charter suppress writes a suppression entry to .charter-suppress.yml. Use it when a finding is a confirmed false positive or an accepted risk that still needs an audit trail. Suppressed findings disappear from the active score and are listed separately in scan output.
Usage
What Gets Written
charter suppress updates .charter-suppress.yml in the target repository. Each entry records:
Flags
Human-readable explanation of why this finding is acceptable. Required — a suppression without a reason triggers
AE-SUPPRESS-001.Time-to-live for the suppression. Accepts a duration (
30d, 90d, 1y), an ISO date (2026-12-31), or permanent. Defaults to 90d.Approver handle. Required for permanent suppressions — without it,
AE-SUPPRESS-002 fires as a High finding.Explicit repository root. Defaults to the current working directory.
Print the suppression entry that would be written without modifying
.charter-suppress.yml.Governance Rules
What happens to suppressions at scan time
What happens to suppressions at scan time
Three governance rules run on every
charter doctor scan to keep the suppression file honest:AE-SUPPRESS-001 (Medium) — fires if any suppression entry is missing a reason field. Every suppression must carry a human-readable justification.AE-SUPPRESS-002 (High) — fires if any permanent suppression has no approver field. Permanent waivers require an explicit owner on record.AE-SUPPRESS-003 (Informational) — fires when the suppression rate across the repository is high. This is a signal-only finding and does not deduct from the score. It surfaces when a large proportion of findings are suppressed rather than fixed.These rules cannot themselves be suppressed without triggering further governance findings.