<?xml version="1.0" encoding="UTF-8"?>
<rss xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:taxo="http://purl.org/rss/1.0/modules/taxonomy/" version="2.0">
  <channel>
    <title>topic Re: How to reduce the secutiry rating in cloud manager pipeline ? in Adobe Experience Manager Questions</title>
    <link>https://experienceleaguecommunities.adobe.com/t5/adobe-experience-manager/how-to-reduce-the-secutiry-rating-in-cloud-manager-pipeline/m-p/462315#M133415</link>
    <description>&lt;P&gt;Failure threshold for various ratings are not configurable and are standardised.&lt;/P&gt;&lt;P&gt;&lt;span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="Screenshot 2022-07-22 at 09.59.14.png" style="width: 999px;"&gt;&lt;img src="https://experienceleaguecommunities.adobe.com/t5/image/serverpage/image-id/43438i3B513BDB0D2225A2/image-size/large/is-moderation-mode/true?v=v2&amp;amp;px=999" role="button" title="Screenshot 2022-07-22 at 09.59.14.png" alt="Screenshot 2022-07-22 at 09.59.14.png" /&gt;&lt;/span&gt;&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;Instead you should be handling the individual vulnerabilities as exception using&amp;nbsp;@SuppressWarnings&lt;SPAN&gt;&amp;nbsp;annotation. Please refer to [1]&lt;/SPAN&gt;&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;&lt;SPAN&gt;[1] -&amp;nbsp;&lt;A href="https://experienceleague.adobe.com/docs/experience-manager-cloud-service/content/implementing/using-cloud-manager/test-results/code-quality-testing.html?lang=en#dealing-with-false-positives" target="_blank" rel="noopener"&gt;https://experienceleague.adobe.com/docs/experience-manager-cloud-service/content/implementing/using-cloud-manager/test-results/code-quality-testing.html?lang=en#dealing-with-false-positives&lt;/A&gt;&lt;/SPAN&gt;&lt;/P&gt;</description>
    <pubDate>Fri, 22 Jul 2022 09:00:38 GMT</pubDate>
    <dc:creator>Nirmal_Jose</dc:creator>
    <dc:date>2022-07-22T09:00:38Z</dc:date>
    <item>
      <title>How to reduce the secutiry rating in cloud manager pipeline ?</title>
      <link>https://experienceleaguecommunities.adobe.com/t5/adobe-experience-manager/how-to-reduce-the-secutiry-rating-in-cloud-manager-pipeline/m-p/462139#M133332</link>
      <description>&lt;P&gt;My build is getting failed due to below error&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;&lt;STRONG&gt;In order to achieve an Security Rating of A or better, the code base must not have any Vulnerability issues with a severity of Minor or higher.&lt;/STRONG&gt;&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;&lt;SPAN&gt;When I reviewed the report, I see that I have just 2 minor vulnerabilities but the build got failed because of the above rule. Instead of checking &lt;STRONG&gt;minor&lt;/STRONG&gt; one I want to check only &lt;STRONG&gt;medium&lt;/STRONG&gt; and &lt;STRONG&gt;high&lt;/STRONG&gt; severity. Is this possible to modify this rule in the pipeline ?&lt;/SPAN&gt;&lt;/P&gt;</description>
      <pubDate>Thu, 21 Jul 2022 15:51:39 GMT</pubDate>
      <guid>https://experienceleaguecommunities.adobe.com/t5/adobe-experience-manager/how-to-reduce-the-secutiry-rating-in-cloud-manager-pipeline/m-p/462139#M133332</guid>
      <dc:creator>Mario248</dc:creator>
      <dc:date>2022-07-21T15:51:39Z</dc:date>
    </item>
    <item>
      <title>Re: How to reduce the secutiry rating in cloud manager pipeline ?</title>
      <link>https://experienceleaguecommunities.adobe.com/t5/adobe-experience-manager/how-to-reduce-the-secutiry-rating-in-cloud-manager-pipeline/m-p/462144#M133335</link>
      <description>&lt;P&gt;&lt;EM&gt;&lt;LI-USER uid="17542612"&gt;&lt;/LI-USER&gt;&amp;nbsp;&lt;/EM&gt;&lt;/P&gt;&lt;P&gt;&lt;EM&gt;After code scan you will get option for &lt;/EM&gt;&lt;EM&gt;review. Click&lt;/EM&gt;&lt;EM&gt; on review and select the option override and approved.&lt;/EM&gt;&lt;/P&gt;&lt;P&gt;&lt;EM&gt;It will overridden the changes and deployed to the cloud&lt;/EM&gt;&lt;EM&gt;. &lt;/EM&gt;&lt;/P&gt;&lt;P&gt;&lt;EM&gt;You can proceed without metric failure by configuring “Proceed immediately” to the deployment pipeline as shown below. &lt;/EM&gt;&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;&lt;span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="Jagadeesh_Prakash_0-1658419904641.png" style="width: 400px;"&gt;&lt;img src="https://experienceleaguecommunities.adobe.com/t5/image/serverpage/image-id/43392i93481EADA61A3FC0/image-size/medium/is-moderation-mode/true?v=v2&amp;amp;px=400" role="button" title="Jagadeesh_Prakash_0-1658419904641.png" alt="Jagadeesh_Prakash_0-1658419904641.png" /&gt;&lt;/span&gt;&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;&lt;EM&gt;I&lt;/EM&gt;&lt;EM&gt;f the build is failing &lt;/EM&gt;&lt;EM&gt;without&lt;/EM&gt;&lt;EM&gt; the review option, then &lt;/EM&gt;&lt;EM&gt;I&lt;/EM&gt;&lt;EM&gt; guess you need to fix those &lt;/EM&gt;&lt;EM&gt;vulnerable&lt;/EM&gt;&lt;EM&gt; errors and then proceed&amp;nbsp;&lt;/EM&gt;&lt;/P&gt;</description>
      <pubDate>Thu, 21 Jul 2022 16:12:29 GMT</pubDate>
      <guid>https://experienceleaguecommunities.adobe.com/t5/adobe-experience-manager/how-to-reduce-the-secutiry-rating-in-cloud-manager-pipeline/m-p/462144#M133335</guid>
      <dc:creator>Jagadeesh_Prakash</dc:creator>
      <dc:date>2022-07-21T16:12:29Z</dc:date>
    </item>
    <item>
      <title>Re: How to reduce the secutiry rating in cloud manager pipeline ?</title>
      <link>https://experienceleaguecommunities.adobe.com/t5/adobe-experience-manager/how-to-reduce-the-secutiry-rating-in-cloud-manager-pipeline/m-p/462150#M133339</link>
      <description>&lt;P&gt;Thanks for your message. I know this setting but where do I permanently modify security check. Basically I dont want to care about all MINOR vulnerability. I want to skip all minor by default. Is there any settings?&lt;/P&gt;</description>
      <pubDate>Thu, 21 Jul 2022 16:25:42 GMT</pubDate>
      <guid>https://experienceleaguecommunities.adobe.com/t5/adobe-experience-manager/how-to-reduce-the-secutiry-rating-in-cloud-manager-pipeline/m-p/462150#M133339</guid>
      <dc:creator>Mario248</dc:creator>
      <dc:date>2022-07-21T16:25:42Z</dc:date>
    </item>
    <item>
      <title>Re: How to reduce the secutiry rating in cloud manager pipeline ?</title>
      <link>https://experienceleaguecommunities.adobe.com/t5/adobe-experience-manager/how-to-reduce-the-secutiry-rating-in-cloud-manager-pipeline/m-p/462155#M133343</link>
      <description>&lt;P&gt;Hi&amp;nbsp;&lt;LI-USER uid="17542612"&gt;&lt;/LI-USER&gt;&amp;nbsp;,&lt;BR /&gt;&lt;BR /&gt;There is no simple toggle switch to reduce the vulnerability rating as far as I know.&lt;BR /&gt;I would suggest you follow the existing rules and fix your code.&lt;BR /&gt;&lt;BR /&gt;you can validate your changes locally using the aemanalyser-maven-plugin:&amp;nbsp;&lt;A href="https://github.com/adobe/aemanalyser-maven-plugin" target="_blank"&gt;https://github.com/adobe/aemanalyser-maven-plugin&lt;/A&gt;&amp;nbsp;and then initiate the final build.&lt;BR /&gt;&lt;BR /&gt;If you still want to switch on to custom code quality rules, follow this doc :&amp;nbsp;&lt;A href="https://experienceleague.adobe.com/docs/experience-manager-cloud-manager/content/using/custom-code-quality-rules.html?lang=en" target="_blank"&gt;https://experienceleague.adobe.com/docs/experience-manager-cloud-manager/content/using/custom-code-quality-rules.html?lang=en&lt;/A&gt;&amp;nbsp;&lt;BR /&gt;&lt;BR /&gt;Thanks,&lt;/P&gt;&lt;P&gt;Sravan&lt;/P&gt;</description>
      <pubDate>Thu, 21 Jul 2022 16:58:41 GMT</pubDate>
      <guid>https://experienceleaguecommunities.adobe.com/t5/adobe-experience-manager/how-to-reduce-the-secutiry-rating-in-cloud-manager-pipeline/m-p/462155#M133343</guid>
      <dc:creator>B_Sravan</dc:creator>
      <dc:date>2022-07-21T16:58:41Z</dc:date>
    </item>
    <item>
      <title>Re: How to reduce the secutiry rating in cloud manager pipeline ?</title>
      <link>https://experienceleaguecommunities.adobe.com/t5/adobe-experience-manager/how-to-reduce-the-secutiry-rating-in-cloud-manager-pipeline/m-p/462315#M133415</link>
      <description>&lt;P&gt;Failure threshold for various ratings are not configurable and are standardised.&lt;/P&gt;&lt;P&gt;&lt;span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="Screenshot 2022-07-22 at 09.59.14.png" style="width: 999px;"&gt;&lt;img src="https://experienceleaguecommunities.adobe.com/t5/image/serverpage/image-id/43438i3B513BDB0D2225A2/image-size/large/is-moderation-mode/true?v=v2&amp;amp;px=999" role="button" title="Screenshot 2022-07-22 at 09.59.14.png" alt="Screenshot 2022-07-22 at 09.59.14.png" /&gt;&lt;/span&gt;&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;Instead you should be handling the individual vulnerabilities as exception using&amp;nbsp;@SuppressWarnings&lt;SPAN&gt;&amp;nbsp;annotation. Please refer to [1]&lt;/SPAN&gt;&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;&lt;SPAN&gt;[1] -&amp;nbsp;&lt;A href="https://experienceleague.adobe.com/docs/experience-manager-cloud-service/content/implementing/using-cloud-manager/test-results/code-quality-testing.html?lang=en#dealing-with-false-positives" target="_blank" rel="noopener"&gt;https://experienceleague.adobe.com/docs/experience-manager-cloud-service/content/implementing/using-cloud-manager/test-results/code-quality-testing.html?lang=en#dealing-with-false-positives&lt;/A&gt;&lt;/SPAN&gt;&lt;/P&gt;</description>
      <pubDate>Fri, 22 Jul 2022 09:00:38 GMT</pubDate>
      <guid>https://experienceleaguecommunities.adobe.com/t5/adobe-experience-manager/how-to-reduce-the-secutiry-rating-in-cloud-manager-pipeline/m-p/462315#M133415</guid>
      <dc:creator>Nirmal_Jose</dc:creator>
      <dc:date>2022-07-22T09:00:38Z</dc:date>
    </item>
  </channel>
</rss>

