AntiPattern
Dependency Scan Exclusion Mismatch
dependency-scan-exclusion-mismatch
Vulnerability scanners and artifact-import pipelines reuse resolved transitive dependency data and OWASP/NVD matches, but exclusion rules and detection scopes differ across tools, scan types, and SCM imports, causing noisy false positives or missed suppressions that require manual review.