Ignore a Violation

JFrog Security Documentation

ft:sourceType
Paligo

Follow these steps to create an Ignore Rule for a violation. When creating an ignore rule, the ignore rule is applied to the specific violation and all future violations that meet the ignore rule criteria. For a number of examples on when you might want to ignore violations, see Ignore Violations Examples.

  1. Select the required Watch and click the Violations tab.

    image2020-10-26_23-17-46.png

    You can also view violations for an Artifact, Build, or Release Bundle by selecting the Violations tab in a Package, or in the specific Artifact, Build, or Release Bundle. You can filter to see only ignored violations.

    image (38).png
  2. From the Violations list, hover over the required violation in the list and click image2020-10-26_23-19-44.png Ignore Violation, located on the rightmost side of the line.

    The Create Vulnerability Ignore Rule dialog box appears.

    image2020-12-2_16-58-55.png
  3. Choose a combination of the ignore criteria depending on your needs.

    Ignore Rule

    Description

    Based on the Vulnerability

    Vulnerability ID selected

    The rule will be applied to the specific security vulnerability only.

    For any Vulnerability

    The rule will be applied to all security vulnerabilities.

    Based on the Component

    Component name selected current version

    The rule will be applied to the specific component for that specific version of the component only.

    Component name selected any version

    The rule will be applied to the specific component for all versions of that component.

    For any component

    The rule will be applied to all components that contain that violation.

    Based on the Artifact

    Note: Take note, if it's in a Build or Release Bundle, it will appear here as based on Build or Release Bundle.

    Artifact name selected current version

    The rule will be applied to the specific artifact for that specific version of the artifact only.

    Artifact name selected any version

    The rule will be applied to the specific artifact for all versions of that artifact.

    For any Artifact

    The rule will be applied to all artifacts that contain that violation.

    Based on the Watch

    Specific Watch

    The rule will be applied to the specific watch where the violation was found.

    For any Watch

    The rule will be applied to all watches.

    The ignore rule will expire at

    The rule will expire on the date you set here. This gives you the ability to keep the ignore rule for a violation for the period of time you set.

    When the time expires, the ignore rule will be removed. Once a scan is triggered after the expiration date, violations will be created again.

Combination Criteria

When selecting the ignore criteria, take note of the combinations you choose. Some combinations such as selecting everything as Any is not allowed as it will ignore all future violations (in the watch or in the system).

The Ignore Rules REST API allows you to choose more scopes for the Ignore Rule as well as more options in each scope.