Delete issues for removed source code files

StackOverflow https://stackoverflow.com/questions/14029828

  •  12-12-2021
  •  | 
  •  

Question

Is it possible to delete (instead of marking removed) issues from files which are deleted now?

I've tried excluding the files from the Project Translation when scanning, but it didn't help. Now when those files are deleted, I don't want to see their issues in the Fortify project.

BTW I'm using HP Fortify 3.70.

Was it helpful?

Solution

I believe that best practices would say:

  1. Audit tag as appropriate
  2. Add comment that they were removed
  3. Suppress the vulnerabilities.

You can do this quickly by "grouping by" source file, multiselecting, then Tag/Comment/Suppress all at one time.

Actually removing vulnerabilities would break the history audit trail.

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top