bug(scan): ignore-block in yaml file applies to the top-level block

[anne-k]

Expected Behavior

I have an OpenAPI yaml file with endpoints and I want the KICS scan to ignore some of those endpoints. I expect that if I put # kics-scan ignore-block above an endpoint, the KICS scan will ignore it. This works for most endpoints.

paths:

  '/some/endpoint': # this endpoint gets included in the scan
    get:
      property: value
      otherProperty: otherValue

  # kics-scan ignore-block
  '/different/endpoint': # this endpoint gets ignored
    get:
      property: value
      otherProperty: otherValue

  '/third/endpoint': # this endpoint gets included in the scan
    get:
      property: value
      otherProperty: otherValue

I expect this to work for all endpoints in the file.

Actual Behavior

However, if I try to use it to ignore the first endpoint in the file, the ignore does not apply to just that endpoint but to the entire paths block, as if I had put it above that.

paths:

  # kics-scan ignore-block
  '/some/endpoint': # this endpoint gets ignored
    get:
      property: value
      otherProperty: otherValue

  '/different/endpoint': # ...but this endpoint also gets ignored
    get:
      property: value
      otherProperty: otherValue

  '/third/endpoint': # and this one too
    get:
      property: value
      otherProperty: otherValue

components: # only here does the scan start to apply again

  schemas:
    Item:
      property: value

Steps to Reproduce the Problem

Put an ignore-block comment above the first endpoint in a paths block.

Specifications

GitLab kics analyzer v4.1.11