Skip to content

[ci] Add exclusions for PoliCheck and CredScan#2389

Merged
Redth merged 9 commits into
mainfrom
dev/pjc/poli-exclude
Feb 17, 2023
Merged

[ci] Add exclusions for PoliCheck and CredScan#2389
Redth merged 9 commits into
mainfrom
dev/pjc/poli-exclude

Conversation

@pjcollins
Copy link
Copy Markdown
Collaborator

@pjcollins pjcollins commented Feb 16, 2023
edited
Loading

Adds a exclusion files for CredScan and PoliCheck to ignore third party
sources and a mathematical term used as a variable name in number of
places. The versions of the compliance and reporting tasks used have
also been updated.

The new source.gdnsuppress file is used to exclude specific terms from
PoliCheck, as the PoliCheckExclusions.xml file does not allow very
granular control. This file is generated and uploaded by the build, and
the generated file can be used to update the in-tree file to exclude
more terms in the future as needed.

@pjcollins
[ci] Add PoliCheckExclusions.xml
18210d5 
Adds an exclusions file for policheck to allow it to ignore the sources
in the `third_party` folder that we do not own.
@pjcollins pjcollins mentioned this pull request Feb 16, 2023
Closed
@pjcollins
Copy link
Copy Markdown
Collaborator Author

pjcollins commented Feb 16, 2023
edited
Loading

This cuts the issue set down dramatically (from PoliCheck failed with 2617 issues found to PoliCheck failed with 112 issues found), but there are still some components we will want to try to address.

Latest failing run from main: https://devdiv.visualstudio.com/DevDiv/_build/results?buildId=7141188&view=logs&j=20168050-bfe6-5e92-c15c-a5eae27a73d9&t=dc840bab-140a-508c-d5e2-ec42cf763889&l=2674

@pjcollins pjcollins changed the title [ci] Add PoliCheckExclusions.xml [ci] Add exclusions for PoliCheck and CredScan Feb 16, 2023
@pjcollins pjcollins requested a review from mattleibow February 17, 2023 00:32
@pjcollins
Copy link
Copy Markdown
Collaborator Author

pjcollins commented Feb 17, 2023

The new versions of the tools have uncovered some more issues, but we've gone from 2617 down to 169 in the latest run and now have a better starting point to resolve the rest. This should be ready to go.

@pjcollins pjcollins requested a review from Redth February 17, 2023 16:56
@Redth Redth merged commit 1315fc5 into main Feb 17, 2023
@mattleibow mattleibow deleted the dev/pjc/poli-exclude branch October 28, 2024 14:08
@dependabot dependabot Bot mentioned this pull request Jul 22, 2025
Merged
This was referenced Aug 17, 2025
Open
Open
@dependabot dependabot Bot mentioned this pull request Feb 23, 2026
Merged
@dependabot dependabot Bot mentioned this pull request Mar 6, 2026
Open
@dependabot dependabot Bot mentioned this pull request Mar 20, 2026
Open
This was referenced Apr 13, 2026
Open
Open
@dependabot dependabot Bot mentioned this pull request May 8, 2026
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Redth Redth Redth approved these changes

@mattleibow mattleibow Awaiting requested review from mattleibow

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@pjcollins @Redth