Skip to main content

Configuration Value Method

The configuration value method provides a simple way to enable or disable predefined exclusion rules. This method only determines which rules are active based on a predefined list of rule IDs.

The file exclusions tool checks if the application configuration contains PREDEFINED_FILE_EXCLUSIONS_MODES. This value is expected to be a string of comma-separated integers, where each integer corresponds to a specific exclusion rule ID.

The rule is enabled if a rule's ID is present in the configuration value. Otherwise, it remains disabled.

How to Configure Predefined File Exclusion Rules

The engine setting PREDEFINED_FILE_EXCLUSIONS_MODES can be enabled in the portal database or via the DefaultConfig.xml configuration file through Audit.

Notice

For the PREDEFINED_FILE_EXCLUSIONS_MODES setting to be applied, the application configuration must include the setting PREDEFINED_FILE_EXCLUSIONS_ENABLED as enabled.

Database

-- Check the existing configuration listing so that you can choose to edit an existing one or adding a new one
-- When adding a new one, select a new name for the new configuration that does not conflict with an existing configuration.
select * from [CxDB].[Config].[CxEngineConfiguration];
 
-- EDIT
-- Check the database for the flag ID that needs to change
select * FROM [CxDB].[Config].[CxEngineConfigurationKeysMeta] where KeyName = 'PREDEFINED_FILE_EXCLUSIONS_MODES'

update [CxDB].[Config].[CxEngineConfigurationValues] 
set ConfigurationKeyId = <FlagId>, Value = '<list of IDs to exclude>'
where ConfigurationId = <configId>

-- CREATE
-- Create a new Default configuration with a custom name ( your choice ). Adding a 0 signals a non-default configuration.
insert into [CxDB].[Config].[CxEngineConfiguration]
values ('<SET A NAME FOR THE CONFIG>', 0)

-- Get the new configuration ID from the list
select * from [CxDB].[Config].[CxEngineConfiguration];

-- Check the database for the flag ID that needs to change
select * FROM [CxDB].[Config].[CxEngineConfigurationKeysMeta] where KeyName = 'PREDEFINED_FILE_EXCLUSIONS_MODES'
 
-- Set the new value of the flag
insert into [CxDB].[Config].[CxEngineConfigurationValues] values (<configId>, <FlagId>, '<list of IDs to exclude>')

--Check if the flag configuration was added to the new custom configuration
select * from [CxDB].[Config].[CxEngineConfigurationValues] where ConfigurationId = <configId>;

Audit

Create a new DefaultConfig.xml file in your Checkmarx SAST folder (example file path: <user>\AppData\Local\Checkmarx\Checkmarx SAST) with the following code:

<?xml version="1.0" encoding="windows-1252"?>
<Root_Element>
        <Configuration>
                <Key>PREDEFINED_FILE_EXCLUSIONS_ENABLED</Key>
                <Value>true</Value>
        </Configuration>
        <Configuration>
                        <Key>PREDEFINED_FILE_EXCLUSIONS_MODES</Key>
                        <Value>List of IDs</Value>
        </Configuration>
</Root_Element>

Example Configuration

For instance, if the configuration value is:

<Configuration>
    <Key>PREDEFINED_FILE_EXCLUSIONS_ENABLED</Key>
    <Value>true</Value>
</Configuration>
<Configuration>
        <Key>PREDEFINED_FILE_EXCLUSIONS_MODES</Key>
        <Value>1, 3, 9</Value>
</Configuration>

The following rules will be enabled:

  • Third-Party Code Exclusion (ID: 1)

  • Duplicate Folder Exclusion (ID: 3)

  • Unit Test Exclusion (ID: 9)

All other rules will be disabled.

List of Available Exclusion Rules

ID

Rule Name

Description

1

ThirdPartyCodeExclusionRule

Excludes third-party code files.

2

FileExtensionExclusionRule

Excludes files based on extensions.

3

DuplicateFolderExclusionRule

Excludes duplicate folders.

4

ShortNameExclusionRule

Excludes files with very short names.

5

NumericNameExclusionRule

Excludes files with purely numeric names.

6

FileNameExclusionRule

Excludes specific filenames.

7

FolderNameExclusionRule

Excludes specific folder names.

8

AutoGeneratedExclusionRule

Excludes auto-generated files.

9

UnitTestExclusionRule

Excludes unit test files.

10

DuplicateContentExclusionRule

Excludes files with duplicate content.

11

EmptyFileExclusionRule

Excludes empty files.

12

TooManyLinesRule

Excludes files with too many lines.

13

TooManyLongLinesRule

Excludes files with too many long lines.

14

TooManyLinesWithoutIndentationRule

Excludes files lacking indentation.

15

TooManyLinesWithoutInnerSpacesRule

Excludes files lacking inner spaces.

16

LargeFileExclusionRule

Excludes large files.

17

DuplicateFileExclusionRule

Excludes duplicate files.

This method ensures a lightweight and straightforward way to manage file exclusions using a simple configuration setting.

In this section: