Goal
Add an --ignore <cve-id> flag to suppress specific CVEs from scan results.
Context
Some CVEs may be false positives or accepted risks. Users need a way to exclude them from output without modifying the scan itself.
Expected interface
ottersight scan . --ignore CVE-2021-23337 --ignore CVE-2023-30581
Multiple --ignore flags should be supported. Ignored CVEs should not appear in the terminal table, Markdown output, or summary counts.
Relevant files
packages/cli/src/commands/scan.ts — scan command definition (commander)packages/cli/src/renderers/ — output renderers that would need to filterpackages/scanner/src/types.ts — scan result types
Getting started
- Read CONTRIBUTING.md for setup instructions
- Add
--ignore <cve> option to the scan command in commander
- Filter results before passing to renderers
- Add tests for the filtering logic
Happy to answer questions in the comments!
Goal
Add an
--ignore <cve-id>flag to suppress specific CVEs from scan results.Context
Some CVEs may be false positives or accepted risks. Users need a way to exclude them from output without modifying the scan itself.
Expected interface
ottersight scan . --ignore CVE-2021-23337 --ignore CVE-2023-30581Multiple
--ignoreflags should be supported. Ignored CVEs should not appear in the terminal table, Markdown output, or summary counts.Relevant files
packages/cli/src/commands/scan.ts— scan command definition (commander)packages/cli/src/renderers/— output renderers that would need to filterpackages/scanner/src/types.ts— scan result typesGetting started
--ignore <cve>option to the scan command in commanderHappy to answer questions in the comments!