CalvinBackup/fuzzforge_ai
1
0
Fork 0
mirror of https://github.com/FuzzingLabs/fuzzforge_ai.git synced 2026-05-19 12:48:12 +02:00
Code Issues Packages Projects Releases Wiki Activity

refactor: Convert reporter to native format and update backend models

Browse Source 
- Renamed sarif_reporter.py to native_reporter.py to reflect new functionality

- Updated WorkflowFindings model to use native format
  - Field name 'sarif' kept for API compatibility but now contains native format
  - Updated docstring to reflect native format usage

- Converted SARIFReporter to Native Reporter:
  - Module name changed from sarif_reporter to native_reporter (v2.0.0)
  - Updated metadata and input/output schemas
  - Removed SARIF-specific config (tool_name, include_code_flows)
  - Added native format config (workflow_name, run_id)

- Implemented native report generation:
  - Added _generate_native_report() method
  - Generates native FuzzForge format with full field support:
    - Unique finding IDs
    - found_by attribution (module, tool, type)
    - LLM context when applicable
    - Full severity scale (critical/high/medium/low/info)
    - Confidence levels
    - CWE and OWASP mappings
    - Enhanced location info (columns, snippets)
    - References and metadata

  - Added _create_native_summary() for aggregated stats
  - Summary includes counts by severity, confidence, category, source, and type
  - Tracks affected files count

- Kept old SARIF generation methods for reference
  - Will be moved to separate SARIF exporter module

Breaking changes:
- Reporter now outputs native format instead of SARIF
- Existing workflows using sarif_reporter will need updates
- Config parameters changed (tool_name -> workflow_name, etc.)
This commit is contained in:
tduhamel42
2025-11-02 14:52:15 +01:00
parent f1748185df
commit f360bf424f
2 changed files with 150 additions and 38 deletions
Download Patch File Download Diff File Expand all files Collapse all files
backend/src/models/findings.py
+2 -2
View File
@@ -19,10 +19,10 @@ from datetime import datetime
class WorkflowFindings(BaseModel):
"""Findings from a workflow execution in SARIF format"""
"""Findings from a workflow execution in native FuzzForge format"""
workflow: str = Field(..., description="Workflow name")
run_id: str = Field(..., description="Unique run identifier")
sarif: Dict[str, Any] = Field(..., description="SARIF formatted findings")
sarif: Dict[str, Any] = Field(..., description="Findings in native FuzzForge format (field name kept for API compatibility)")
metadata: Dict[str, Any] = Field(default_factory=dict, description="Additional metadata")