This article will show you how to use ShiftLeft's modifying findings feature to change the vulnerability's assigned severity level after initial code analysis.
We assume that you have a GitHub repo that you're scanning using NG SAST.
Step 1: Create the configuration file
In the root directory, create a configuration file called ngsast.yaml that includes the following:
Step 2: Run the action
ShiftLeft will automatically check your config file for rules defined as
finding-modifications. If this exists, ShiftLeft will modify your findings whenever you run
sl analyze as part of your Action.
Testing your changes
Once you've implemented these changes, all identified SQL Injection vulnerabilities will be automatically marked with a status of medium instead of critical once your workflow runs.