feat: Generalize --ignore for all issues, add --ignore-reason CF-2412

Rename --bulk-ignore to --ignore so it works for all issues (not just
false positives). Make --false-positives a tri-state filter (true/false/
omit) and add --ignore-reason with the same choices as the issue command.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

Author: alerizzo

SPECS/commands/issues.md

@@ -33,7 +33,13 @@ Both accept the same `SearchRepositoryIssuesBody` for filtering.
 | `--languages <languages>` | `-l` | Comma-separated language names |
 | `--tags <tags>` | `-t` | Comma-separated tag names |
 | `--authors <authors>` | `-a` | Comma-separated author emails |
+| `--tools <tools>` | `-T` | Comma-separated tool UUIDs or names |
+| `--limit <n>` | `-n` | Maximum number of issues (default: 100, max: 1000) |
 | `--overview` | `-O` | Show overview counts instead of list |
+| `--false-positives [value]` | `-F` | Filter by potential false positives (true, false, or omit) |
+| `--ignore` | `-I` | Ignore all issues matching current filters |
+| `--ignore-reason <reason>` | `-R` | Reason for ignoring (AcceptedUse, FalsePositive, NotExploitable, TestCode, ExternalCode) |
+| `--ignore-comment <comment>` | `-m` | Optional comment when using --ignore |
 
 ## Output
 
@@ -64,4 +70,4 @@ Six count tables sorted descending by count: Category, Severity, Language, Tag,
 
 ## Tests
 
-File: `src/commands/issues.test.ts` — 11 tests.
+File: `src/commands/issues.test.ts` — 39 tests.

src/commands/AGENTS.md

@@ -131,6 +131,19 @@ Several helpers are shared between `repository.ts` and `pull-request.ts` via `ut
 - **`--unignore` mode** (`-U`): calls `AnalysisService.updateIssueState` with `{ ignored: false }`; skips rendering issue details
 - The API uses the string UUID (`issue.issueId`), not the numeric `resultDataId`, for the `updateIssueState` call
 
+## issues command (`issues.ts`)
+
+- Takes `<provider>`, `<organization>`, and `<repository>` as required arguments
+- **List mode** (default): card-style format sorted by severity (Error > High > Warning > Info)
+- **Overview mode** (`-O, --overview`): six count tables — Category, Severity, Language, Tag, Pattern, Author
+- **Filters**: `--branch`, `--patterns`, `--tools`, `--severities`, `--categories`, `--languages`, `--tags`, `--authors`, `--limit`
+- **`--false-positives [value]`** (`-F`): tri-state filter — `true` (default when flag present) sends `onlyPotentialFalsePositives: true`, `false` sends `onlyPotentialFalsePositives: false`, omitted sends nothing
+- **`--ignore` mode** (`-I`): fetches all issues matching current filters (all pages), then calls `AnalysisService.bulkIgnoreIssues` in batches of 100
+  - `-R, --ignore-reason`: `AcceptedUse` (default) | `FalsePositive` | `NotExploitable` | `TestCode` | `ExternalCode`
+  - `-m, --ignore-comment`: optional free-text comment
+  - Cannot be combined with `--overview` or `--limit`
+  - Works with any combination of filters; use `--false-positives --ignore` to ignore only FP issues
+
 ## finding command (`finding.ts`)
 
 - Takes `<provider>`, `<organization>`, and `<findingId>` (UUID shown on finding cards) as required arguments — **no `<repository>` argument**

src/commands/issues.test.ts

@@ -849,6 +849,40 @@ describe("issues command", () => {
       );
     });
 
+    it("should pass onlyPotentialFalsePositives: false when --false-positives false", async () => {
+      vi.mocked(AnalysisService.searchRepositoryIssues).mockResolvedValue({
+        data: [],
+      } as any);
+
+      const program = createProgram();
+      await program.parseAsync([
+        "node", "test", "issues", "gh", "test-org", "test-repo",
+        "--false-positives", "false",
+      ]);
+
+      expect(AnalysisService.searchRepositoryIssues).toHaveBeenCalledWith(
+        "gh", "test-org", "test-repo", undefined, 100,
+        { onlyPotentialFalsePositives: false },
+      );
+    });
+
+    it("should pass onlyPotentialFalsePositives: true when --false-positives true", async () => {
+      vi.mocked(AnalysisService.searchRepositoryIssues).mockResolvedValue({
+        data: [],
+      } as any);
+
+      const program = createProgram();
+      await program.parseAsync([
+        "node", "test", "issues", "gh", "test-org", "test-repo",
+        "--false-positives", "true",
+      ]);
+
+      expect(AnalysisService.searchRepositoryIssues).toHaveBeenCalledWith(
+        "gh", "test-org", "test-repo", undefined, 100,
+        { onlyPotentialFalsePositives: true },
+      );
+    });
+
     it("should display false positive issues in list format", async () => {
       const fpIssue = {
         ...mockIssues[0],
@@ -872,8 +906,8 @@ describe("issues command", () => {
     });
   });
 
-  describe("--bulk-ignore flag", () => {
-    it("should error when --overview is combined with --bulk-ignore", async () => {
+  describe("--ignore flag", () => {
+    it("should error when --overview is combined with --ignore", async () => {
       const mockExit = vi.spyOn(process, "exit").mockImplementation(() => {
         throw new Error("process.exit called");
       });
@@ -883,7 +917,7 @@ describe("issues command", () => {
       await expect(
         program.parseAsync([
           "node", "test", "issues", "gh", "test-org", "test-repo",
-          "--bulk-ignore", "--overview",
+          "--ignore", "--overview",
         ]),
       ).rejects.toThrow("process.exit called");
 
@@ -893,7 +927,7 @@ describe("issues command", () => {
       mockExit.mockRestore();
     });
 
-    it("should error when --limit is explicitly combined with --bulk-ignore", async () => {
+    it("should error when --limit is explicitly combined with --ignore", async () => {
       const mockExit = vi.spyOn(process, "exit").mockImplementation(() => {
         throw new Error("process.exit called");
       });
@@ -903,7 +937,7 @@ describe("issues command", () => {
       await expect(
         program.parseAsync([
           "node", "test", "issues", "gh", "test-org", "test-repo",
-          "--bulk-ignore", "--limit", "10",
+          "--ignore", "--limit", "10",
         ]),
       ).rejects.toThrow("process.exit called");
 
@@ -913,7 +947,7 @@ describe("issues command", () => {
       mockExit.mockRestore();
     });
 
-    it("should fetch all FP issues with onlyPotentialFalsePositives: true and call bulkIgnoreIssues", async () => {
+    it("should fetch all issues and call bulkIgnoreIssues with default reason AcceptedUse", async () => {
       vi.mocked(AnalysisService.searchRepositoryIssues).mockResolvedValue({
         data: mockIssues,
       } as any);
@@ -922,37 +956,37 @@ describe("issues command", () => {
       const program = createProgram();
       await program.parseAsync([
         "node", "test", "issues", "gh", "test-org", "test-repo",
-        "--bulk-ignore",
+        "--ignore",
       ]);
 
       expect(AnalysisService.searchRepositoryIssues).toHaveBeenCalledWith(
         "gh", "test-org", "test-repo", undefined, 100,
-        { onlyPotentialFalsePositives: true },
+        {},
       );
       expect(AnalysisService.bulkIgnoreIssues).toHaveBeenCalledWith(
         "gh", "test-org", "test-repo",
         {
           issueIds: [mockIssues[0].issueId, mockIssues[1].issueId],
-          reason: "FalsePositive",
+          reason: "AcceptedUse",
           comment: undefined,
         },
       );
     });
 
-    it("should show 'No false positive issues found' when API returns empty list", async () => {
+    it("should show 'No issues found' when API returns empty list", async () => {
       vi.mocked(AnalysisService.searchRepositoryIssues).mockResolvedValue({
         data: [],
       } as any);
 
       const program = createProgram();
       await program.parseAsync([
         "node", "test", "issues", "gh", "test-org", "test-repo",
-        "--bulk-ignore",
+        "--ignore",
       ]);
 
       expect(AnalysisService.bulkIgnoreIssues).not.toHaveBeenCalled();
       const output = getAllOutput();
-      expect(output).toContain("No false positive issues found");
+      expect(output).toContain("No issues found matching the current filters");
     });
 
     it("should batch bulkIgnoreIssues calls when there are more than 100 issues", async () => {
@@ -982,7 +1016,7 @@ describe("issues command", () => {
       const program = createProgram();
       await program.parseAsync([
         "node", "test", "issues", "gh", "test-org", "test-repo",
-        "--bulk-ignore",
+        "--ignore",
       ]);
 
       // Should have made 2 search calls (paginated)
@@ -1008,41 +1042,90 @@ describe("issues command", () => {
       const program = createProgram();
       await program.parseAsync([
         "node", "test", "issues", "gh", "test-org", "test-repo",
-        "--bulk-ignore",
+        "--ignore",
         "--ignore-comment", "Verified by security team",
       ]);
 
       expect(AnalysisService.bulkIgnoreIssues).toHaveBeenCalledWith(
         "gh", "test-org", "test-repo",
         {
           issueIds: [mockIssues[0].issueId],
-          reason: "FalsePositive",
+          reason: "AcceptedUse",
           comment: "Verified by security team",
         },
       );
     });
 
-    it("should combine --bulk-ignore with other filters (--branch, --patterns)", async () => {
+    it("should combine --ignore with other filters (--branch, --patterns)", async () => {
       vi.mocked(AnalysisService.searchRepositoryIssues).mockResolvedValue({
         data: [],
       } as any);
 
       const program = createProgram();
       await program.parseAsync([
         "node", "test", "issues", "gh", "test-org", "test-repo",
-        "--bulk-ignore",
+        "--ignore",
         "--branch", "develop",
         "--patterns", "sql-injection",
       ]);
 
       expect(AnalysisService.searchRepositoryIssues).toHaveBeenCalledWith(
         "gh", "test-org", "test-repo", undefined, 100,
         {
-          onlyPotentialFalsePositives: true,
           branchName: "develop",
           patternIds: ["sql-injection"],
         },
       );
     });
+
+    it("should pass --ignore-reason to bulkIgnoreIssues", async () => {
+      vi.mocked(AnalysisService.searchRepositoryIssues).mockResolvedValue({
+        data: [mockIssues[0]],
+      } as any);
+      vi.mocked(AnalysisService.bulkIgnoreIssues).mockResolvedValue(undefined as any);
+
+      const program = createProgram();
+      await program.parseAsync([
+        "node", "test", "issues", "gh", "test-org", "test-repo",
+        "--ignore",
+        "--ignore-reason", "FalsePositive",
+      ]);
+
+      expect(AnalysisService.bulkIgnoreIssues).toHaveBeenCalledWith(
+        "gh", "test-org", "test-repo",
+        {
+          issueIds: [mockIssues[0].issueId],
+          reason: "FalsePositive",
+          comment: undefined,
+        },
+      );
+    });
+
+    it("should combine --ignore with --false-positives to ignore only FP issues", async () => {
+      vi.mocked(AnalysisService.searchRepositoryIssues).mockResolvedValue({
+        data: [mockIssues[0]],
+      } as any);
+      vi.mocked(AnalysisService.bulkIgnoreIssues).mockResolvedValue(undefined as any);
+
+      const program = createProgram();
+      await program.parseAsync([
+        "node", "test", "issues", "gh", "test-org", "test-repo",
+        "--ignore",
+        "--false-positives",
+      ]);
+
+      expect(AnalysisService.searchRepositoryIssues).toHaveBeenCalledWith(
+        "gh", "test-org", "test-repo", undefined, 100,
+        { onlyPotentialFalsePositives: true },
+      );
+      expect(AnalysisService.bulkIgnoreIssues).toHaveBeenCalledWith(
+        "gh", "test-org", "test-repo",
+        {
+          issueIds: [mockIssues[0].issueId],
+          reason: "AcceptedUse",
+          comment: undefined,
+        },
+      );
+    });
   });
 });

src/commands/issues.ts

@@ -80,6 +80,10 @@ function normalizeCategory(input: string): string {
   return CATEGORY_NORMALIZE[key] ?? input;
 }
 
+function parseBooleanOption(value: string): boolean {
+  return value.toLowerCase() !== "false";
+}
+
 
 function printIssuesList(issues: CommitIssue[], total: number): void {
   printSection("Issues", total, "issue");
@@ -203,8 +207,8 @@ async function buildFilterBody(opts: Record<string, any>): Promise<SearchReposit
   const author = parseCommaList(opts.authors);
   if (author) body.authorEmails = author;
 
-  // --false-positives and --bulk-ignore both restrict the API query to FP issues only
-  if (opts.falsePositives || opts.bulkIgnore) body.onlyPotentialFalsePositives = true;
+  if (opts.falsePositives === true) body.onlyPotentialFalsePositives = true;
+  else if (opts.falsePositives === false) body.onlyPotentialFalsePositives = false;
 
   const toolInputs = parseCommaList(opts.tools);
   if (toolInputs) body.toolUuids = await resolveToolUuids(toolInputs, fetchAllTools);
@@ -221,9 +225,10 @@ async function executeBulkIgnore(
   organization: string,
   repository: string,
   body: SearchRepositoryIssuesBody,
+  reason: string,
   comment: string | undefined,
 ): Promise<void> {
-  const fetchSpinner = ora("Fetching false positive issues...").start();
+  const fetchSpinner = ora("Fetching issues...").start();
   const allIssues: CommitIssue[] = [];
   let cursor: string | undefined;
 
@@ -243,26 +248,26 @@ async function executeBulkIgnore(
   fetchSpinner.stop();
 
   if (allIssues.length === 0) {
-    console.log(ansis.green("No false positive issues found."));
+    console.log(ansis.green("No issues found matching the current filters."));
     return;
   }
 
   const count = allIssues.length;
   const plural = count === 1 ? "" : "s";
-  console.log(`Found ${ansis.bold(String(count))} false positive issue${plural}.`);
+  console.log(`Found ${ansis.bold(String(count))} issue${plural}.`);
 
   const ignoreSpinner = ora(`Ignoring ${count} issue${plural}...`).start();
   const issueIds = allIssues.map((i) => i.issueId);
 
   for (let i = 0; i < issueIds.length; i += BULK_BATCH_SIZE) {
     await AnalysisService.bulkIgnoreIssues(provider, organization, repository, {
       issueIds: issueIds.slice(i, i + BULK_BATCH_SIZE),
-      reason: "FalsePositive",
+      reason,
       comment: comment || undefined,
     });
   }
 
-  ignoreSpinner.succeed(`Ignored ${ansis.bold(String(count))} false positive issue${plural}.`);
+  ignoreSpinner.succeed(`Ignored ${ansis.bold(String(count))} issue${plural}.`);
 }
 
 export function registerIssuesCommand(program: Command) {
@@ -289,9 +294,14 @@ export function registerIssuesCommand(program: Command) {
     .option("-a, --authors <authors>", "comma-separated list of author emails")
     .option("-n, --limit <n>", "maximum number of issues to return (default: 100, max: 1000)", "100")
     .option("-O, --overview", "show issue count totals instead of the issues list")
-    .option("-F, --false-positives", "only show issues that are potential false positives")
-    .option("-I, --bulk-ignore", "ignore all false positive issues matching the current filters")
-    .option("-m, --ignore-comment <comment>", "optional comment when using --bulk-ignore")
+    .option("-F, --false-positives [value]", "filter by potential false positives (true, false, or omit)", parseBooleanOption)
+    .option("-I, --ignore", "ignore all issues matching the current filters")
+    .option(
+      "-R, --ignore-reason <reason>",
+      "reason for ignoring (AcceptedUse|FalsePositive|NotExploitable|TestCode|ExternalCode)",
+      "AcceptedUse",
+    )
+    .option("-m, --ignore-comment <comment>", "optional comment when using --ignore")
     .addHelpText(
       "after",
       `
@@ -302,8 +312,10 @@ Examples:
   $ codacy issues gh my-org my-repo --tools eslint,semgrep
   $ codacy issues gh my-org my-repo --limit 500
   $ codacy issues gh my-org my-repo --false-positives
-  $ codacy issues gh my-org my-repo --bulk-ignore --branch main
-  $ codacy issues gh my-org my-repo --bulk-ignore --patterns security-rule --ignore-comment "Confirmed FPs"
+  $ codacy issues gh my-org my-repo --false-positives false
+  $ codacy issues gh my-org my-repo --ignore --branch main
+  $ codacy issues gh my-org my-repo --false-positives --ignore --ignore-reason FalsePositive
+  $ codacy issues gh my-org my-repo --ignore --ignore-reason NotExploitable --ignore-comment "Reviewed"
   $ codacy issues gh my-org my-repo --output json`,
     )
     .action(async function (
@@ -321,14 +333,14 @@ Examples:
         const body = await buildFilterBody(opts);
         const limit = Math.min(Math.max(parseInt(opts.limit, 10) || 100, 1), 1000);
 
-        if (opts.bulkIgnore) {
+        if (opts.ignore) {
           if (isOverview) {
-            this.error("--overview cannot be used with --bulk-ignore; --overview is a read-only display mode");
+            this.error("--overview cannot be used with --ignore; --overview is a read-only display mode");
           }
           if (this.getOptionValueSource("limit") === "cli") {
-            this.error("--limit cannot be used with --bulk-ignore; the bulk-ignore path always processes all matching issues");
+            this.error("--limit cannot be used with --ignore; the --ignore path always processes all matching issues");
           }
-          await executeBulkIgnore(provider, organization, repository, body, opts.ignoreComment);
+          await executeBulkIgnore(provider, organization, repository, body, opts.ignoreReason, opts.ignoreComment);
           return;
         }