search

google / osv-scanner

Vulnerability scanner written in Go which uses the data provided by https://osv.dev
https://google.github.io/osv-scanner/
Apache License 2.0
6.15k stars 347 forks source link

feat: support `vulnerabilities.ignore` in package overrides #1268

Open G-Rath opened 6 days ago

G-Rath commented 6 days ago

This implements the ability to ignore vulnerabilities in a matching group of packages while still reporting license violations, as the inverse to license.ignore.

Resolves #1226

codecov-commenter commented 6 days ago

Codecov Report

All modified and coverable lines are covered by tests :white_check_mark:

Project coverage is 68.46%. Comparing base (866b3e0) to head (a46e383).

Additional details and impacted files ```diff @@ Coverage Diff @@ ## main #1268 +/- ## ========================================== + Coverage 68.43% 68.46% +0.03% ========================================== Files 175 175 Lines 16798 16805 +7 ========================================== + Hits 11495 11505 +10 + Misses 4673 4671 -2 + Partials 630 629 -1 ```

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.