New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Suppression with only filePath doesn't filter matches #488
Comments
Apparently I need to update the schema. The intent is that you would always be suppressing a specific CPE or CVE. As such, you could add the following node to get the expected functionality: <cpe regex="true">.*</cpe> |
An updated schema has been created/published and will be used in the next release (1.3.7). The updated schema makes it clear that you must include at least one CPE, CVE, CWE, or CVSSBelow Node. |
This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs. |
A suppression can be specified by just a filePath element. The XSD doesn't require any of the
cpe
,cve
,cwe
orcvssBelow
elements. If such a rule is specified, I would expect the file to be ignored, but the implementation is not so. It turns out, the implementation does expect at least one of the for elements, or the suppression will not have any effect.Example:
The text was updated successfully, but these errors were encountered: