Add GitLab Advanced SAST to CI/CD config (!4965) · Merge requests · GitLab.org / gitlab-runner · GitLab

Dominic Couture requested to merge dcouture-gitlab-avanced-sast into main Aug 20, 2024

What does this MR do?

This MR adds GitLab Advanced SAST to the pipeline.

Why was this MR needed?

GitLab Advanced SAST is able to parse more complex code flows to find more complex vulnerabilities and greatly reduce false positives.

What's the best way to test this MR?

Looking at the pipeline results and comparing with existing vulnerability findings

What are the relevant issue numbers?

Related to https://gitlab.com/gitlab-com/gl-security/product-security/appsec/appsec-team/-/issues/786+