custom_reportable/
custom_reportable.rs

1use secfinding::{Reportable, Severity};
2
3struct PolicyFinding {
4    source: String,
5    title: String,
6    score: f64,
7}
8
9impl Reportable for PolicyFinding {
10    fn scanner(&self) -> &str {
11        "policy-scanner"
12    }
13
14    fn target(&self) -> &str {
15        &self.source
16    }
17
18    fn severity(&self) -> Severity {
19        if self.score >= 0.9 {
20            Severity::Critical
21        } else if self.score >= 0.7 {
22            Severity::High
23        } else if self.score >= 0.5 {
24            Severity::Medium
25        } else {
26            Severity::Low
27        }
28    }
29
30    fn title(&self) -> &str {
31        &self.title
32    }
33
34    fn detail(&self) -> &str {
35        "Policy mismatch detected by governance check"
36    }
37
38    fn confidence(&self) -> Option<f64> {
39        Some(self.score)
40    }
41
42    fn tags(&self) -> &[String] {
43        &[]
44    }
45
46    fn cwe_ids(&self) -> &[String] {
47        &[]
48    }
49
50    fn cve_ids(&self) -> &[String] {
51        &[]
52    }
53}
54
55fn main() {
56    let f = PolicyFinding {
57        source: "s3://bucket/config.yaml".into(),
58        title: "Excessive privilege policy statement".into(),
59        score: 0.93,
60    };
61
62    println!("scanner: {}", f.scanner());
63    println!("target: {}", f.target());
64    println!("severity: {}", f.severity());
65    println!("rule id: {}", f.rule_id());
66    println!("tags: {}", f.tags().join(", "));
67    println!("{}", f.detail());
68}
custom_reportable/custom_reportable.rs

custom_reportable/
custom_reportable.rs
