Add rules to semgrep-sast job
What does this MR do?
In docs MRs, there's an extra pipeline running with a single semgrep-sast
job: !4922 (merged). This seems to be a branch pipeline created before the MR is opened.
You can also see these jobs scattered throughout the pipelines list, just before new docs MRs are created: https://gitlab.com/gitlab-org/gitlab-runner/-/pipelines
This is likely due to the job still using the default rules including in the template. This MR changes that to use the same rules as the gemnasium-dependency-scanning
job, to avoid the duplication and remove the job from docs-only pipelines too.
Why was this MR needed?
What's the best way to test this MR?
What are the relevant issue numbers?
Edited by Marcel Amirault