cmd/vulnreport: skip issues that are out of scope

Issues labeled OUT_OF_SCOPE should not get a report at all, so skip them in "vulnreport create". Change-Id: Ic7051c1ca96e1836653f4f5fc5633a771ccec805 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/592455 Reviewed-by: Damien Neil <[email protected]> LUCI-TryBot-Result: Go LUCI <[email protected]>
golang · Jun 14, 2024 · 12d366a · 12d366a
1 parent a5e4183
commit 12d366a
Showing 1 changed file with 5 additions and 0 deletions.
diff --git a/cmd/vulnreport/creator.go b/cmd/vulnreport/creator.go
@@ -65,6 +65,10 @@ func (c *creator) skip(input any) string {
 }
 
 func skip(iss *issues.Issue, x *xrefer) string {
+	if iss.HasLabel(labelOutOfScope) {
+		return "out of scope"
+	}
+
 	if iss.HasLabel(labelDuplicate) {
 		return "duplicate issue"
 	}
@@ -256,6 +260,7 @@ const (
 	labelFirstParty        = "first party"
 	labelPossibleDuplicate = "possible duplicate"
 	labelPossiblyNotGo     = "possibly not Go"
+	labelOutOfScope        = "excluded: OUT_OF_SCOPE"
 )
 
 func excludedReason(iss *issues.Issue) report.ExcludedReason {