Suppressions for SAST

PhobosDthorga · July 18, 2020, 9:36pm

Hello!

I’m currently using SAST via GitLab Ultimate with great success, although I have a great many false positives. Is it possible to use something like a suppressions list with it, or prevent SAST from scanning certain directories altogether?

I’m using the latest stable release of Gitlab Ultimate which is 13.1.4-ee (66acdb3d3e9) at the time of writing. If anymore information needs to be provided then I’m more than happy to oblige. Oh! My Gitlab repository is at the link [ 1 ] down below too, for any of those that are curious. We are self-hosted

[ 1 ] - https://code.gekkofyre.io/phobos-dthorga/small-world-deluxe

Thank you kindly!

PhobosDthorga · July 18, 2020, 10:23pm

Actually, I just found that you can use the variable, SAST_EXCLUDED_PATHS, silly me x…x

Linds · July 20, 2020, 6:15pm

Glad you found the solution so quickly, @PhobosDthorga! Thanks for letting us know, too! Please reach back out if you need anything!

Topic		Replies	Views
SAST - not detecting secrets and passwords correctly GitLab CI/CD	1	1043	August 19, 2022
Rules and including only one folder in security scans are not working GitLab CI/CD sast	0	566	May 1, 2023
Issue configuring SAST and Dependency Scanning in my github DevSecOps	0	410	December 7, 2018
Semgrep-sast scans all files but I want it to not scan some folders such as the docs folder DevSecOps	2	2303	May 29, 2021
Security-code-scan result in SAST and standalone job DevSecOps	1	1091	February 26, 2022

Suppressions for SAST

Related topics