You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The amount of false positives that can be added by "defineFalsePositives" or "markFalsePositives" is limited to 500.
Wanted
This should be documented in the SecHub documentation
This limit should be increased for large projects
Background
In our project we maintain a false positive list in our repository.
Before we run our SecHub scan we define this list as false postives. This allows us that developers can add false positives without having access to our SecHub API key.
As our project is quite big, this false-positive list has around 2000 entries and thus exceeds the maximum number that is defined by sechub.
It might be possible that we do not use this feature as intended. However, this limit should appear in the documentation.
The text was updated successfully, but these errors were encountered:
thank you for reporting this. You are correct this must be documented and we will have a look into the request to increase this limit for larger projects.
Since the limit of 500 false positives is per request, I would have expected this size to be enough at least for the defineFalsePositives action of the sechub cli.
Besides increasing the limit, maybe it would be nice, if the sechub cli automatically performs multiple requests if the false positive list exceeds the configured limit.
Situation
The amount of false positives that can be added by "defineFalsePositives" or "markFalsePositives" is limited to 500.
Wanted
Background
In our project we maintain a false positive list in our repository.
Before we run our SecHub scan we define this list as false postives. This allows us that developers can add false positives without having access to our SecHub API key.
As our project is quite big, this false-positive list has around 2000 entries and thus exceeds the maximum number that is defined by sechub.
It might be possible that we do not use this feature as intended. However, this limit should appear in the documentation.
The text was updated successfully, but these errors were encountered: