Marking vulnerability as false positive

[sitraj]

Hi,

Thank you for writing this tool which helps to perform static security analysis of apk files. I would like to know, is it possible to mark any vulnerability/security issue as False positive in current implementation? If not, is it possible to add the functionality?

This way it will be easier to maintain the history of the application.

[superpoussin22]

@phoenixadb time for a sonar connector ?

[superpoussin22]

Plugin is in progress and could arrive end of January

[ajinabraham]

enhancements are tracked separately

[kaczalapa]

Hello,
I want to refresh that issue and ask you when this feature can be implemented in your tool? I see it on TODO list on #264 but on the other hand you wrote that it is in progress half year ago. What is the status of this feature?

[ajinabraham]

This is something we plan to do after we change the our SAST core and that will take some time. We don't have a timeline for this yet.