Skip to content

Add bandit to cwe mappings

Martynas Krupskis requested to merge bandit-cwe-mapping into main

Motivation for change

Bandit reports do not contain cwe identifiers, therefore mappings between bandit identification system and cwe was needed. I could not figure out how to use bandit's python codebase to extract the cwe from the id and found and Pull Request back from 2020 https://github.com/PyCQA/bandit/pull/613/files, which contains a dictionary for the mappings.

Changes

  • Created a mappings package, which will contain mappings between all sorts of identification systems and cwe.
  • Added bandit mappings by copying the mappings from the aforementioned pull request
  • Added an error handling for cwe resolution, since if it is not resolved correctly it will fail further when trying to identify if two CWEs are equal.

Merge request reports