Closed joelmusheno closed 1 year ago
Thank you for your feedback! We have plans to release a suppressions file feature in an upcoming release, but do not yet have an exact ETA on when it will be ready.
Adding to this, although the official feature is not yet released/supported the mechanism for this is already in the codebase. Please see the instructions here for an example of how you can configure it early: https://github.com/microsoft/security-devops-azdevops/issues/38#issuecomment-1509461347
I'm using:
I'd like to establish a baseline without halting my build.
I know i could simply turn
break: false
but I'm trying to stop any contributors from including. I'd like to follow the pattern that static analysis does with with a suppression file (like GlobalSuppressions.cs for static code analysis).I can't find any documentation on suppression lists/files, the only docs I can find point me to comments in line:
#[SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine")]
or#[SuppressMessage("Microsoft.Security", "CS002:SecretInLine")]
I have a few issues
Does anyone have a way to specify files/lines to ignore outside of in-line comments?