feat: Add tags and metadatas in MatchedRule details

Add tags and metadatas of matched rules in the scan results, instead of only the name and namespace. They were saved for this purpose, but were not exposed by mistake.
vthib · Nov 9, 2023 · 62a9812 · 62a9812
1 parent 7a53370
commit 62a9812
Show file tree

Hide file tree

Showing 3 changed files with 26 additions and 11 deletions.
diff --git a/boreal/src/compiler/rule.rs b/boreal/src/compiler/rule.rs
@@ -14,28 +14,29 @@ use crate::statistics;
 
 /// A compiled scanning rule.
 #[derive(Debug)]
-pub struct Rule {
+pub(crate) struct Rule {
     /// Name of the rule.
-    pub name: String,
+    pub(crate) name: String,
 
     /// Namespace containing the rule.
     ///
-    /// `None` if in the default namespace.
-    pub namespace: Option<String>,
+    /// [`None`] if in the default namespace.
+    pub(crate) namespace: Option<String>,
 
     /// Tags associated with the rule.
-    pub tags: Vec<String>,
+    pub(crate) tags: Vec<String>,
 
     /// Metadata associated with the rule.
-    pub metadatas: Vec<Metadata>,
+    pub(crate) metadatas: Vec<Metadata>,
 
     /// Number of variables used by the rule.
     pub(crate) nb_variables: usize,
 
     /// Condition of the rule.
     pub(crate) condition: Expression,
 
-    pub is_private: bool,
+    /// Is the rule marked as private.
+    pub(crate) is_private: bool,
 }
 
 /// Object used to compile a rule.

diff --git a/boreal/src/lib.rs b/boreal/src/lib.rs
@@ -95,5 +95,9 @@ pub mod scanner;
 pub use scanner::Scanner;
 pub mod statistics;
 
+// Re-exports those symbols since they are exposed in the results of a scan. This avoids
+// having to depend on boreal-parser simply to match on those metadatas.
+pub use boreal_parser::rule::{Metadata, MetadataValue};
+
 #[cfg(test)]
 mod test_helpers;
diff --git a/boreal/src/scanner/mod.rs b/boreal/src/scanner/mod.rs
@@ -460,8 +460,10 @@ fn build_matched_rule<'a>(
     }
 
     MatchedRule {
-        namespace: rule.namespace.as_deref(),
         name: &rule.name,
+        namespace: rule.namespace.as_deref(),
+        tags: &rule.tags,
+        metadatas: &rule.metadatas,
         matches: var_evals
             .into_iter()
             .filter(|eval| !eval.var.is_private)
@@ -525,11 +527,17 @@ impl<'scanner> ScanResult<'scanner> {
 /// Description of a rule that matched during a scan.
 #[derive(Debug)]
 pub struct MatchedRule<'scanner> {
+    /// Name of the rule.
+    pub name: &'scanner str,
+
     /// Namespace containing the rule. None if in the default namespace.
     pub namespace: Option<&'scanner str>,
 
-    /// Name of the rule.
-    pub name: &'scanner str,
+    /// Tags associated with the rule.
+    pub tags: &'scanner [String],
+
+    /// Metadata associated with the rule.
+    pub metadatas: &'scanner [boreal_parser::rule::Metadata],
 
     /// List of matched strings, with details on their matches.
     pub matches: Vec<StringMatches<'scanner>>,
@@ -1209,8 +1217,10 @@ mod tests {
             statistics: None,
         });
         test_type_traits_non_clonable(MatchedRule {
-            namespace: None,
             name: "a",
+            namespace: None,
+            tags: &[],
+            metadatas: &[],
             matches: Vec::new(),
         });
         test_type_traits_non_clonable(StringMatches {