Contact Details
[email protected]
What problem does this solve?
As you can see in the image, the extension is detecting code issues in native packages (/usr/local/go/src/...) and also dependency code (~/go/pkg/mod/...).
Proposed Solution
My suggestion comes in two ways:
- Allow the user to customize in the settings which paths to exclude from scanning/results
Example:
{
"files.exclude": {
"**/.git": true,
"**/.svn": true,
"**/.hg": true,
"**/.DS_Store": true,
"**/Thumbs.db": true
},
// maybe with this syntax? or something similar
//"checkmarxOne.scanExclude" {},
}
- Set per language exclusion defaults. In this case (golang) exclude
/usr/local/go/src/* and other common paths for go src code (maybe using GOROOT env var) $GOROOT/src/*
- In case the user WANTS the native package scanning we can have explicit inclusions as well:
// maybe with this syntax? or something similar
//"checkmarxOne.scanInclude" {},Importance Level
Critical
Additional Information
I mark this enhancement as critical because in a debug session this issues tend to clutter the problems tab and cause actual issues to go unnoticed
Contact Details
[email protected]
What problem does this solve?
As you can see in the image, the extension is detecting code issues in native packages (
/usr/local/go/src/...) and also dependency code (~/go/pkg/mod/...).Proposed Solution
My suggestion comes in two ways:
Example:
{ "files.exclude": { "**/.git": true, "**/.svn": true, "**/.hg": true, "**/.DS_Store": true, "**/Thumbs.db": true }, // maybe with this syntax? or something similar //"checkmarxOne.scanExclude" {}, }/usr/local/go/src/*and other common paths for go src code (maybe using GOROOT env var)$GOROOT/src/*Importance Level
Critical
Additional Information
I mark this enhancement as critical because in a debug session this issues tend to clutter the problems tab and cause actual issues to go unnoticed