malcontent icon indicating copy to clipboard operation
malcontent copied to clipboard
Published 2 months ago verified publisher icon chainguard-dev

Better handling of questionable false-positives

Open egibs opened this issue 1 year ago • 0 comments

As seen here.

This was a "false positive" for our purposes since we build frp and offer it as a package; however, outside of this, its usage is probably worth some scrutiny. That said, this rule is a third-party rule which can only be tuned by turning it off entirely.

It would be nice to allow for third-party rule severity remapping, but TBD what this looks like. Usually we'd just go in and modify the severity of the rule directly, but that's also a pain point.

We could start small and manage a map of rules and their desired severity; if a match is found, then we can check the map for the rule ID and set the severity appropriately. Otherwise, the original severity is used.

egibs avatar Aug 19 '24 12:08 egibs