wszgxa
commented
4 years ago Hmm, any response?
Open wszgxa opened 4 years ago
wszgxa
commented
4 years ago Hmm, any response?
felixhammerl
commented
4 years ago if you run it with the error code, it should allow you to ignore the precise finding. hawkeye can't control what the different tools do, unfortunately, only the findings.
which tools is the one that reports a finding?
wszgxa
commented
4 years ago @felixhammerl Sorry for delay.
It's files-contents module. I have took a look at the code, looks like don't have this functionality.
module.exports = {
key,
description: 'Scans for suspicious file contents that are likely to contain secrets',
enabled: true,
handles: async () => true,
run: async fm => fm.languageFiles
.map(file => ({ file, content: fm.readFileSync(file) }))
.map(({ file, content }) => patterns.map(pattern => checkFileWithPattern(pattern, file, content)))
.reduce((flatmap, next) => flatmap.concat(next), [])
.filter(result => !!result)
.reduce((results, res) => results[res.level](res), new ModuleResults(key))
}
const checkFileWithPattern = ({ code, level, description, regex }, file, content) => {
const result = regex.exec(content)
if (!result) return
const line = content.split(result[0])[0].split('\n').length
return { code: `${file}-${code}`, offender: file, description, level, mitigation: `Check line number: ${line}` }
}
Issue Template
Description
Is there a method that we can only ignore one line? like this
I don't want to ignore whole file.