logpresso / CVE-2021-44228-Scanner

Vulnerability scanner and mitigation patch for Log4j2 CVE-2021-44228
Apache License 2.0
852 stars 173 forks source link

Document --exclude-patterns #157

Closed strawgate closed 2 years ago

strawgate commented 2 years ago

Can you document what is supported here? Is there any wildcard support, is it just if that string is found anywhere in the path it's ignored? Does it prevent traversing into a directory if the directory matches the pattern?

strawgate commented 2 years ago

It looks to just do a string contains for each element and each element must be provided with its own flag

strawgate commented 2 years ago

Looks like this applies to directory names only