Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: ignore warnings via .nsci-ignore file #7

Merged
merged 26 commits into from
Jul 3, 2022
Merged

feat: ignore warnings via .nsci-ignore file #7

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
26 commits
Select commit Hold shift + click to select a range
00c8094
feat: add getIngoreFile fn
tony-go Jun 9, 2022
04c234e
chore: delete di and use mock-fs
tony-go Jun 19, 2022
a8756bc
feat: make validator return error
tony-go Jun 19, 2022
dc9153f
fix: root path
tony-go Jun 19, 2022
0845d8d
feat: add base filter
tony-go Jun 20, 2022
226a533
chore: update ns pakcages
tony-go Jun 20, 2022
d3e6408
fix: types
tony-go Jun 20, 2022
a84d795
Merge branch 'main' into feature/nsci-ignore
tony-go Jun 22, 2022
5b2f2c3
chore(interpret): create hasWarningsIgnorePatterns func
tony-go Jun 23, 2022
49f33ea
chore(adapt): fix import)
tony-go Jun 23, 2022
04fee5a
fix(adapt): dont return ignorePatterns
tony-go Jun 23, 2022
5d28da2
fix(ignore-file): add jsxray types
tony-go Jun 23, 2022
7676d7f
fix: use process.cwd()
tony-go Jun 23, 2022
02e0458
fix: use IgnorePatterns.default instead of creating manual object
tony-go Jun 23, 2022
fc56f99
fix: lint + use IgnorePatterns.default
tony-go Jun 23, 2022
39d2bba
fix: standardizeExternalConfiguration type
tony-go Jun 23, 2022
4212bea
chore: rename filter function
tony-go Jun 23, 2022
ffdc9bd
chore: rename a few variables/func/types
tony-go Jun 27, 2022
6c2825a
test: move test and fix types
tony-go Jun 29, 2022
f0c0fb7
chore: apply linter
tony-go Jun 29, 2022
a2682de
chore(interpret): add fixture generators
tony-go Jun 29, 2022
c5156ce
chore: rename ignore file
tony-go Jul 1, 2022
ef2eac9
fix: create temporary logger abstract
tony-go Jul 1, 2022
0bc588a
chore: apply linter
tony-go Jul 1, 2022
f27eb14
doc: add .nodesecureignore base doc
tony-go Jul 1, 2022
fc25e10
fix: IgnorePatterns & IgnoreWarningsPatterns abstract
tony-go Jul 2, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
21 changes: 21 additions & 0 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -183,6 +183,27 @@ If you don't have the possibility to generate a **.nodesecurerc** file, there ar

The idea is to provide same options for all types of configuration. Nevertheless for now, the specific way to set a **warnings** dictionary (other than "error" | "warning" | "off" options) is only available when using the **.nodesecurerc** or **API** configurations.

#### .nodesecureignore (ignore file)

During your NodeSecure journey it's possible that you'll find false positives. The `.nodesecureignore` is the perfect tool to address these cases.

Let's say that you want to exclude `"unsafe-regex"` from `express`:

1. Create your `.nodesecureignore` file at the root of your project

2. Add the following JSON content:

```json
{
"warnings": {
"unsafe-regex": ["express"]
}
}
```

3. Run your analysis as usual: no more `unsafe-regex` for `express` package.

> Found the list of warnings available [here](https://github.com/NodeSecure/js-x-ray#warnings)
---

#### CLI
Expand Down
Loading