Create rule S8325: Variables declared with "def" or explicit types in scripts should be undeclared to be accessible through Binding

rules/S8325/groovy/metadata.json

@@ -0,0 +1,29 @@
+{
+  "title": "Variables declared with \"def\" or explicit types in scripts should be undeclared to be accessible through Binding",
+  "type": "BUG",
+  "status": "ready",
+  "remediation": {
+    "func": "Constant/Issue",
+    "constantCost": "5 min"
+  },
+  "tags": [
+    "groovy",
+    "binding",
+    "runtime"
+  ],
+  "defaultSeverity": "Blocker",
+  "ruleSpecification": "RSPEC-8325",
+  "sqKey": "S8325",
+  "scope": "Main",
+  "defaultQualityProfiles": [
+    "Sonar way"
+  ],
+  "quickfix": "unknown",
+  "code": {
+    "impacts": {
+      "RELIABILITY": "BLOCKER",
+      "MAINTAINABILITY": "BLOCKER"
+    },
+    "attribute": "COMPLETE"
+  }
+}

rules/S8325/groovy/rule.adoc

@@ -0,0 +1,55 @@
+This is an issue when declaring variables with `def` or explicit types (like `int`, `String`) in Groovy scripts that are intended to share data with the calling application through a `Binding` object.
+
+== Why is this an issue?
+
+When Groovy scripts are executed with a shared `Binding` object, variables can be shared between the script and the calling application. However, this data sharing only works with undeclared variables.
+
+Using `def` or explicit type declarations (like `int foo = 123` or `def bar = "hello"`) creates local variables within the script scope. These local variables are not accessible from the calling application through the `Binding` object.
+
+This behavior often surprises developers who expect all variables in a script to be automatically shared. When the calling application tries to access these variables using `binding.getProperty()` or similar methods, it will fail with a `MissingPropertyException` or return null, leading to runtime errors or unexpected behavior.
+
+The issue is particularly problematic because:
+
+* The script executes without errors, making the problem hard to detect during development
+* The failure only occurs when the calling application tries to access the variable
+* It violates the principle of least surprise, as developers naturally expect declared variables to be accessible
+
+=== What is the potential impact?
+
+The application may fail at runtime when trying to access variables from the script through the Binding object. This can lead to `MissingPropertyException` errors or null values where data was expected, potentially causing application crashes or incorrect behavior in production systems.
+
+== How to fix it
+
+Remove the variable declaration keyword to make the variable undeclared. This allows it to be written to the shared Binding object and accessed by the calling application.
+
+=== Code examples
+
+==== Noncompliant code example
+
+[source,groovy,diff-id=1,diff-type=noncompliant]
+----
+// In Groovy script executed with GroovyShell
+def result = "Hello World" // Noncompliant
+int count = 42 // Noncompliant
+String message = "Done" // Noncompliant
+----
+
+==== Compliant solution
+
+[source,groovy,diff-id=1,diff-type=compliant]
+----
+// In Groovy script executed with GroovyShell
+result = "Hello World" // Writes to binding
+count = 42 // Writes to binding
+message = "Done" // Writes to binding
+----
+
+== Resources
+
+=== Documentation
+
+ * Groovy Integration Guide - Sharing data between script and application - https://groovy-lang.org/integrating.html#_sharing_data_between_a_script_and_the_application[Official Groovy documentation explaining how to share data between scripts and applications using Binding objects]
+
+ * Groovy GroovyShell Documentation - https://docs.groovy-lang.org/latest/html/api/groovy/lang/GroovyShell.html[API documentation for GroovyShell class used for script execution]
+
+ * Groovy Binding Documentation - https://docs.groovy-lang.org/latest/html/api/groovy/lang/Binding.html[API documentation for Binding class used for sharing variables between script and application]

rules/S8325/metadata.json

@@ -0,0 +1,2 @@
+{
+}