Project Root Directory: C:\src\repos\test\abc
For example, this is the Snyk issueId I'm trying to ignore. Command runs fine and .snyk YAML file is created in the project root.
C:\src\repos\test\abc> snyk ignore --id="SNYK-PYTHON-RSA-570831"
Then I perform the snyk test on the requirements.txt file providing relative path and then inspecting results1.json does confirm that it is successfully ignoring this particualr issueID
C:\src\repos\test\abc> snyk test --file='requirements.txt' --severity-threshold="medium" --skip-unresolved --json > results1.json
"filtered": {
"ignore": [
{
"CVSSv3": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"alternativeIds": [],
"creationTime": "2020-06-02T13:50:22.620471Z",
"credit": [
"Unknown"
],
"cvssScore": 5.6,
"description": "## Overview\n[rsa](https://pypi.org/project/rsa/) is a pure-Python RSA implementation.\n\nAffected versions of this package are vulnerable to Access Restriction Bypass. It does not detect `ciphertext` modification during decryption (prepended \"0\" bytes) in `PKCS1_v1_5`.\n## Remediation\nUpgrade `rsa` to version 4.1 or higher.\n## References\n- [GitHub Commit](https://github.com/sybrenstuvel/python-rsa/commit/93af6f2f89a9bf28361e67716c4240e691520f30)\n- [GitHub Issue](https://github.com/sybrenstuvel/python-rsa/issues/146)\n",
"disclosureTime": "2020-06-02T13:45:26Z",
"exploit": "Not Defined",
"fixedIn": [
"4.1"
],
"functions": [],
"functions_new": [],
"id": "SNYK-PYTHON-RSA-570831",
But when I provide the absolute path of the file, and the .snyk file still being present in the project root, snyk test command does run fine but upon inspecting the results2.json, it fails to ignore the issue and it is listed as a vulnerability.
C:\src\repos\test\abc> snyk test --file='C:\\src\\repos\\test\\abc\\requirements.txt' --severity-threshold="medium" --skip-unresolved --json > results2.json
"filesystemPolicy": false,
"filtered": {
"ignore": [],
"patch": []
},
Could someone please explain why this is not working for the given case?
I need the snyk ignore to work for absolute file paths as the it is a requirement of the problem.
Using the flag while snyk testing to specify the ignore policy file works. e.g.,--policy-path=/path/path/file