Client: Perform multiple requests to mark false positives if the false positives list exceeds the accepted limit of the SecHub server

mercedes-benz / sechub

SecHub provides a central API to test software with different security tools.

https://mercedes-benz.github.io/sechub/

MIT License

259 stars 58 forks source link

Client: Perform multiple requests to mark false positives if the false positives list exceeds the accepted limit of the SecHub server #3122

Closed winzj closed 1 month ago

winzj commented 1 month ago

Situation

Currently the SecHub server allows 500 false positives to be marked with one request as a maximum amount. For larger projects this might be not enough.

Wanted

The SecHub client could perform multiple smaller requests to never exceed this limitation. This idea came up with #3119.

Remark

If it is necessary that the SecHub server can return the configured limitation (currently 500 false positives), this needs another issue.

sven-dmlr commented 1 month ago

Checked if chunking is also needed for unmarking false-positives: No. Unmarking works one by one (see https://mercedes-benz.github.io/sechub/latest/sechub-restapi.html#user-unmarks-existing-false-positive-definitons)