remediation command is used to create a config file with rules and patterns that determine which findings are suppressed when running
sl remediation [command options]
|Create a remediation config file|
|Test run your vulnerability remediation config. Does not make any changes to your findings at this time|
Creating your config file: run
sl remediation config <filename>.yaml to create a sample config file that you can modify:
Testing your definitions: run
sl remediation dry-run --config <filename>.yaml --app <yourApplication> to preview the changes that would be made based on the rules you defined in your configuration file. This command prints to the command line the methods ShiftLeft has identified as matching the parameters you defined. No changes are made at this time.
Once you have created and tested your file using
sl remediation, you will need to provide the config file using the
--remediation-configflag when running
sl analyze. See the tutorial for full instructions.