fortify reports questions
I am pretty new to fortify CLI.
We have fortify scans (fpr files) for many projects. We dilligently mark issues which are false positive and then run pdf reporst from these files. We want to automate this process.
The issue is we have 2 different types of reports, One with there are new issues with latest scan and other is no new issues with the latest scan.
So I was thinking if I merge old fpr with latest one, and run a issue age:new quesry (FPRUtility) I should either get no new issues found or 20 issues found type of result but it is not consistent, what I may be doing wrong? Any other suggestionfinding this information?
I full cli quesry is
FPRUtility -project <merged.fpr> -information -serach -query "[issue age]:new"
i tried different quesries as well e.g.
"[issue age]:new AND [issue state]:Open Issue"
But not getting consistent results..
Thanks in advance.