Add false positive limit to documentation

[kaschka]

Situation

The amount of false positives that can be added by "defineFalsePositives" or "markFalsePositives" is limited to 500.

Wanted

• This should be documented in the SecHub documentation
• This limit should be increased for large projects

Background

In our project we maintain a false positive list in our repository. Before we run our SecHub scan we define this list as false postives. This allows us that developers can add false positives without having access to our SecHub API key. As our project is quite big, this false-positive list has around 2000 entries and thus exceeds the maximum number that is defined by sechub. It might be possible that we do not use this feature as intended. However, this limit should appear in the documentation.

[winzj]

Hi @kaschka,

thank you for reporting this. You are correct this must be documented and we will have a look into the request to increase this limit for larger projects.

Since the limit of 500 false positives is per request, I would have expected this size to be enough at least for the defineFalsePositives action of the sechub cli.

Besides increasing the limit, maybe it would be nice, if the sechub cli automatically performs multiple requests if the false positive list exceeds the configured limit.