Closed DarthHater closed 3 years ago
Uses the json structure from
auditjs
Much of the rust ecosystem uses TOML rather than JSON. Are we expecting to have cross-over with auditjs
for ignore files? I think we should see if we can support both JSON and TOML if serde will give it to us for free
@amy-keibler not so much crossover, but just like, keeping it common amongst the tools. It's different in Nancy, however, so who knows :shrug:
Do they only filter by the UUID or is there a more user-facing way to build up the filter file? (I'm not super familiar with the way we specify vulnerabilities yet, so I added a dbg!()
to get the UUID of the one for time
in our current project
@amy-keibler in nancy we allowed filtering by title, but auditjs we only do uuid (which I suspect is reasonable, as long as we output it, whichhhh I should do in this too).
This is largely a transposition of what we do in
auditjs
, but I doubt it's right, so opening a PR for feedback!This pull request makes the following changes:
Adds a
filter_vulnerabilities
tolib.rs
, I didn't think this fully merited a huge implementation quite yetUses the json structure from
auditjs
which is:Adds an
ignore_file
param forpants
It relates to the following issue #s: