Add pre-computed tracking information to security report schema
Add a schema for pre-calculated tracking fingerprint values as part of https://gitlab.com/groups/gitlab-org/-/epics/4690.
Calculated tracking values should be added in-line with each position in the tracking data.
For example, given analyzer-provided tracking information for a vulnerability in a security report:
"tracking": {
"type": "source",
"positions": [
{ "file": "path/to/file1.ext", "line_start": 10, "line_end": 20 },
{ "file": "path/to/file2.ext", "line_start": 10, "line_end": 20 },
{ "file": "path/to/file3.ext", "line_start": 10, "line_end": 20 }
]
}
Calculated tracking values should be inserted inline into each position
object:
"tracking": {
"type": "source",
"positions": [
{ "file": "path/to/file1.ext", "line_start": 10, "line_end": 20, "fingerprints": { "scope+offset": "path/to/file1.ext|scope1|scope2:offset" } },
{ "file": "path/to/file2.ext", "line_start": 10, "line_end": 20, "fingerprints": { "scope+offset": "path/to/file2.ext|scope1|scope2:offset" } },
{ "file": "path/to/file3.ext", "line_start": 10, "line_end": 20, "fingerprints": { "scope+offset": "path/to/file3.ext|scope1|scope2:offset" } }
]
}
Edited by James Johnson