From 4532d5d2bb3c50c178c2ea4f0352521f3f8c547e Mon Sep 17 00:00:00 2001
From: Eric Brown <eric.brown@securesauce.dev>
Date: Mon, 4 Mar 2024 16:34:04 -0800
Subject: [PATCH] Add CWE info in the SARIF output

Signed-off-by: Eric Brown <eric.brown@securesauce.dev>
---
 precli/renderers/json.py | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/precli/renderers/json.py b/precli/renderers/json.py
index 39b6d2ba..918820d1 100644
--- a/precli/renderers/json.py
+++ b/precli/renderers/json.py
@@ -68,7 +68,10 @@ def create_rule_array(self, run: Run):
                     )
                 },
                 properties={
-                    "tags": ["security"],
+                    "tags": [
+                        "security",
+                        f"external/cwe/cwe-{rule.cwe.cwe_id}",
+                    ],
                 },
             )
             rules.append(reporting_descriptor)