Ignored violation still shows in plugin

[pantaoran]

Hi, I'm new to Xray so forgive me if I mix up any terms.

We have a Java/Maven project which uses a vulnerable library which does not have a fixed version. We have "ignored" that vulnerability through the Xray interface to be able to use the lib.

I would like to see this reflected in the Intellij plugin. Now the plugin still shows many components as having issues due to this one library, even though we have ignored the violation in Xray.

Could you make the plugin show this somehow, so that I can easily distinguish if new vulnerabilities have been added to the codebase? Right now the whole project is just always orange and it's not easy to see if I added any new vulnerabilities.

[eyalbe4]

@pantaoran, Thanks for sharing this. This makes sense. We'll look into adding this.

[nekator]

I encountered this issue as well. Any plans to fix it?

[nekator]

requesting the scan result with query parameter include_vulnerabilities=true returns all vulns including ignored vulns.

the parameter seems to be hard coded in https://github.com/jfrog/xray-client-java/blob/61514615045ddc461c772cbf8de9684700633196/src/main/java/com/jfrog/xray/client/impl/services/scan/ScanImpl.java#L78