Summary
Allow developers to suppress a specific finding on a line or function by adding an inline annotation comment immediately above the offending code:
// soroban-guard: allow(unchecked-arithmetic)
let result = a + b;
Or to suppress all findings in a function:
// soroban-guard: allow(missing-require-auth)
pub fn bootstrap(env: Env) { … }
Why it matters
Intentional false-positive patterns (known-safe code, test helpers, migration bootstraps) currently require --disable-check which silences the check for the entire scan. Per-line suppression is the standard approach in linting tools (clippy #[allow(...)], eslint // eslint-disable-next-line).
Implementation hints
- Parse the
source string (passed to Check::run) for // soroban-guard: allow(...) lines
- Build a
HashSet<(line, check_name)> of suppressed positions
- After all checks run, filter findings against this set before returning
- Document the syntax in
docs/false-positives.md
Summary
Allow developers to suppress a specific finding on a line or function by adding an inline annotation comment immediately above the offending code:
Or to suppress all findings in a function:
Why it matters
Intentional false-positive patterns (known-safe code, test helpers, migration bootstraps) currently require
--disable-checkwhich silences the check for the entire scan. Per-line suppression is the standard approach in linting tools (clippy#[allow(...)], eslint// eslint-disable-next-line).Implementation hints
sourcestring (passed toCheck::run) for// soroban-guard: allow(...)linesHashSet<(line, check_name)>of suppressed positionsdocs/false-positives.md