search

aws-actions / vulnerability-scan-github-action-for-amazon-inspector

Scan artifacts with Amazon Inspector from GitHub Actions workflows.
https://docs.aws.amazon.com/inspector/
MIT License
22 stars 5 forks source link

Feature Request: Individual Finding Exclusions #90

Open Conklin-Spencer-bah opened 1 week ago

Conklin-Spencer-bah commented 1 week ago

Description

Instead of skipping entire files it would be nice if there was a way to skip individual findings based on an exception. This could be done either by passing in command line arguments or having a file such as a .exceptions file containing a list of libraries to ignore.

Expected Behavior

Pass individual packages and or vulnerabilities with them based on a commandline argument.

Actual Behavior

Right now the exception process ignores all of the packages in the sbom if you specify it. There are cases where only a single package in the file needs to have an exception.

bluesentinelsec commented 1 week ago

Hello, thank you for the feature request. We understand your workflows would be improved by being able to exclude individual findings. We will add your feature request to our backlog. I cannot offer an ETA as to when this work would begin; however, this is a topic that we discuss regularly. We also welcome contributions if anyone from the community wishes to help.