Fix where sarif output is invalid missing cwe or shortdescription
What does this MR do?
Fixes an unlikely case where the CWE-XXX tag is missing the title text as well as a shortDescription metadata field. (Validation of this is done on downstream rules)
Bug was identified when updating semgrep rules to use the new shortDescription field: https://gitlab.com/gitlab-org/security-products/sast-rule-testing-framework/rule-testing/-/jobs/4097499692
What are the relevant issue numbers?
N/A
Does this MR meet the acceptance criteria?
-
Changelog entry added -
Documentation created/updated for GitLab EE, if necessary -
Documentation created/updated for this project, if necessary -
Documentation reviewed by technical writer or follow-up review issue created -
Tests added for this feature/bug -
Job definition updated, if necessary -
Ensure the report version matches the equivalent schema version -
Conforms to the code review guidelines -
Conforms to the Go guidelines -
Security reports checked/validated by reviewer
Edited by Lucas Charles