boostsecurityio
diff --git a/‎.boost/scripts/normalize-mapping.py‎
Lines changed: 15 additions & 3 deletions b/‎.boost/scripts/normalize-mapping.py‎
Lines changed: 15 additions & 3 deletions
diff --git a/‎.boost/scripts/owasp-top-10_2021.cwes.lst‎
Lines changed: 47 additions & 33 deletions b/‎.boost/scripts/owasp-top-10_2021.cwes.lst‎
Lines changed: 47 additions & 33 deletions
@@ -25,15 +25,16 @@
             rules_file = os.path.join(dirpath, filename)
             changed = False
             with open(rules_file, "r") as f:
+                rules_def = yaml.safe_load(f)
                 rules = yaml.safe_load(f).get("rules", {})
 
             # Validate and fix the categories of each rule
             for rule_key, rule in rules.items():
                 categories = rule["categories"]
                 for cwe_list_name, cwes_list in cwes_lists.items():
-                    if (
+                    if cwe_list_name not in categories and (
                         any(cwe in cwes_list for cwe in categories)
-                        and cwe_list_name not in categories
+                        or rule["name"].lower() in cwes_list
                     ):
                         # Add the missing category to the list of categories
                         categories.append(cwe_list_name)
@@ -42,10 +43,21 @@
                         print(
                             f'Added "{cwe_list_name}" category to rule {rule_key} in {rules_file}'
                         )
+                    elif cwe_list_name in categories and (
+                        rule["name"].lower() not in cwes_list and
+                        all(cwe not in cwes_list for cwe in categories)
+                    ):
+                        categories.remove(cwe_list_name)
+                        changed = True
+
+                        print(
+                            f'Removed "{cwe_list_name}" category to rule {rule_key} in {rules_file}'
+                        )
 
             if not changed:
                 continue
 
             # Save the updated rules back to the YAML file
+            rules_def["rules"] = rules
             with open(rules_file, "w") as f:
-                yaml.safe_dump({"rules": rules}, f, sort_keys=False)
+                yaml.safe_dump(rules_def, f, sort_keys=False)
@@ -1,51 +1,45 @@
+cwe-100
+cwe-1004
+cwe-1021
+cwe-1032
 cwe-11
-cwe-13
-cwe-15
-cwe-20
-cwe-22
-cwe-23
-cwe-35
-cwe-59
-cwe-73
-cwe-74
-cwe-75
-cwe-77
-cwe-78
-cwe-79
-cwe-80
-cwe-83
-cwe-87
-cwe-88
-cwe-89
-cwe-90
-cwe-91
-cwe-93
-cwe-94
-cwe-95
-cwe-96
-cwe-97
-cwe-98
-cwe-99
+cwe-1104
+cwe-1105
 cwe-113
 cwe-116
 cwe-117
+cwe-1173
+cwe-1174
+cwe-1176
+cwe-1216
+cwe-1275
+cwe-13
 cwe-138
+cwe-15
+cwe-16
 cwe-183
 cwe-184
+cwe-2
+cwe-20
 cwe-200
 cwe-201
 cwe-209
 cwe-213
 cwe-219
+cwe-22
 cwe-223
+cwe-23
 cwe-235
+cwe-255
 cwe-256
 cwe-257
 cwe-259
 cwe-260
 cwe-261
+cwe-264
 cwe-266
 cwe-269
+cwe-275
 cwe-276
 cwe-280
 cwe-284
@@ -62,6 +56,7 @@ cwe-302
 cwe-304
 cwe-306
 cwe-307
+cwe-310
 cwe-311
 cwe-312
 cwe-313
@@ -87,6 +82,7 @@ cwe-340
 cwe-345
 cwe-346
 cwe-347
+cwe-35
 cwe-352
 cwe-353
 cwe-359
@@ -127,6 +123,7 @@ cwe-564
 cwe-565
 cwe-566
 cwe-579
+cwe-59
 cwe-598
 cwe-601
 cwe-602
@@ -149,34 +146,51 @@ cwe-656
 cwe-657
 cwe-668
 cwe-706
+cwe-720
+cwe-73
+cwe-74
+cwe-75
 cwe-756
 cwe-757
 cwe-759
 cwe-760
+cwe-77
 cwe-776
 cwe-778
+cwe-78
 cwe-780
 cwe-784
+cwe-79
 cwe-798
 cwe-799
+cwe-80
 cwe-807
+cwe-818
 cwe-829
+cwe-83
 cwe-830
+cwe-840
 cwe-841
 cwe-862
 cwe-863
+cwe-87
+cwe-88
+cwe-89
+cwe-90
+cwe-91
 cwe-913
 cwe-915
 cwe-916
 cwe-917
 cwe-918
 cwe-922
 cwe-927
+cwe-93
+cwe-94
 cwe-940
 cwe-942
-cwe-1004
-cwe-1021
-cwe-1104
-cwe-1173
-cwe-1174
-cwe-1275
+cwe-95
+cwe-96
+cwe-97
+cwe-98
+cwe-99