Scoping scans
Setup scan inclusion and exclusion patterns
Exclude and include filters help your team to focus their attention on the open source packages that matter most and to improve scan performance. Inclusion and exclusion patterns may not be used together so its important to pick a strategy that works best for you. We generally reccomend using inclusion patterns when you have many packages that you want to scan separately and exclsuion patterns when you want to filter our packages that are not important to you.
You can include or exclude packages using the following standard patterns:
- Include or exclude specific packages
- Include or exclude specific directories
- Include or exclude with a golang style regex pattern.
To include or exclude a package based on its file name:
endorctl scan --include=path/to/your/manifest/file/package.json
endorctl scan --exclude=path/to/your/manifest/file/package.json
To include or exclude a package based on its directory
endorctl scan --include="directory/path/"
endorctl scan --exclude="path/to/your/manifest/"
Tip: Don't use leading slashes
When including or excluding a directory or file make sure not to include a leading/ to incdicate a directory. Use --exclude=ui/ to exclude a directory called ui not --exclude=/ui/ or --exclude=./ui/
To exclude or include using a Golang style regex:
endorctl scan --include=".*/build/.*"
endorctl scan --exclude=".*/build/.*"
Tip: Make sure you use quotes!
Ensure that you enclose your exclude pattern in quotes to avoid shell expansion issues. For example, do not use--exclude=.*/build/.*, instead use --exclude=".*/build/.*"
Tip: Windows Regex is different!
When performing excludes and includes in a Windows environment use double backslashes (\) which is more common in regular expressions when dealing with Windows file paths. For example the above exclusion pattern for windows would be--exclude=".*\\build\\.*"
Known Limitation: Documentation may not be used with Inclusion Patterns!
Inclusion patterns are not designed for documentation or example directories. You can not explicitly include documentation or example directories:
- docs/
- documentation/
- groovydoc/
- javadoc
- man/
- examples/
- demos/
- inst/doc/
- samples/
Known Limitation: Scoping scans for Javascript workspaces!
If you are using Javascript workspaces then you must take special consideration of how you handle including and excluding the root package:
- When using include or exclude patterns, you must always ensure that you do not exclude and always include the parent workspace package, otherwise all child packages will fail to properly build.
- You can always exclude child packages in the workspace if the root is included.
There is only one lock file for the workspace that lives in the workspace root directory. This lock file must always be included to perform a successful scan.
Feedback
Was this page helpful? Send your feedback to support@endor.ai