From be386c106864f893afd18f4519712a769f47c76d Mon Sep 17 00:00:00 2001
From: Felix Patschkowski <felix.patschkowski@itecequipment.com>
Date: Fri, 15 Dec 2023 12:36:15 +0100
Subject: [PATCH] Added more meta information to the SonarQube rules.

Signed-off-by: Felix Patschkowski <felix.patschkowski@itecequipment.com>
---
 README.md     | 2 +-
 flawfinder.py | 3 +++
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index fc90a37..aa2e068 100644
--- a/README.md
+++ b/README.md
@@ -135,7 +135,7 @@ SonarQube under "Administration > CXX External Analyers > Other Rule Definitions
 by running Flawfinder once using the following options.
 
 ~~~~
-flawfinder --listrules --sonar
+flawfinder --listrules --sonar [...]
 ~~~~
 
 The in your CI/CD run Flawfinder like this to generate output that SonarQube
diff --git a/flawfinder.py b/flawfinder.py
index 409876a..4db0516 100755
--- a/flawfinder.py
+++ b/flawfinder.py
@@ -187,6 +187,9 @@ def output_rules(self):
             str += '\t\t<severity>%s</severity>\n' % (SONAR_SEVERITIES[self._ruleset[key][1]])
             str += '\t\t<type>VULNERABILITY</type>\n'
             str += '\t\t<tag>cwe</tag>\n'
+            str += '\t\t<tag>flawfinder</tag>\n'
+            str += '\t\t<remediationFunction>CONSTANT_ISSUE</remediationFunction>\n'
+            str += '\t\t<remediationFunctionBaseEffort>2min</remediationFunctionBaseEffort>\n'
             str += '\t</rule>\n'
         str += '</rules>'
         return str