Why should you dismiss a code scanning alert?
If you fix the code that triggered the alert
To prevent developers from introducing new problems
If it includes an error in code that is used only for testing
If there is a production error in your code
You shoulddismissa code scanning alert if the flagged code isnot a true security concern, such as:
Code in test files
Code paths that are unreachable or safe by design
False positives from the scanner
Fixing the code would automaticallyresolvethe alert — not dismiss it. Dismissing is for valid exceptions or noise reduction.
Submit