Ignored Issues

Veracode Software Composition Analysis

Veracode Software Composition Analysis agent-based scanning provides users with accurate, up-to-date vulnerability information, but not all issues apply to your code. For this reason, Veracode SCA allows you to ignore issues.

Ignore an Issue

When you assess issues and decide that you no longer want them in your open issues, you can ignore the issues to remove them.

To ignore issues:
  1. In the Veracode Platform, select Scans & Analysis > Software Composition Analysis.
  2. Click the Agent-Based Scan tab.
  3. Select a workspace.
  4. If you want to view issues for an individual project, click Projects and select a project.
  5. Select the checkbox next to the issues you want to ignore.
  6. Click Actions > Ignore.
  7. Click Confirm ignore issue.

  8. Enter a comment explaining why you are ignoring the issues.

  9. Click Finish.

    Anyone who has access to the workspace can view the comment.

Unignore an Issue

If you mistakenly ignored an issue or decide that an issue should now be tracked, you can unignore it by following these steps:

  1. In the Veracode Platform, select Scans & Analysis > Software Composition Analysis.
  2. Click the Agent-Based Scan tab.
  3. Select a workspace.
  4. If you want to view issues for an individual project, click Projects and select a project.
  5. Under the Issues tab or under to the Issues List heading, select Ignored to view the list of ignored issues.
  6. Select the ignored issues.
  7. Click Actions > Unignore.

  8. Click Confirm unignore issue.
  9. Enter a comment explaining why you are ignoring the issues.
  10. Click Finish.

Anyone who has access to the workspace can view the comment.

View Comment on Issue

A red dot next to the Comment action indicates that there are comments on this issue.

To view comments on an issue:
  1. In the Veracode Platform, select Scans & Analysis > Software Composition Analysis.
  2. Click the Agent-Based Scan tab.
  3. Select a workspace.
  4. If you want to view issues for an individual project, click Projects and select a project.
  5. Click the issue ID.
  6. Click the Show History action in the top right-hand corner of the issue detail view.

Add Comment to Issue

To add an additional comment to an issue:
  1. In the Veracode Platform, select Scans & Analysis > Software Composition Analysis.
  2. Click the Agent-Based Scan tab.
  3. Select a workspace.
  4. If you want to view issues for an individual project, click Projects and select a project.
  5. Click the issue ID.
  6. Click the Comment action in the top-right corner of the issue detail view.

These comments also appear in the issue history list.