Skip to content

Commit

Permalink
writer-json-sarif: encode per-warning CWE property
Browse files Browse the repository at this point in the history 
... so that the data is processed by DefectDojo

Fixes: #125
Closes: #126
  • Loading branch information
@kdudka
kdudka committed Apr 17, 2023
1 parent b2eae0a commit b5df1f6
Show file tree
Hide file tree
Showing 4 changed files with 954 additions and 1 deletion.
7 changes: 6 additions & 1 deletion src/lib/writer-json-sarif.cc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -276,10 +276,15 @@ void SarifTreeEncoder::appendDef(const Defect &def)
shellCheckMap_[ruleId] = sm[2];
}

if (def.cwe)
if (def.cwe) {
// update CWE map
cweMap_[ruleId] = def.cwe;

// encode per-warning CWE property
object cweProp = {{ "cwe", "CWE-" + std::to_string(def.cwe) }};
result["properties"] = std::move(cweProp);
}

// key event severity level
sarifEncodeLevel(&result, keyEvt.event);

Expand Down
Loading

0 comments on commit b5df1f6

Please sign in to comment.