|
|
|
|
|
|
by alfalfasprout
1427 days ago
|
|
|
So far this is the best approach I've found. The scanning tools rarely include that ability but if you build tooling around them you can maintain exclusion lists, for particular vulnerabilities, library/version pairs, etc. Unfortunately it does mean there's no getting around having someone manually deal with false positives. |
|
|