scan

type PolicyException struct {
	Package      string   `json:"package"`
	Capabilities []string `json:"capabilities"`
	Taint        []string `json:"taint"`   // e.g. ["network→exec", "env→exec"]
	Expires      string   `json:"expires"` // ISO 8601 date "2026-06-01"
}

type PolicySuppress struct {
	ByFilePattern   []string `json:"by_file_pattern"`   // e.g. ["vendor/**", "test/**"]
	ByModule        []string `json:"by_module"`         // e.g. ["github.com/test/*"]
	ByCapabilityVia []string `json:"by_capability_via"` // e.g. ["import"]
}