scanner-cli icon indicating copy to clipboard operation
scanner-cli copied to clipboard

Published 20 hours ago verified publisher icon hawkeyesec

Is there a way only ignore one line code?

Open wszgxa opened this issue 4 years ago • 3 comments

Issue Template

Description

Is there a method that we can only ignore one line? like this

// hawekey-disable-next-line

I don't want to ignore whole file.

wszgxa avatar Dec 04 '19 12:12 wszgxa

Hmm, any response?

wszgxa avatar Dec 27 '19 07:12 wszgxa

if you run it with the error code, it should allow you to ignore the precise finding. hawkeye can't control what the different tools do, unfortunately, only the findings.

which tools is the one that reports a finding?

felixhammerl avatar Feb 16 '20 20:02 felixhammerl

@felixhammerl Sorry for delay.

It's files-contents module. I have took a look at the code, looks like don't have this functionality.

module.exports = {
  key,
  description: 'Scans for suspicious file contents that are likely to contain secrets',
  enabled: true,
  handles: async () => true,
  run: async fm => fm.languageFiles
    .map(file => ({ file, content: fm.readFileSync(file) }))
    .map(({ file, content }) => patterns.map(pattern => checkFileWithPattern(pattern, file, content)))
    .reduce((flatmap, next) => flatmap.concat(next), [])
    .filter(result => !!result)
    .reduce((results, res) => results[res.level](res), new ModuleResults(key))
}

const checkFileWithPattern = ({ code, level, description, regex }, file, content) => {
  const result = regex.exec(content)
  if (!result) return

  const line = content.split(result[0])[0].split('\n').length
  return { code: `${file}-${code}`, offender: file, description, level, mitigation: `Check line number: ${line}` }
}

wszgxa avatar Mar 11 '20 10:03 wszgxa