How to exclude node_modules and other directories from the scan?

Checkmarx / ast-azure-plugin

The CxAST Azure DevOps plugin enables you to trigger SAST, SCA, and KICS scans directly from an Azure DevOps pipeline.

https://marketplace.visualstudio.com/items?itemName=checkmarx.checkmarx-ast-azure-plugin

Apache License 2.0

4 stars 2 forks source link

How to exclude node_modules and other directories from the scan? #452

Closed ausshadu closed 10 months ago

ausshadu commented 10 months ago

Describe the bug

I have a react project, and I would like to exclude node_modules and other specific directories

The Azure Pipeline task is below

- task: Checkmarx AST@2
  displayName: 'Checkmarx AST'
  condition: and(always(), eq('${{ parameters.ShouldRunCheckMarx }}', true))
  continueOnError: true
  inputs:
    CheckmarxService: 'CheckMarx-Connection'
    projectName: $(Build.Repository.Name)
    branchName: $(Build.SourceBranchName)
    tenantName: ${{ parameters.tenantName }}
    additionalParams: |
      --file-filter '!node_modules'

This is not working.

github-actions[bot] commented 10 months ago

Internal Jira issue: AST-32984

jbrotsos commented 10 months ago

@ausshadu thanks for the bug report, we will get back to you asap. This should indeed work.

FYI @pedrompflopes

ausshadu commented 10 months ago

Hi @jbrotsos This is working now. I looked at pipeline configurations and found a small typo. Apologies for the confusion. I had written

--file-filter: '!node_modules'

Instead of

--file-filter '!node_modules'

Now this is scanning excluding the node_modules directory.