Acknowledge findings #40
Description
Is your feature request related to a problem? Please describe.
There are situations where a Poutine finding is not relevant in its context, for example pr_runs_on_self_hosted when the runner is hardened or untrusted_checkout_exec when there are additional checks in place.
Describe the solution you'd like
I'd like a way to acknowledge a given finding, e.g. by adding it to some well-known file:
Describe alternatives you've considered
We might of course just ignore those findings, but that has some drawbacks:
- tool output is cluttered, relevant new findings might be missed
- outside collaborators might scan public repositories and get nervous when they see the findings, causing unnecessary noise for the maintainers