Suppressions for SAST


I’m currently using SAST via GitLab Ultimate with great success, although I have a great many false positives. Is it possible to use something like a suppressions list with it, or prevent SAST from scanning certain directories altogether?

I’m using the latest stable release of Gitlab Ultimate which is 13.1.4-ee (66acdb3d3e9) at the time of writing. If anymore information needs to be provided then I’m more than happy to oblige. Oh! My Gitlab repository is at the link [ 1 ] down below too, for any of those that are curious. We are self-hosted :slight_smile:

[ 1 ] -

Thank you kindly!

Actually, I just found that you can use the variable, SAST_EXCLUDED_PATHS, silly me x…x


Glad you found the solution so quickly, @PhobosDthorga! Thanks for letting us know, too! Please reach back out if you need anything!