Use the CWE name as a name in the SARIF report

This commit is contained in:
Cosmin Cojocar 2022-01-26 18:29:03 +01:00
parent 9399e7bed7
commit 09a2941ad4

View file

@ -71,9 +71,14 @@ func GenerateReport(rootPaths []string, data *gosec.ReportInfo) (*Report, error)
// parseSarifRule return SARIF rule field struct // parseSarifRule return SARIF rule field struct
func parseSarifRule(issue *gosec.Issue) *ReportingDescriptor { func parseSarifRule(issue *gosec.Issue) *ReportingDescriptor {
cwe := gosec.GetCweByRule(issue.RuleID)
name := issue.RuleID
if cwe != nil {
name = cwe.Name
}
return &ReportingDescriptor{ return &ReportingDescriptor{
ID: issue.RuleID, ID: issue.RuleID,
Name: issue.What, Name: name,
ShortDescription: NewMultiformatMessageString(issue.What), ShortDescription: NewMultiformatMessageString(issue.What),
FullDescription: NewMultiformatMessageString(issue.What), FullDescription: NewMultiformatMessageString(issue.What),
Help: NewMultiformatMessageString(fmt.Sprintf("%s\nSeverity: %s\nConfidence: %s\n", Help: NewMultiformatMessageString(fmt.Sprintf("%s\nSeverity: %s\nConfidence: %s\n",