rsenden
commented
1 year ago The combination of SSCToBitBucket.yml and json-bitbucket-ssc-sast.yml configuration files define the SSC to BitBucket output, with the latter describing the output format.
You can override individual properties defined in these configuration files (through command line options or environment variables that match the individual property names), or you can create a custom configuration file that combines the two configuration files mentioned above, and then customize this file to your needs. The README file contains more details on how to customize the output.
Since we dont have configuration file for SSC to Azure devops, i was trying to use SSCTOBITBUCKET and it retrieves the details as per our requirement. however there are some details that we want to filter. also the security result always set to passed even though the scans has security issues. can you please provide a sample config to customize the SSTOBITBUCKET.
we would like to filter below field, 1.logo_url 2.type" : "NUMBER", "title" : "Critical (Overall)" 3."report_type" : "SECURITY" - validate correctly