Struct Finding 

pub struct Finding {
    pub version: u32,
    /* private fields */
}

A single security finding produced by any Santh tool.

This is the universal output format. Whether the finding comes from Gossan (discovery), Karyx (routing), Calyx (templates), Sear (SAST), jsdet (JS malware), or a binding (sqlmap-rs), it produces a Finding.

Examples

use secfinding::{Finding, FindingKind, Severity};

let finding = Finding::builder("scanner", "https://example.com", Severity::High)
    .title("SQL injection")
    .kind(FindingKind::Vulnerability)
    .build()?;

assert_eq!(finding.kind(), FindingKind::Vulnerability);

Thread Safety

Finding is Send and Sync.

Fields

version: u32

Format version.

Implementations

impl Finding

pub fn builder( scanner: impl Into<String>, target: impl Into<String>, severity: Severity, ) -> FindingBuilder

Start building a finding with the three required fields.

pub fn new( scanner: impl Into<String>, target: impl Into<String>, severity: Severity, title: impl Into<String>, detail: impl Into<String>, ) -> Result<Self, FindingBuildError>

Quick constructor for simple findings without the builder.

Errors

Returns an error if any of the required fields are empty or exceed crate limits.

impl Finding

pub fn group_by_target<'a>( findings: &'a [Finding], ) -> HashMap<&'a str, Vec<&'a Finding>>

Group findings by target for batch triage.

Returns a map from target string to the findings on that target, sorted by severity (descending).

pub fn merge_chain( a: &Finding, b: &Finding, ) -> Result<Finding, FindingBuildError>

Merge two related findings into a single chain finding.

The resulting finding takes the higher severity, combines evidence, tags, CVEs, CWEs, references, and matched values from both inputs. CVSS score and confidence are taken as the maximum of the two — preserving the most-severe quantitative signal. The title is combined with → to indicate the chain relationship.

Errors

Returns FindingBuildError if the combined fields fail validation (e.g., empty title or overly long strings).

impl Finding

pub fn version(&self) -> u32

Get the finding version.

pub fn id(&self) -> Uuid

Get the finding unique identifier.

pub fn scanner(&self) -> &str

Get the scanner name.

pub fn target(&self) -> &str

Get the target scanned.

pub fn severity(&self) -> Severity

Get the finding severity.

pub fn title(&self) -> &str

Get the finding title.

pub fn detail(&self) -> &str

Get the finding detailed description.

pub fn kind(&self) -> FindingKind

Get the finding classification.

pub fn status(&self) -> FindingStatus

Get the finding status.

pub fn evidence(&self) -> &[Evidence]

Get the evidence associated with the finding.

pub fn location(&self) -> Option<&Location>

Get the location of the finding.

pub fn tags(&self) -> &[Arc<str>]

Get the tags associated with the finding.

pub fn timestamp(&self) -> DateTime<Utc>

Get the timestamp when the finding was produced.

pub fn cve_ids(&self) -> &[Arc<str>]

Get the CVE identifiers associated with the finding.

pub fn cwe_ids(&self) -> &[Arc<str>]

Get the CWE identifiers associated with the finding.

pub fn references(&self) -> &[Arc<str>]

Get the reference URLs associated with the finding.

pub fn confidence(&self) -> Option<f64>

Get the statistical confidence score (0.0 to 1.0).

pub fn cvss_score(&self) -> Option<f64>

Get the CVSS score (0.0 to 10.0).

pub fn scan_id(&self) -> Option<&str>

Get the scan ID that produced this finding.

pub fn exploit_hint(&self) -> Option<&str>

Get the exploit hint.

pub fn remediation(&self) -> Option<&str>

Get the remediation guidance.

pub fn matched_values(&self) -> &[Arc<str>]

Get the matched values that triggered the finding.

Trait Implementations

impl Clone for Finding

fn clone(&self) -> Finding

Returns a duplicate of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Debug for Finding

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl<'de> Deserialize<'de> for Finding

fn deserialize<D>(deserializer: D) -> Result<Self, D::Error>

where D: Deserializer<'de>,

Deserialize this value from the given Serde deserializer.

impl Display for Finding

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl Hash for Finding

fn hash<H: Hasher>(&self, state: &mut H)

Feeds this value into the given Hasher.

fn hash_slice<H>(data: &[Self], state: &mut H)

where H: Hasher, Self: Sized,

Feeds a slice of this type into the given Hasher.

impl Ord for Finding

fn cmp(&self, other: &Self) -> Ordering

This method returns an Ordering between self and other.

fn max(self, other: Self) -> Self

where Self: Sized,

Compares and returns the maximum of two values.

fn min(self, other: Self) -> Self

where Self: Sized,

Compares and returns the minimum of two values.

fn clamp(self, min: Self, max: Self) -> Self

where Self: Sized,

Restrict a value to a certain interval.

impl PartialEq for Finding

fn eq(&self, other: &Finding) -> bool

Tests for self and other values to be equal, and is used by ==.

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.

impl PartialOrd for Finding

fn partial_cmp(&self, other: &Self) -> Option<Ordering>

This method returns an ordering between self and other values if one exists.

fn lt(&self, other: &Rhs) -> bool

Tests less than (for self and other) and is used by the < operator.

fn le(&self, other: &Rhs) -> bool

Tests less than or equal to (for self and other) and is used by the <= operator.

fn gt(&self, other: &Rhs) -> bool

Tests greater than (for self and other) and is used by the > operator.

fn ge(&self, other: &Rhs) -> bool

Tests greater than or equal to (for self and other) and is used by the >= operator.

impl Reportable for Finding

Blanket: secfinding’s own Finding implements Reportable.

fn scanner(&self) -> &str

Which tool produced this finding.

fn target(&self) -> &str

What was scanned (URL, file path, package name, etc.).

fn severity(&self) -> Severity

How severe is this finding.

fn title(&self) -> &str

Short human-readable title.

fn detail(&self) -> &str

Detailed description.

fn cwe_ids(&self) -> &[Arc<str>]

CWE identifiers (e.g. ["CWE-89"]).

fn cve_ids(&self) -> &[Arc<str>]

CVE identifiers.

fn tags(&self) -> &[Arc<str>]

Free-form tags.

fn confidence(&self) -> Option<f64>

Confidence score 0.0-1.0 (None = not applicable).

fn cvss_score(&self) -> Option<f64>

CVSS score (0.0 to 10.0) if applicable.

fn status(&self) -> FindingStatus

Current lifecycle state of the finding.

fn location(&self) -> Option<&Location>

Specific location in a file where the finding was discovered.

fn scan_id(&self) -> Option<&str>

ID of the scan run that produced this finding.

fn exploit_hint(&self) -> Option<&str>

Exploit hint / PoC command.

fn remediation(&self) -> Option<&str>

Actionable remediation guidance.

fn evidence(&self) -> &[Evidence]

Evidence attached to the finding.

fn kind(&self) -> FindingKind

The domain classification of this finding.

fn rule_id(&self) -> String

SARIF rule ID (defaults to “scanner/title-slug”).

fn sarif_level(&self) -> &str

SARIF severity level string.

impl Serialize for Finding

fn serialize<__S>(&self, __serializer: __S) -> Result<__S::Ok, __S::Error>

where __S: Serializer,

Serialize this value into the given Serde serializer.

impl Eq for Finding

impl StructuralPartialEq for Finding