Update docs

2025-12-10 00:22:08 -06:00 · 2023-02-23 10:35:21 +05:30 · 2023-02-23 10:35:21 +05:30 · ca1fbbcee2
commit ca1fbbcee2
parent 2ecc52ef00
5 changed files with 43 additions and 0 deletions
--- a/README.md
+++ b/README.md
@ -14,6 +14,17 @@ source dependencies and evaluate them against organizational policies.

 ## TL;DR

+Scan a repository for OSS dependency risks with auto-detection of package
+manifests
+
+```bash
+vet scan -D /path/to/repo
+```
+
+![vet Summary Demo](docs/images/vet-summary-demo.png)
+
+## Getting Started
+
 > Ensure `$(go env GOPATH)/bin` is in your `$PATH`

 Install using `go get`
@ -57,6 +68,12 @@ vet scan --lockfiles /path/to/requirements.txt
 vet scan --lockfiles /path/to/package-lock.json
 ```

+or scan a supported package manifest with a non-standard name
+
+```bash
+vet scan --lockfiles /path/to/gradle-compileOnly.lock --lockfile-as gradle.lockfile
+```
+
 > Use `vet scan parsers` to list supported package manifest parsers

 The default scan uses an opinionated [Summary Reporter](#) which presents
@ -98,6 +115,21 @@ vet scan -D /path/to/dir --filter-suite /path/to/suite.yml --filter-fail

 Read more about filter suites in [filtering guide](docs/filtering.md)

+## Exceptions Management
+
+Exception rules can be generated using the `query` workflow to temporarily
+ignore (or snooze) existing issues when using `vet` for the first time. This
+helps in establishing security gating to prevent introduction of new security
+issues while existing issues are being remediated.
+
+Use exception rules during scan to ignore specific packages
+
+```bash
+vet scan -D /path/to/repo -e /path/to/exceptions.yml
+```
+
+For more information, refer to [exceptions guide](docs/exceptions.md)
+
 ## FAQ

 ### How do I disable the stupid banner?
--- a/docs/exceptions.md
+++ b/docs/exceptions.md
@ -64,6 +64,9 @@ various commands such as `scan` or `query`.
 ./vet --exceptions /path/to/exceptions.yml scan -D /path/to/repo
 ```

+> **Note:** Do not pass this flag while generating exceptions list in query
+> workflow to avoid incorrect exception list generation
+
 ## Behaviour

 * All exceptions rules are applied only on a `Package`
--- a/docs/images/vet-summary-demo.png
+++ b/docs/images/vet-summary-demo.png
--- a/pkg/analyzer/exceptions_generator.go
+++ b/pkg/analyzer/exceptions_generator.go
@ -8,6 +8,7 @@ import (
 	"github.com/safedep/dry/utils"
 	"github.com/safedep/vet/gen/exceptionsapi"
 	"github.com/safedep/vet/pkg/analyzer/filter"
+	"github.com/safedep/vet/pkg/common/logger"
 	"github.com/safedep/vet/pkg/models"
 	"github.com/safedep/vet/pkg/readers"
 )
@ -50,6 +51,9 @@ func NewExceptionsGenerator(config ExceptionsGeneratorConfig) (Analyzer, error)
 		return nil, err
 	}

+	logger.Infof("Initialized exceptions generator with filter: '%s' expiry: %s",
+		config.Filter, expiresOn.Format(time.RFC3339))
+
 	return &exceptionsGenerator{
 		writer:          fd,
 		filterEvaluator: filterEvaluator,
@ -91,6 +95,8 @@ func (f *exceptionsGenerator) Finish() error {
 	}

 	for _, pkg := range f.pkgCache {
+		logger.Infof("Adding %s to exceptions list", pkg.ShortName())
+
 		suite.Exceptions = append(suite.Exceptions, &exceptionsapi.Exception{
 			Id:        utils.NewUniqueId(),
 			Ecosystem: string(pkg.Ecosystem),
--- a/pkg/exceptions/utils.go
+++ b/pkg/exceptions/utils.go
@ -18,6 +18,8 @@ func AllowedPackages(manifest *models.PackageManifest,
 		}

 		if res.Matched() {
+			logger.Debugf("Ignoring package:%s due to exception rule",
+				pkg.ShortName())
 			continue
 		}