Feature Request: Individual Finding Exclusions

[Conklin-Spencer-bah]

Description

Instead of skipping entire files it would be nice if there was a way to skip individual findings based on an exception. This could be done either by passing in command line arguments or having a file such as a .exceptions file containing a list of libraries to ignore.

Expected Behavior

Pass individual packages and or vulnerabilities with them based on a commandline argument.

Actual Behavior

Right now the exception process ignores all of the packages in the sbom if you specify it. There are cases where only a single package in the file needs to have an exception.

[bluesentinelsec]

Hello, thank you for the feature request.
We understand your workflows would be improved by being able to exclude individual findings.
We will add your feature request to our backlog.
I cannot offer an ETA as to when this work would begin; however, this is a topic that we discuss regularly.
We also welcome contributions if anyone from the community wishes to help.