Configuration - Dependencies

Ignore Findings

To allowlist CVEs add them to the ignore list. The repositories list is only applicable in the global configuration file.

dependencies:
  ignore:
    - cve: CVE-2021-1234
      reason: This is a false positive
    - cve: CVE-2021-5678
      reason: This isn't exploitable in client applications but we should update it eventually
      # optional expiry date
      expiry: "2024-09-12T00:00:00Z"
      # optional repositories filter
      repositories:
        - dast-action
        - cli

Last updated

© 2023 Nullify | All Rights Reserved.