Rules/reduce false positive and shared library to Development #59
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
git add . git commit -m "Fix CI test failures: Add jq dependency and TTY availability check - Install jq in GitHub Actions workflow - Add TTY availability check to prevent /dev/tty errors in CI - Improve test suite with trace mode and error handling - Add CI environment emulator for local testing - Remove dead text parsing fallback - Fix indentation inconsistencies Tests now pass 10/10 in both local and CI environments."
Co-authored-by: noelsaw1 <56978803+noelsaw1@users.noreply.github.com>
Co-authored-by: noelsaw1 <56978803+noelsaw1@users.noreply.github.com>
Fix Required Change: Add quotes around $PATHS → "$PATHS" in 3 locations Lines to modify: Line 4164: $PATHS → "$PATHS" Line 4940: $PATHS → "$PATHS" Line 4945: $PATHS → "$PATHS" Line 5009: $PATHS → "$PATHS" Total changes: 4 lines (literally adding 2 characters per line)
Phase 1: Comment/docblock filtering Phase 1: HTML/REST config exclusions Test on Health Check plugin (should drop from 75 → 61 findings) Scanner no longer flags PHPDoc/comment-only matches Avoids POST-method false positives in HTML/REST config Test fixtures created for regression testing Documentation updated with results Moved to Shared Library Created: dist/bin/lib/false-positive-filters.sh Benefits: ✅ Centralized location for all false positive detection ✅ Versioned library (v1.0.0) for future scanner scripts ✅ Documented API and known limitations ✅ Removed 140+ lines of duplicate code from main script ✅ Ready for Phase 2 and future enhancements
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Moved to Shared Library
Created: dist/bin/lib/false-positive-filters.sh
Benefits:
✅ Centralized location for all false positive detection
✅ Versioned library (v1.0.0) for future scanner scripts
✅ Documented API and known limitations
✅ Removed 140+ lines of duplicate code from main script
✅ Ready for Phase 2 and future enhancements