Exclude line(s) of code from SAST scans using comments

Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.

• Close this issue

Proposal

When performing a SAST scan, users would like to exclude certain lines of code from producing findings.

In certain scanners and linters, this is typically done by adding one or more comments to the code with a specific marked (e.g. // nosemgrep).

While customizing rulesets allow for some exclusions, it's not granular enough. Also, if the line changes, the rule needs to be updated whereas an inline comment would move along with the relevant code.