applicabilityScan: add "indirect-cve-whitelist" to scanner YAML confi…

jfrog / jfrog-vscode-extension

JFrog VS-Code Extension

https://jfrog.github.io/jfrog-vscode-extension

Apache License 2.0

189 stars 32 forks source link

applicabilityScan: add "indirect-cve-whitelist" to scanner YAML confi… #450

Closed srmish-jfrog closed 7 months ago

srmish-jfrog commented 7 months ago

…guration

Add support for applicability scanning of indirect (transitive) CVEs. This is done by sending a separate list of detected indirect CVEs (indirect-cve-whitelist) to the applicability scanner YAML configuration file.

[v] All tests passed. If this feature is not already covered by the tests, I added new tests.
[v] I used npm run format for formatting the code before submitting the pull request.

github-actions[bot] commented 7 months ago

[![👍 Frogbot scanned this pull request and found that it did not add vulnerable dependencies.](https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/noVulnerabilityBannerPR.png)](https://github.com/jfrog/frogbot#readme)

[🐸 JFrog Frogbot](https://github.com/jfrog/frogbot#readme)

jfrog / jfrog-vscode-extension

applicabilityScan: add "indirect-cve-whitelist" to scanner YAML confi… #450

[v] I used npm run format for formatting the code before submitting the pull request.

[v] I used `npm run format` for formatting the code before submitting the pull request.