If a vulnerability is not relevant, you can ignore it directly from the IDE.
Based on the scope of your ignore you have two possibilities :
  1. If you want to ignore on this specific issues or issues in this file, click on the ignore button in the detailed view of a vulnerability and choose :
    • Ignore: The detection is correct but you want still to ignore this issue
    • Declare a false positive: The detection is incorrect and you want to flag a false positive
  2. If you want to ignore this vulnerability on the whole repository, you can use the Configuration File

Ignore a specific issue

The ignore comment will be generated by clicking on the ignore button, but you can also write it yourself by following this syntax : 
# nosymbiotic {rule_id} -- {ignore_comment}
Ignore Comment Pn To ignore multiple rules you can write all the rules you want to ignore separated by a comma : 
# nosymbiotic {rule_id},{rule_id} -- {ignore_comment}

Ignore a vulnerability at the repository scope

Using our Configuration File you can tailor the detection to your context and focus on what’s important to remediate. This file allow you to define Policy Breaching vulnerabilities (that will be highlighted in the IDE and blocking in CI) but also which vulnerabilities to ignore. Those configurations can be written based on the file path, severity, language, vulnerability id provider or service.