Closed sven-dmlr closed 4 years ago
Idea: use whitelist (allowed file extensions) instead of exclude patterns. (we will provide a default whitelist / include patterns: see https://github.com/Daimler/sechub/issues/256). But excludes make still sense - e.g. to prevent tests being scanned
I think the folder */test/*
can be excluded by default.
Hmm.. I would appreciate more **/src/test/**
because its the maven/gradle standard - and also prevents to have accidently filtered unwanted parts - e.g. com.example.myserver.test.NetworkConnectionStable.java
will not be filtered...
Hmm.. I would appreciate more
**/src/test/**
because its the maven/gradle standard - and also prevents to have accidently filtered unwanted parts - e.g.com.example.myserver.test.NetworkConnectionStable.java
will not be filtered...
When the filter is **/test/**
, your example would not be filtered because of the directory separators /
. I see no unwanted effects with this pattern.
Will add "**/test/**", "**/.git/**"
initially.
Code Scan: Enable lazy usage of client: If no excludes are defined in the sechub.json config file, then use reasonable defaults. ( see https://daimler.github.io/sechub/latest/sechub-client.html#example-upload-folders-with-excludes )
Benefits:
Open discussion: Which exclude patterns should be added (source code scan)?