Reducing the FPR file size
There are a few ways to reduce the size of FPR files. The quickest way to do this without affecting results is to exclude the source code from the FPR as described in Excluding Source Code from the FPR. You can also reduce the size of a merged FPR with the FPRUtility (see the OpenText™ Application Security Tools Guide).
There are a few other properties that you can use to select what is excluded from the FPR. You can set these properties in the <sast_install_dir>/Core/config/fortify-sca.properties file or specify an option on the command line for the analysis (scan) phase.
| Property name | Description |
|---|---|
Command-Line Option: | Excludes the metatable from the FPR. Fortify Audit Workbench uses the metatable to map information in Functions view. |
Command-Line Option: | Excludes rule descriptions from the FPR. If you do not use custom descriptions, the descriptions in the Fortify Taxonomy (https://vulncat.fortify.com) are used. |
Command-Line Option: | Excludes engine data from the FPR. This is useful if your FPR contains many warnings when you open the file in Fortify Audit Workbench. If you exclude engine data from the FPR, you must merge the FPR with the current audit project locally before you upload it to Fortify Software Security Center. Fortify Software Security Center cannot merge it on the server because the FPR does not contain the OpenText SAST version. |
Command-Line Option: | Excludes the program data from the FPR. This removes the Taint Sources information from the Functions view in Fortify Audit Workbench. This property typically only has a minimal effect on the overall size of the FPR file. |