From b9ea82f2c12d2733c1ab148b087dc341f9ccf52f Mon Sep 17 00:00:00 2001 From: bloihl Date: Tue, 20 Sep 2016 15:42:49 -0700 Subject: [PATCH] adding hints documentation for user management of false negatives --- src/site/markdown/general/hints.md | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) create mode 100644 src/site/markdown/general/hints.md diff --git a/src/site/markdown/general/hints.md b/src/site/markdown/general/hints.md new file mode 100644 index 000000000..984128365 --- /dev/null +++ b/src/site/markdown/general/hints.md @@ -0,0 +1,27 @@ +Resolving False Negatives +==================== +Due to how dependency-check identifies libraries false negatives may occur (a CPE was identified that is incorrect). Suppressing these false positives is fairly easy using the HTML report. In the report next to each CPE identified (and on CVE entries) there is a suppress button. Clicking the suppression button will create a dialogue box which you can simple hit Control-C to copy the XML that you would place into a suppression XML file. If this is the first time you are creating the suppression file you should click the "Complete XML Doc" button on the top of the dialogue box to add the necessary schema elements. + +A sample hints file would look like: + +```xml + + +``` +The above XML file will + +The following shows some other ways to + +```xml + + +``` + +The full schema for hints files can be found here: [dependency-hint.xsd](https://github.com/jeremylong/DependencyCheck/blob/master/dependency-check-core/src/main/resources/schema/dependency-hint.1.1.xsd "Hint Schema") + +Please see the appropriate configuration option in each interfaces configuration guide: + +- [Command Line Tool](../dependency-check-cli/arguments.html) +- [Maven Plugin](../dependency-check-maven/configuration.html) +- [Ant Task](../dependency-check-ant/configuration.html) +- [Jenkins Plugin](../dependency-check-jenkins/index.html)