This PR ignores bincapz findings by default (which can be overridden with --ignore-self=false) while also allowing the current test cases to pass (using IgnoreSelf: false).
There are two methods for ignoring the findings in this PR:
if the absolute directory path contains bincapz, ignore adding the file to the list of files to scan
a new YARA rule ignoring bincapz
Example of running the rule against the compiled bincapz binary:
❯ go run . ~/Downloads/bincapz
versus (using --format simple to keep the output somewhat small):
Closes: https://github.com/chainguard-dev/bincapz/issues/134
This PR ignores
bincapz
findings by default (which can be overridden with--ignore-self=false
) while also allowing the current test cases to pass (usingIgnoreSelf: false
).There are two methods for ignoring the findings in this PR:
bincapz
, ignore adding the file to the list of files to scanbincapz
Example of running the rule against the compiled
bincapz
binary:versus (using
--format simple
to keep the output somewhat small):make test
passes with these changes.cc: @tstromberg @vaikas