Snyk是否可以配置为忽略特定Maven依赖项的所有问题?

huangapple go评论77阅读模式
英文:

Can snyk be configured to ignore all issues for a particular maven dependency?

问题

我想澄清一些关于 snyk ignore 的问题。
是否可以配置 .snyk 文件 来忽略特定 Maven 依赖项的所有问题。
https://docs.snyk.io/snyk-cli/commands/ignore

ignore:
  '*':  //<ISSUE_ID> 所有问题
    - 'maven依赖路径':    // <PATH_TO_RESOURCE>
      reason: <原因>
      expires: <到期日期>

我认为这可能行不通,因为这里需要指定问题的 ID。无论如何,我会感激任何建议。

英文:

I would like to clarify some moments regarding snyk ignore.
Is it possible to configure .snyk file to ignore all kinds of issues for a particular maven dependency.
https://docs.snyk.io/snyk-cli/commands/ignore

ignore:
  &#39;*&#39;:  //&lt;ISSUE_ID&gt; all issues
    - &#39;path to maven dependecny&#39;:    // &lt;PATH_TO_RESOURCE&gt;
      reason: &lt;REASON&gt;
      expires: &lt;EXPIRY&gt;

I suppose it will not work as here issues' ids should be specified.
Anyway. I would be grateful for any piece of advice.

答案1

得分: 1

今天的 .snyk 文件可以忽略以下内容:

  • 一个文件
  • 一个文件夹
  • 一个问题 ID(漏洞或许可问题)

但今天它不允许忽略特定的依赖项。如果您拥有企业计划,您可以在组级别的策略选项卡中批量忽略与此依赖项相关的 CVE,尽管这不是理想的解决办法。

您也可以在界面上使用忽略按钮,但这将基于每个项目每个漏洞的基础。

英文:

Today the .snyk file can ignore:

  • a file
  • a folder
  • a issue ID (vulnerability or license issue)

Today it doesn't allow to ignore a specific dependency. If you have an Enterprise plan you may ignore at scale the CVEs associated to this dependency in the Policies tab in the Group level today, it is not ideal but some kind of workaround.

You may also use the ignore button in the UI but it will be on a per-project per-vuln basis

huangapple
  • 本文由 发表于 2023年6月29日 20:07:48
  • 转载请务必保留本文链接:https://go.coder-hub.com/76580904.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定