Add support for ignore rules #184

ildyria · 2023-10-12T08:16:03Z

Ignoring findings

It is possible to ignore some blocker findings (e.g. false positive) by providing
a resc-ignore.dsv file. The bockers will be downgraded to a warning level and marked as ignored. Such file has the following structure:

# This is a comment
finding_path|finding_rule|finding_line_number|expiration_date
finding_path_2|finding_rule_2|finding_line_number_2

finding_path contains the path to the file with the blocking finding.
finding_rule contains the name of the blocking rule.
finding_line_number contains the line number of the finding.
expiration_date is optional, contains the date in ISO 8601 format until which this ignore rule should be considered valid.

For example, if we want to ignore the finding in file /etc/passwd for rule root_value_found on line 1 until April 1st 2024 at 23:59 the following line should be used.

/etc/passwd|root_value_found|1|2024-04-01T23:59:00

To ignore this finding ad vitam aeternam:

/etc/passwd|root_value_found|1

ildyria added 4 commits October 12, 2023 10:05

support Ignore rules

21b34a1

fix formatting issues

824a0f2

fix isort issues

6443e6a

fix snake_case

55a094b

BVabn requested review from Peter-v-d-Spek, Usman2ABN and amrityamrout and removed request for Usman2ABN October 12, 2023 09:19

Peter-v-d-Spek approved these changes Oct 12, 2023

View reviewed changes

BVabn merged commit 12507ae into abnamro:main Oct 12, 2023

ildyria deleted the 2775181 branch October 24, 2023 13:06

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Add support for ignore rules #184

Add support for ignore rules #184

ildyria commented Oct 12, 2023

Add support for ignore rules #184

Add support for ignore rules #184

Conversation

ildyria commented Oct 12, 2023

Ignoring findings