Document deepcode ignore comments

[oaahmad]

Please document "deepcode ignore" comments for ignoring vulnerabilities from Snyk Code. This functionality is not documented anywhere except with a screenshot for the deprecated Deepcode extension. This would be a good place: https://docs.snyk.io/manage-risk/prioritize-issues-for-fixing/ignore-issues .

In particular, please document:

• That we can ignore a specific issue reported by Snyk Code on a specific line with a comment (// deepcode ignore AnIssue: some explanation)
• How to ignore multiple issues for a single line (it seems like commas work maybe?)
• How to set an expiry date for the comment (if possible - I don't know if it is because there's no documentation)

It would also be useful if the CLI printed these codes by default so we don't have to generate a SARIF file to find out what it is, but that's a separate (related) issue.

Context:

I'm trying to build a pipeline for my company that runs Snyk, and I just spent hours trying to find out how to ignore a specific issue for a specific line. Then I spent more hours trying to implement that functionality myself with a wrapper script around the Snyk CLI. Then I read some obscure reference about ignoring with comments while looking at the Snyk extension for VS Code. Then I knew it must be possible, so I spent more hours trying to figure out how / what the comment syntax looks like.

It looks like somebody else had the same thought process as me: https://github.com/adrianosela/snyk_code_ignore .