From 51138cfb4962c07d0b8c27d0315fd60117abfba3 Mon Sep 17 00:00:00 2001
From: xgoffin <86716549+xgoffin@users.noreply.github.com>
Date: Tue, 28 Jun 2022 15:39:17 +0200
Subject: [PATCH] feat(checkmarxExecuteScan): remove some useless SARIF code,
 added security-severity (#3857)

---
 pkg/checkmarx/cxxml_to_sarif.go | 16 ++++++++++++----
 1 file changed, 12 insertions(+), 4 deletions(-)

diff --git a/pkg/checkmarx/cxxml_to_sarif.go b/pkg/checkmarx/cxxml_to_sarif.go
index dc8ab34e0..7e4e75fb8 100644
--- a/pkg/checkmarx/cxxml_to_sarif.go
+++ b/pkg/checkmarx/cxxml_to_sarif.go
@@ -205,10 +205,6 @@ func Parse(sys System, data []byte, scanID int) (format.SARIF, error) {
 			}
 			result.Message = msg
 
-			if cxxml.Query[i].Name != "" {
-				msg := new(format.Message)
-				msg.Text = cxxml.Query[i].Name
-			}
 			//Locations
 			codeflow := *new(format.CodeFlow)
 			threadflow := *new(format.ThreadFlow)
@@ -335,6 +331,18 @@ func Parse(sys System, data []byte, scanID int) (format.SARIF, error) {
 				rule.Properties.Tags = append(rule.Properties.Tags, cats[cat])
 			}
 		}
+		switch cxxml.Query[i].SeverityIndex {
+		case 0:
+			rule.Properties.SecuritySeverity = "0.0"
+		case 1:
+			rule.Properties.SecuritySeverity = "2.0"
+		case 2:
+			rule.Properties.SecuritySeverity = "5.0"
+		case 3:
+			rule.Properties.SecuritySeverity = "7.0"
+		default:
+			rule.Properties.SecuritySeverity = "10.0"
+		}
 
 		if cxxml.Query[i].CweID != "" {
 			rule.Properties.Tags = append(rule.Properties.Tags, "external/cwe/cwe-"+cxxml.Query[i].CweID)