add ignore file flow

mirego · Mar 19, 2024 · 8486ba3 · 8486ba3
1 parent 6f74228
commit 8486ba3
Show file tree

Hide file tree

Showing 3 changed files with 19 additions and 0 deletions.
diff --git a/lib/mix_audit/cli.ex b/lib/mix_audit/cli.ex
@@ -5,6 +5,7 @@ defmodule MixAudit.CLI do
         switches: [
           ignore_advisory_ids: :string,
           ignore_package_names: :string,
+          ignore_file: :string,
           version: :boolean,
           help: :boolean,
           format: :string,

diff --git a/lib/mix_audit/cli/audit.ex b/lib/mix_audit/cli/audit.ex
@@ -5,11 +5,13 @@ defmodule MixAudit.CLI.Audit do
     format = Keyword.get(opts, :format)
     ignored_advisory_ids = ignored_advisory_ids(opts)
     ignored_package_names = ignored_package_names(opts)
+    ignored_ids_from_file = ignored_ids_from_file(opts)
 
     # Synchronize and get security advisories
     advisories =
       MixAudit.Repo.advisories()
       |> Enum.reject(&(&1.id in ignored_advisory_ids))
+      |> Enum.reject(&(&1.id in ignored_ids_from_file))
       |> Enum.group_by(& &1.package)
 
     # Get project dependencies
@@ -45,4 +47,19 @@ defmodule MixAudit.CLI.Audit do
     |> String.split(",")
     |> Enum.map(&String.trim/1)
   end
+
+  defp ignored_ids_from_file(opts) do
+    opts
+    |> Keyword.get(:ignore_file, ".mix-audit-skips")
+    |> File.read()
+    |> case do
+      {:ok, content} ->
+        content
+        |> String.split("\n")
+        |> Enum.reject(fn line -> String.starts_with?(line, "#") or line == "" end)
+
+      _ ->
+        []
+    end
+  end
 end
diff --git a/lib/mix_audit/cli/help.ex b/lib/mix_audit/cli/help.ex
@@ -9,6 +9,7 @@ defmodule MixAudit.CLI.Help do
     IO.puts("--format                The format of the report to generate (human, json)")
     IO.puts("--ignore-advisory-ids   A comma-separated list of advisory IDs to ignore")
     IO.puts("--ignore-package-names  A comma-separated list of package names to ignore")
+    IO.puts("--ignore-file           Path of the ignore file (default .mix-audit-skips)")
     IO.puts("")
     System.halt(0)
   end