I am using the owasp dependency tool with retirejs and I am trying to figure out how to exclude an entire folder in my build. Right now I have it as so
dependencyCheck{
outputDirectory = "${projectDir}/reports"
suppressionFile = "${projectDir}/gradle/owasp_config/suppress.xml"
analyzers {
experimentalEnabled = true
assemblyEnabled = false
retirejs {
filterNonVulnerable = true
}
}
scanSet = ['build/deploy/scripts']
}
but with in the scanSet is a folder with yui in it which I want to completely ignore during scan. I could suppress the individual cve's in the suppression file but there are over 300 of them so a global exclusion would be a much better solution.