Add information about FP and FN to vulnerabilities
Closes #4 (closed). Relates to gitlab-org/gitlab#364179 (closed)
This is how a vulnerability will looks right now in the gl-sast-diff-report.json. The downside is the new output struct DifferenceReport
since none of the GitLab's report methods will work with it.
{
"id": "cf04adaeefab834e6a4e81561eb0bbcf28cd0f615fc6314c2256e94e6a64fda1",
"category": "sast",
"message": "Improper Neutralization",
"cve": "",
"scanner": {
"id": "baseline",
"name": "baseline"
},
"location": {
"file": "main.py",
"start_line": 12
},
"identifiers": [
{
"type": "cwe",
"name": "CWE-707",
"value": "707",
"url": "https://cwe.mitre.org/data/definitions/707.html"
}
],
"type": "FN"
}
Edited by Martynas Krupskis