How do I remove issues in vendor code which should be ignored by the scan?

[ben.c...@gmail.com]

Hi

I tried asking this on StackOverflow but it's not getting much attention so I thought I'd try it here. http://stackoverflow.com/questions/43136872/how-do-i-remove-issues-in-vendor-code-which-should-be-ignored-by-the-scan

Basically, we've done a scan and it's scanned a load of vendor javascript that we won't ever fix.

I've added settings in the project administration area that I think should make the scanner ignore those files. I assumed that future scans would then remove the issues as the files are no longer in scope but that's not happening.

Is there something wrong with the values I've used for exclusion or have I made an incorrect assumption about the scanner removing the issues now that those files aren't in scope?

Do I need to manually go through and mark all those issues as "Won't Fix" and then they won't get picked up again?

Thanks

Ben

[G. Ann Campbell]

Hi Ben,

IIRC, something about the exclusions should be reflected in your analysis log...? What (if anything) does it say?

Ann