Normalizing the usage of SARIF messageStrings:cwe.
Currently npm audit and gosec scanners use this field. This PR expand this to additional scanners.
Bandit
Brakeman
BundleAudit*
CargoAudit*
OSV Scanners*
** CVE info available - marked accordingly.
This PR also documents the available fields across SARIF adapters. The gosec CWE has been normalized to use the CWE and not the URL
Normalizing the usage of SARIF messageStrings:cwe.
Currently npm audit and gosec scanners use this field. This PR expand this to additional scanners.
** CVE info available - marked accordingly. This PR also documents the available fields across SARIF adapters. The gosec CWE has been normalized to use the CWE and not the URL