Fix CredScan suppression paths: prefix with tests/

RyAuld · RyAuld · commit 5ce2b22906e4 · 2026-03-30T15:54:26.000-07:00
diff --git a/.Pipelines/credscan-exclusion.json b/.Pipelines/credscan-exclusion.json
@@ -2,11 +2,11 @@
   "tool": "Credential Scanner",
   "suppressions": [
     {
-      "file": "certificate-with-password.pfx",
+      "file": "tests/certificate-with-password.pfx",
       "_justification": "Self-signed certificate used only in unit tests. Not a production credential."
     },
     {
-      "file": "test_mi.py",
+      "file": "tests/test_mi.py",
       "_justification": "WWW-Authenticate challenge header value used as a mock HTTP response fixture in unit tests. Not a real credential."
     }
   ]

Original file line number	Diff line number	Diff line change
`@@ -2,11 +2,11 @@`
`2`	`2`	`"tool": "Credential Scanner",`
`3`	`3`	`"suppressions": [`
`4`	`4`	`{`
`5`		`- "file": "certificate-with-password.pfx",`
	`5`	`+ "file": "tests/certificate-with-password.pfx",`
`6`	`6`	`"_justification": "Self-signed certificate used only in unit tests. Not a production credential."`
`7`	`7`	`},`
`8`	`8`	`{`
`9`		`- "file": "test_mi.py",`
	`9`	`+ "file": "tests/test_mi.py",`
`10`	`10`	`"_justification": "WWW-Authenticate challenge header value used as a mock HTTP response fixture in unit tests. Not a real credential."`
`11`	`11`	`}`
`12`	`12`	`]`