Add bandit to cwe mappings
Motivation for change
Bandit reports do not contain cwe identifiers, therefore mappings between bandit identification system and cwe was needed. I could not figure out how to use bandit's python codebase to extract the cwe from the id and found and Pull Request back from 2020 https://github.com/PyCQA/bandit/pull/613/files, which contains a dictionary for the mappings.
Changes
- Created a mappings package, which will contain mappings between all sorts of identification systems and cwe.
- Added bandit mappings by copying the mappings from the aforementioned pull request
- Added an error handling for cwe resolution, since if it is not resolved correctly it will fail further when trying to identify if two CWEs are equal.