@ <h3>Standards</h3>
   <li> OWASP - <a href="https://owasp.org/Top10/A05_2021-Security_Misconfiguration/">Top 10 2021 Category A5 - Security Misconfiguration</a> </li>
   <li> OWASP - <a href="https://owasp.org/www-project-top-ten/2017/A4_2017-XML_External_Entities_(XXE)">Top 10 2017 Category A4 - XML External
   Entities (XXE)</a> </li>
+  <li> OWASP - <a href="https://owasp.org/www-project-mobile-top-10/2023-risks/m4-insufficient-input-output-validation">Mobile Top 10 2024 Category M4
+  - Insufficient Input/Output Validation</a> </li>
+  <li> OWASP - <a href="https://owasp.org/www-project-mobile-top-10/2023-risks/m8-security-misconfiguration">Mobile Top 10 2024 Category M8 - Security
+  Misconfiguration</a> </li>
   <li> CWE - <a href="https://cwe.mitre.org/data/definitions/611">CWE-611 - Information Exposure Through XML External Entity Reference</a> </li>
   <li> CWE - <a href="https://cwe.mitre.org/data/definitions/827">CWE-827 - Improper Control of Document Type Definition</a> </li>
-  <li> STIG Viewer - <a href="https://stigviewer.com/stig/application_security_and_development/2023-06-08/finding/V-222608">Application Security and
+  <li> STIG Viewer - <a href="https://stigviewer.com/stigs/application_security_and_development/2024-12-06/finding/V-222608">Application Security and
   Development: V-222608</a> - The application must not be vulnerable to XML-oriented attacks. </li>
 </ul>
 
diff --git a/java-symbolic-execution/java-symbolic-execution-plugin/src/main/resources/org/sonar/l10n/java/rules/javase/S2755.json b/java-symbolic-execution/java-symbolic-execution-plugin/src/main/resources/org/sonar/l10n/java/rules/javase/S2755.json
@@ -31,6 +31,10 @@
     "OWASP Top 10 2021": [
       "A5"
     ],
+    "OWASP Mobile Top 10 2024": [
+      "M4",
+      "M8"
+    ],
     "PCI DSS 3.2": [
       "6.5.1"
     ],
diff --git a/java-symbolic-execution/java-symbolic-execution-plugin/src/main/resources/org/sonar/l10n/java/rules/javase/S3518.html b/java-symbolic-execution/java-symbolic-execution-plugin/src/main/resources/org/sonar/l10n/java/rules/javase/S3518.html
@@ -52,7 +52,7 @@ <h3>Standards</h3>
   <li> CWE - <a href="https://cwe.mitre.org/data/definitions/369">CWE-369 - Divide by zero</a> </li>
   <li> <a href="https://wiki.sei.cmu.edu/confluence/x/CTZGBQ">CERT, NUM02-J.</a> - Ensure that division and remainder operations do not result in
   divide-by-zero errors </li>
-  <li> STIG Viewer - <a href="https://stigviewer.com/stig/application_security_and_development/2023-06-08/finding/V-222612">Application Security and
+  <li> STIG Viewer - <a href="https://stigviewer.com/stigs/application_security_and_development/2024-12-06/finding/V-222612">Application Security and
   Development: V-222612</a> - The application must not be vulnerable to overflow attacks. </li>
 </ul>
 
diff --git a/java-symbolic-execution/java-symbolic-execution-plugin/src/main/resources/org/sonar/l10n/java/rules/javase/S6373.html b/java-symbolic-execution/java-symbolic-execution-plugin/src/main/resources/org/sonar/l10n/java/rules/javase/S6373.html
@@ -96,9 +96,13 @@ <h3>Standards</h3>
   <li> OWASP - <a href="https://owasp.org/www-project-top-ten/2017/A4_2017-XML_External_Entities_(XXE)">Top 10 2017 - Category A4 - XML External
   Entities (XXE)</a> </li>
   <li> OWASP - <a href="https://owasp.org/Top10/A05_2021-Security_Misconfiguration/">Top 10 2021 - Category A5 - Security Misconfiguration</a> </li>
+  <li> OWASP - <a href="https://owasp.org/www-project-mobile-top-10/2023-risks/m4-insufficient-input-output-validation">Mobile Top 10 2024 Category M4
+  - Insufficient Input/Output Validation</a> </li>
+  <li> OWASP - <a href="https://owasp.org/www-project-mobile-top-10/2023-risks/m8-security-misconfiguration">Mobile Top 10 2024 Category M8 - Security
+  Misconfiguration</a> </li>
   <li> CWE - <a href="https://cwe.mitre.org/data/definitions/611">CWE-611 - Improper Restriction of XML External Entity Reference</a> </li>
   <li> CWE - <a href="https://cwe.mitre.org/data/definitions/827">CWE-827 - Improper Control of Document Type Definition</a> </li>
-  <li> STIG Viewer - <a href="https://stigviewer.com/stig/application_security_and_development/2023-06-08/finding/V-222608">Application Security and
+  <li> STIG Viewer - <a href="https://stigviewer.com/stigs/application_security_and_development/2024-12-06/finding/V-222608">Application Security and
   Development: V-222608</a> - The application must not be vulnerable to XML-oriented attacks. </li>
 </ul>
 
diff --git a/java-symbolic-execution/java-symbolic-execution-plugin/src/main/resources/org/sonar/l10n/java/rules/javase/S6373.json b/java-symbolic-execution/java-symbolic-execution-plugin/src/main/resources/org/sonar/l10n/java/rules/javase/S6373.json
@@ -30,6 +30,10 @@
     "OWASP Top 10 2021": [
       "A5"
     ],
+    "OWASP Mobile Top 10 2024": [
+      "M4",
+      "M8"
+    ],
     "PCI DSS 3.2": [
       "6.5.1"
     ],
diff --git a/java-symbolic-execution/java-symbolic-execution-plugin/src/main/resources/org/sonar/l10n/java/rules/javase/S6376.html b/java-symbolic-execution/java-symbolic-execution-plugin/src/main/resources/org/sonar/l10n/java/rules/javase/S6376.html
@@ -84,13 +84,17 @@ <h3>Standards</h3>
   <li> OWASP - <a href="https://owasp.org/Top10/A05_2021-Security_Misconfiguration/">Top 10 2021 Category A5 - Security Misconfiguration</a> </li>
   <li> OWASP - <a href="https://owasp.org/www-project-top-ten/2017/A4_2017-XML_External_Entities_(XXE)">Top 10 2017 Category A4 - XML External
   Entities (XXE)</a> </li>
+  <li> OWASP - <a href="https://owasp.org/www-project-mobile-top-10/2023-risks/m4-insufficient-input-output-validation">Mobile Top 10 2024 Category M4
+  - Insufficient Input/Output Validation</a> </li>
+  <li> OWASP - <a href="https://owasp.org/www-project-mobile-top-10/2023-risks/m8-security-misconfiguration">Mobile Top 10 2024 Category M8 - Security
+  Misconfiguration</a> </li>
   <li> CWE - <a href="https://cwe.mitre.org/data/definitions/776">CWE-776 - Improper Restriction of Recursive Entity References in DTDs ('XML Entity
   Expansion')</a> </li>
-  <li> STIG Viewer - <a href="https://stigviewer.com/stig/application_security_and_development/2023-06-08/finding/V-222593">Application Security and
+  <li> STIG Viewer - <a href="https://stigviewer.com/stigs/application_security_and_development/2024-12-06/finding/V-222593">Application Security and
   Development: V-222593</a> - XML-based applications must mitigate DoS attacks by using XML filters, parser options, or gateways. </li>
-  <li> STIG Viewer - <a href="https://stigviewer.com/stig/application_security_and_development/2023-06-08/finding/V-222667">Application Security and
+  <li> STIG Viewer - <a href="https://stigviewer.com/stigs/application_security_and_development/2024-12-06/finding/V-222667">Application Security and
   Development: V-222667</a> - Protections against DoS attacks must be implemented. </li>
-  <li> STIG Viewer - <a href="https://stigviewer.com/stig/application_security_and_development/2023-06-08/finding/V-222608">Application Security and
+  <li> STIG Viewer - <a href="https://stigviewer.com/stigs/application_security_and_development/2024-12-06/finding/V-222608">Application Security and
   Development: V-222608</a> - The application must not be vulnerable to XML-oriented attacks. </li>
 </ul>
 
diff --git a/java-symbolic-execution/java-symbolic-execution-plugin/src/main/resources/org/sonar/l10n/java/rules/javase/S6376.json b/java-symbolic-execution/java-symbolic-execution-plugin/src/main/resources/org/sonar/l10n/java/rules/javase/S6376.json
@@ -21,18 +21,30 @@
   "scope": "Main",
   "securityStandards": {
     "CWE": [
-      776
+      611,
+      827
     ],
     "OWASP": [
       "A4"
     ],
     "OWASP Top 10 2021": [
       "A5"
     ],
+    "OWASP Mobile Top 10 2024": [
+      "M4",
+      "M8"
+    ],
+    "PCI DSS 3.2": [
+      "6.5.1"
+    ],
+    "PCI DSS 4.0": [
+      "6.2.4"
+    ],
+    "ASVS 4.0": [
+      "5.5.2"
+    ],
     "STIG ASD_V5R3": [
-      "V-222593",
-      "V-222608",
-      "V-222667"
+      "V-222608"
     ]
   },
   "quickfix": "infeasible"
diff --git a/java-symbolic-execution/java-symbolic-execution-plugin/src/main/resources/org/sonar/l10n/java/rules/javase/S6377.html b/java-symbolic-execution/java-symbolic-execution-plugin/src/main/resources/org/sonar/l10n/java/rules/javase/S6377.html
@@ -59,7 +59,7 @@ <h3>Standards</h3>
   <li> OWASP - <a href="https://owasp.org/www-project-top-ten/2017/A3_2017-Sensitive_Data_Exposure">Top 10 2017 Category A3 - Sensitive Data
   Exposure</a> </li>
   <li> CWE - <a href="https://cwe.mitre.org/data/definitions/347">CWE-347 - Improper Verification of Cryptographic Signature</a> </li>
-  <li> STIG Viewer - <a href="https://stigviewer.com/stig/application_security_and_development/2023-06-08/finding/V-222608">Application Security and
+  <li> STIG Viewer - <a href="https://stigviewer.com/stigs/application_security_and_development/2024-12-06/finding/V-222608">Application Security and
   Development: V-222608</a> - The application must not be vulnerable to XML-oriented attacks. </li>
 </ul>
 
diff --git a/java-symbolic-execution/sonarpedia.json b/java-symbolic-execution/sonarpedia.json
@@ -3,7 +3,7 @@
   "languages": [
     "JAVA"
   ],
-  "latest-update": "2024-09-09T13:33:21.851483206Z",
+  "latest-update": "2025-05-28T09:18:03.967696229Z",
   "options": {
     "no-language-in-filenames": true,
     "preserve-filenames": false
diff --git a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2384.html b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S2384.html
@@ -7,20 +7,22 @@ <h2>Why is this an issue?</h2>
 <h3>Exceptions</h3>
 <p>The rule violation is not reported for mutable values stored in private methods if no non-private methods directly passes a mutable parameter to
 them.</p>
+<p>Similarly, rule violations are not reported for mutable values returned by a private getter if that getter’s value is not directly exposed by a
+non-private method.</p>
 <h3>Noncompliant code example</h3>
 <pre>
 class A {
-  private String [] strings;
+  private String[] strings;
 
   public A () {
     strings = new String[]{"first", "second"};
   }
 
-  public String [] getStrings() {
+  public String[] getStrings() {
     return strings; // Noncompliant
   }
 
-  public void setStrings(String [] strings) {
+  public void setStrings(String[] strings) {
     this.strings = strings;  // Noncompliant
   }
 }
@@ -43,15 +45,19 @@ <h3>Compliant solution</h3>
     strings = new String[]{"first", "second"};
   }
 
-  public String [] getStrings() {
-    return strings.clone();
+  public String[] getStrings() {
+    return getStringsInternal().clone();
+  }
+
+  private String[] getStringsInternal() {
+    return strings;
   }
 
-  private void setStringsInternal(String [] strings) {
+  private void setStringsInternal(String[] strings) {
     this.strings = strings;
   }
 
-  public void setStrings(String [] strings) {
+  public void setStrings(String[] strings) {
     this.strings = strings.clone();
   }
 }
diff --git a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S4790.html b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S4790.html
@@ -1,7 +1,9 @@
 <p>Cryptographic hash algorithms such as <code>MD2</code>, <code>MD4</code>, <code>MD5</code>, <code>MD6</code>, <code>HAVAL-128</code>,
-<code>HMAC-MD5</code>, <code>DSA</code> (which uses <code>SHA-1</code>), <code>RIPEMD</code>, <code>RIPEMD-128</code>, <code>RIPEMD-160</code>,
-<code>HMACRIPEMD160</code> and <code>SHA-1</code> are no longer considered secure, because it is possible to have <code>collisions</code> (little
-computational effort is enough to find two or more different inputs that produce the same hash).</p>
+<code>DSA</code> (which uses <code>SHA-1</code>), <code>RIPEMD</code>, <code>RIPEMD-128</code>, <code>RIPEMD-160</code>and <code>SHA-1</code> are no
+longer considered secure, because it is possible to have <code>collisions</code> (little computational effort is enough to find two or more different
+inputs that produce the same hash).</p>
+<p>Message authentication code (MAC) algorithms such as <code>HMAC-MD5</code> or <code>HMAC-SHA1</code> use weak hash functions as building blocks.
+Although they are not all proven to be weak, they are considered legacy algorithms and should be avoided.</p>
 <h2>Ask Yourself Whether</h2>
 <p>The hashed value is used in a security context like:</p>
 <ul>
diff --git a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S5324.html b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S5324.html
@@ -3,7 +3,7 @@
 <p>Files created on the external storage are globally readable and writable. Therefore, a malicious application having the permissions
 <code>WRITE_EXTERNAL_STORAGE</code> or <code>READ_EXTERNAL_STORAGE</code> could try to read sensitive information from the files that other
 applications have stored on the external storage.</p>
-<p>External storage can also be removed by the user (e.g when based on SD card) making the files unavailable to the application.</p>
+<p>External storage can also be removed by the user (e.g. when based on SD card) making the files unavailable to the application.</p>
 <h2>Ask Yourself Whether</h2>
 <p>Your application uses external storage to:</p>
 <ul>
@@ -22,7 +22,7 @@ <h2>Recommended Secure Coding Practices</h2>
   <li> As some external storage can be removed, make sure to never store files on it that are critical for the usability of your application. </li>
 </ul>
 <h2>Sensitive Code Example</h2>
-<pre>
+<pre data-diff-id="1" data-diff-type="noncompliant">
 import android.content.Context;
 
 public class AccessExternalFiles {
@@ -33,7 +33,7 @@ <h2>Sensitive Code Example</h2>
 }
 </pre>
 <h2>Compliant Solution</h2>
-<pre>
+<pre data-diff-id="1" data-diff-type="compliant">
 import android.content.Context;
 
 public class AccessExternalFiles {
diff --git a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S5445.html b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S5445.html
@@ -79,8 +79,6 @@ <h3>Documentation</h3>
 <h3>Standards</h3>
 <ul>
   <li> OWASP - <a href="https://owasp.org/Top10/A01_2021-Broken_Access_Control/">Top 10 2021 Category A1 - Broken Access Control</a> </li>
-  <li> OWASP - <a href="https://owasp.org/www-project-top-ten/2017/A9_2017-Using_Components_with_Known_Vulnerabilities">Top 10 2017 Category A9 -
-  Using Components with Known Vulnerabilities</a> </li>
   <li> CWE - <a href="https://cwe.mitre.org/data/definitions/377">CWE-377 - Insecure Temporary File</a> </li>
   <li> CWE - <a href="https://cwe.mitre.org/data/definitions/379">CWE-379 - Creation of Temporary File in Directory with Incorrect Permissions</a>
   </li>
diff --git a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S5445.json b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S5445.json
@@ -24,9 +24,6 @@
       377,
       379
     ],
-    "OWASP": [
-      "A9"
-    ],
     "OWASP Top 10 2021": [
       "A1"
     ],
diff --git a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S5679.html b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S5679.html
@@ -86,12 +86,8 @@ <h3>Articles &amp; blog posts</h3>
 </ul>
 <h2>Standards</h2>
 <ul>
-  <li> OWASP - <a href="https://owasp.org/Top10/A06_2021-Vulnerable_and_Outdated_Components/">Top 10 2021 Category A6 - Vulnerable and Outdated
-  Components</a> </li>
   <li> OWASP - <a href="https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures/">Top 10 2021 Category A7 - Identification and
   Authentication Failures</a> </li>
-  <li> OWASP - <a href="https://owasp.org/www-project-top-ten/2017/A9_2017-Using_Components_with_Known_Vulnerabilities">Top 10 2017 Category A9 -
-  Using Components with Known Vulnerabilities</a> </li>
   <li> OWASP - <a href="https://owasp.org/www-project-top-ten/2017/A2_2017-Broken_Authentication">Top 10 2017 Category A2 - Broken Authentication</a>
   </li>
 </ul>
diff --git a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S5679.json b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S5679.json
@@ -21,11 +21,9 @@
   "scope": "Main",
   "securityStandards": {
     "OWASP": [
-      "A9",
       "A2"
     ],
     "OWASP Top 10 2021": [
-      "A6",
       "A7"
     ],
     "PCI DSS 3.2": [
diff --git a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S7409.json b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S7409.json
@@ -1,5 +1,5 @@
 {
-  "title": "Exposing Java objects through JavaScript interfaces is security-sensitive",
+  "title": "Exposing native code through JavaScript interfaces is security-sensitive",
   "type": "SECURITY_HOTSPOT",
   "status": "ready",
   "remediation": {
diff --git a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S7476.html b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S7476.html
@@ -3,17 +3,19 @@ <h2>Why is this an issue?</h2>
 <p>In Java 22 and earlier, comments starting with more than 2 slashes were treated as normal comments. Accidentally writing comments with three or
 more slashes can lead to unintended JavaDoc being generated, when migrating to Java 23.</p>
 <h3>What is the potential impact?</h3>
+<p>Comments starting with three or more slashes will increase the migration cost when upgrading to Java 23 or later. Moreover, IDE or other tools may
+handle such comments as JavaDoc comments if they are not aware of the Java version.</p>
+<h3>Exceptions</h3>
 <ul>
-  <li> Accidental JavaDoc generation where normal comments were intended. </li>
-  <li> Misleading or broken documentation output. </li>
-  <li> Increased maintenance burden when upgrading to Java 23 or later. </li>
+  <li> The rule does not raise issues on license headers at the start of files because they will not be considered as JavaDoc comments. </li>
+  <li> The rule only raises issues in projects using Java 17 or above, because those projects will likely be migrated to Java 23 or later. </li>
 </ul>
 <h2>How to fix it</h2>
-<p>In versions of Java prior to 23, all comments should always start with exactly 2 slashes, and from Java 23 forward they should not start with more
-than 3.</p>
+<p>In versions of Java prior to 23, comments should not start with more than 2 slashes, and from Java 23 forward they should not start with more than
+3.</p>
 <h3>Code examples</h3>
 <h4>Noncompliant code example</h4>
-<p>The following code will generate misleading Javadoc comments if migrated to Java 23:</p>
+<p>The following code will generate unintended JavaDoc comments if migrated to Java 23:</p>
 <pre data-diff-id="1" data-diff-type="noncompliant">
 /// Some comment for the developers
 public abstract void foo();
@@ -30,6 +32,6 @@ <h4>Compliant solution</h4>
 <h2>Resources</h2>
 <h3>Documentation</h3>
 <ul>
-  <li> <a href="https://openjdk.org/jeps/467">JEP 467: Markdown Documentation Comments</a> </li>
+  <li> OpenJDK - <a href="https://openjdk.org/jeps/467">JEP 467: Markdown Documentation Comments</a> </li>
 </ul>
 
diff --git a/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S7476.json b/sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S7476.json
@@ -10,15 +10,14 @@
     "java23",
     "javadoc"
   ],
-  "defaultSeverity": "Major",
+  "defaultSeverity": "Minor",
   "ruleSpecification": "RSPEC-7476",
   "sqKey": "S7476",
   "scope": "All",
   "quickfix": "unknown",
   "code": {
     "impacts": {
-      "MAINTAINABILITY": "MEDIUM",
-      "RELIABILITY": "MEDIUM"
+      "MAINTAINABILITY": "LOW"
     },
     "attribute": "CONVENTIONAL"
   }
diff --git a/sonarpedia.json b/sonarpedia.json
@@ -3,7 +3,7 @@
   "languages": [
     "JAVA"
   ],
-  "latest-update": "2025-05-12T09:39:02.591637166Z",
+  "latest-update": "2025-05-28T09:17:51.640344029Z",
   "options": {
     "no-language-in-filenames": true,
     "preserve-filenames": false

Original file line number	Diff line number	Diff line change
`@@ -7,20 +7,22 @@ <h2>Why is this an issue?</h2>`
`7`	`7`	`<h3>Exceptions</h3>`
`8`	`8`	`<p>The rule violation is not reported for mutable values stored in private methods if no non-private methods directly passes a mutable parameter to`
`9`	`9`	`them.</p>`
	`10`	`+<p>Similarly, rule violations are not reported for mutable values returned by a private getter if that getter’s value is not directly exposed by a`
	`11`	`+non-private method.</p>`
`10`	`12`	`<h3>Noncompliant code example</h3>`
`11`	`13`	`<pre>`
`12`	`14`	`class A {`
`13`		`- private String [] strings;`
	`15`	`+ private String[] strings;`
`14`	`16`
`15`	`17`	`public A () {`
`16`	`18`	`strings = new String[]{"first", "second"};`
`17`	`19`	`}`
`18`	`20`
`19`		`- public String [] getStrings() {`
	`21`	`+ public String[] getStrings() {`
`20`	`22`	`return strings; // Noncompliant`
`21`	`23`	`}`
`22`	`24`
`23`		`- public void setStrings(String [] strings) {`
	`25`	`+ public void setStrings(String[] strings) {`
`24`	`26`	`this.strings = strings; // Noncompliant`
`25`	`27`	`}`
`26`	`28`	`}`
`@@ -43,15 +45,19 @@ <h3>Compliant solution</h3>`
`43`	`45`	`strings = new String[]{"first", "second"};`
`44`	`46`	`}`
`45`	`47`
`46`		`- public String [] getStrings() {`
`47`		`- return strings.clone();`
	`48`	`+ public String[] getStrings() {`
	`49`	`+ return getStringsInternal().clone();`
	`50`	`+ }`
	`51`	`+`
	`52`	`+ private String[] getStringsInternal() {`
	`53`	`+ return strings;`
`48`	`54`	`}`
`49`	`55`
`50`		`- private void setStringsInternal(String [] strings) {`
	`56`	`+ private void setStringsInternal(String[] strings) {`
`51`	`57`	`this.strings = strings;`
`52`	`58`	`}`
`53`	`59`
`54`		`- public void setStrings(String [] strings) {`
	`60`	`+ public void setStrings(String[] strings) {`
`55`	`61`	`this.strings = strings.clone();`
`56`	`62`	`}`
`57`	`63`	`}`