Add fix ID as a required field

pixee · Jan 15, 2025 · fa66fb7 · fa66fb7
1 parent a7c60e2
commit fa66fb7
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 1 deletion.
diff --git a/codetf.schema-v3.json b/codetf.schema-v3.json
@@ -68,6 +68,7 @@
           "type": "object",
           "description": "Metadata about the fix itself",
           "properties": {
+            "id": { "type": "string", "description": "Unique identifier for the fix (corresponds to legacy codemod ID)" },
             "summary": { "type": "string", "description": "Short description of the fix" },
             "description": { "type": "string", "description": "Detailed description of the fix" },
             "references": {
@@ -90,7 +91,7 @@
               "required": ["strategy"]
             }
           },
-          "required": ["summary", "description", "generation"]
+          "required": ["id", "summary", "description", "generation"]
         }
       },
       "required": ["findingMetadata", "changesets", "fixMetadata"]

diff --git a/examples/juice-shop.codetf-v3.json b/examples/juice-shop.codetf-v3.json
@@ -48,6 +48,7 @@
         }
       ],
       "fixMetadata": {
+        "id": "sonar:tssecurity%3AS5147",
         "summary": "Safe ObjectId conversion for database queries.",
         "description": "Updated database queries to use ObjectId conversion to prevent SQL injection vulnerabilities caused by user-controlled inputs.",
         "references": [
@@ -125,6 +126,7 @@
         }
       ],
       "fixMetadata": {
+        "id": "sonar:javascript/sql-parameterization",
         "summary": "Replaced raw SQL queries with parameterized queries.",
         "description": "Updated SQL queries in multiple files to use Sequelize's parameterized queries with QueryTypes. This approach ensures user input is safely injected into the query, preventing SQL injection vulnerabilities.",
         "references": [