Expiration of vulnerability / show remediated vulnerabilities that are still in allowedlist.yaml

[jwasserman731]

Is there a way to set expiration of a vulnerability added to the allowedlist.yaml file? This would be helpful to align with approved exception requests.

Also, it seems once you add an exception to allowedlist.yaml it never shows up in scan as actually still there. It would be helpful to show all identified vulnerabilities in every scan with a column that represented "allowedlist" and then also report on items in "allowedlist" that have been remediated to trigger notification to remove.