Version: 1.3.0

Ignore false positives from the report

SAFE has an advanced false positive filtering mechanism that tries to identify and ignore known false positives in the codebase, reducing noise in the reports. Even with this mechanism, there might be cases where certain findings are still considered false positives. In such cases, you can use our ignore mechanism to explicitly ignore certain findings.

Ignoring a finding

To ignore a finding, you need to put a specific comment in the source code, right above the line where the vulnerability is detected.

Example in Erlang

my_function() ->
    ...
    %% safe-ignore erlang:list_to_atom/1
    list_to_atom(CheckedVariable),
    ...

Please note that for functions from the erlang module, you need to specify the full function name including the module, as shown in the example above.

Example in Elixir

def my_function do
    ...
    # safe-ignore String.to_atom/1
    String.to_atom(checked_variable)
    ...
end

Please note that for function from the Kernel module, you need to specify the full function name including the module, as shown in the example above.

Ignoring a finding​

Example in Erlang​

Example in Elixir​

Contents

Ignoring a finding

Example in Erlang

Example in Elixir