scanner-cli
scanner-cli copied to clipboard
Is there a way only ignore one line code?
Issue Template
Description
Is there a method that we can only ignore one line? like this
// hawekey-disable-next-line
I don't want to ignore whole file.
Hmm, any response?
if you run it with the error code, it should allow you to ignore the precise finding. hawkeye can't control what the different tools do, unfortunately, only the findings.
which tools is the one that reports a finding?
@felixhammerl Sorry for delay.
It's files-contents
module. I have took a look at the code, looks like don't have this functionality.
module.exports = {
key,
description: 'Scans for suspicious file contents that are likely to contain secrets',
enabled: true,
handles: async () => true,
run: async fm => fm.languageFiles
.map(file => ({ file, content: fm.readFileSync(file) }))
.map(({ file, content }) => patterns.map(pattern => checkFileWithPattern(pattern, file, content)))
.reduce((flatmap, next) => flatmap.concat(next), [])
.filter(result => !!result)
.reduce((results, res) => results[res.level](res), new ModuleResults(key))
}
const checkFileWithPattern = ({ code, level, description, regex }, file, content) => {
const result = regex.exec(content)
if (!result) return
const line = content.split(result[0])[0].split('\n').length
return { code: `${file}-${code}`, offender: file, description, level, mitigation: `Check line number: ${line}` }
}