Credscan: Support suppression in files that does not allow comments, such as JSON documents

microsoft / security-devops-azdevops

Microsoft Security DevOps extension for Azure DevOps.

MIT License

60 stars 16 forks source link

Credscan: Support suppression in files that does not allow comments, such as JSON documents #46

Closed eatsleepcodeplayrepeat closed 1 year ago

eatsleepcodeplayrepeat commented 1 year ago

There is no way of suppressing JSON documents as they do not support comments. Or I have not found documentation on how to use .gdnconfig for CredScan so suppress files.

chrisnielsen-MS commented 1 year ago

Hi @eatsleepcodeplayrepeat

We plan to release a better user experience for suppressions in an upcoming release, but for now there are instructions on how you can do so early here: https://github.com/microsoft/security-devops-azdevops/issues/38#issuecomment-1509461347