Struct SecurityFinding 

pub struct SecurityFinding {

    pub id: String,
    pub category: SecurityCategory,
    pub severity: Severity,
    pub confidence: Confidence,
    pub location: Location,
    pub title: String,
    pub description: String,
    pub cwe_id: Option<u32>,
    pub remediation: String,
    pub code_snippet: String,
    pub metadata: HashMap<String, String>,
    pub suppressed: bool,
    pub dedup_hash: u64,
}

A unified security finding that can represent any type of vulnerability.

This struct provides a consistent interface for all security analyzers, enabling unified reporting, filtering, and output formatting.

Fields

id: String

Unique identifier for the finding type (e.g., “SQLI-001”, “CMD-002”)

category: SecurityCategory

Category of the security issue

severity: Severity

Severity level

confidence: Confidence

Confidence in the finding

location: Location

Location in source code

title: String

Short title describing the issue

description: String

Detailed description of the vulnerability

cwe_id: Option<u32>

CWE (Common Weakness Enumeration) reference ID

remediation: String

Suggested remediation/fix

code_snippet: String

Code snippet showing the vulnerable code

metadata: HashMap<String, String>

Additional metadata (analyzer-specific information)

suppressed: bool

Whether this finding has been suppressed via comment

dedup_hash: u64

Hash for deduplication (based on location + category)

Implementations

impl SecurityFinding

pub fn new( id: impl Into<String>, category: SecurityCategory, severity: Severity, confidence: Confidence, location: Location, title: impl Into<String>, description: impl Into<String>, ) -> Self

Create a new security finding with required fields.

pub fn with_remediation(self, remediation: impl Into<String>) -> Self

Add remediation advice.

pub fn with_code_snippet(self, snippet: impl Into<String>) -> Self

Add code snippet.

pub fn with_metadata( self, key: impl Into<String>, value: impl Into<String>, ) -> Self

Add metadata key-value pair.

pub fn with_cwe(self, cwe_id: u32) -> Self

Override the CWE ID.

pub fn suppressed(self) -> Self

Mark as suppressed.

pub fn fingerprint(&self) -> String

Get a fingerprint for this finding (used for deduplication).

Trait Implementations

impl Clone for SecurityFinding

fn clone(&self) -> SecurityFinding

Returns a duplicate of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Debug for SecurityFinding

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl<'de> Deserialize<'de> for SecurityFinding

fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error>

where __D: Deserializer<'de>,

Deserialize this value from the given Serde deserializer.

impl Hash for SecurityFinding

fn hash<H: Hasher>(&self, state: &mut H)

Feeds this value into the given Hasher.

fn hash_slice<H>(data: &[Self], state: &mut H)

where H: Hasher, Self: Sized,

Feeds a slice of this type into the given Hasher.

impl PartialEq for SecurityFinding

fn eq(&self, other: &Self) -> bool

Tests for self and other values to be equal, and is used by ==.

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.

impl Serialize for SecurityFinding

fn serialize<__S>(&self, __serializer: __S) -> Result<__S::Ok, __S::Error>

where __S: Serializer,

Serialize this value into the given Serde serializer.

impl Eq for SecurityFinding