Closed gutschet closed 10 months ago
(1) Excellent suggestion, @gutschet (2) Proposed: Create a new Epic. Perhaps name the Epic, "Improvements_to_Waivers"
Then, Add/Link these 3 tickets below, to the new Epic:
@gh-greg , thanks a lot! Hope I did it right!
@kzantow Can you assign me to this issue? I would like to work on it.
Hello!
What would you like to be added:
In the yaml config to ignore certain vulnerabilities, it would be nice if we could also add the reason, why we ignore the vulnerabilities. This information would really help us create automated security reports about our images. Here an easy example (only shows the requested feature, the example rule itself does not make sense):
.grype.yaml:
Then in our output template, we would love to be able to use this reason: myTemplate.tmpl:
The output should then look like this:
Why is this needed:
Documenting the reason for an ignore rule would help understanding third parties, why we decided to ignore some vulnerabilities. Therefor it would be really helpful for us to be able to use the reason field in an output template, so we can generate the reasons into our security reports.
Kind regards Timo