Code location
You can filter vulnerabilities by the location of vulnerable code in the stack trace.
You can choose one or more of the following code locations:
- Customer code - direct calls.
Sink is a method where the data reaches its destination, for example, is saved to a database. Seeker regards a customer code call as direct, if the sink method call is nested within the preset number of levels from this call. This number is defined by the
SEEKER_CUSTOMER_CODE_MAX_STACK_DEPTHenvironmental variable, which by default is 3.Here, the call to the sink is direct:
- Customer code - nested calls.
Here, the sink is nested four levels from this call.
This option is handy if you want to filter out the vulnerabilities detected in the calls to your own code that are deeply nested, and thus have higher complexity and lower priority to handle.
- Third-party code: the call is located outside the customer code, and no customer code is found in the stack trace.