fix: SAST passthrough for semgrep must use valid severity (!109131) · Merge requests · GitLab.org / GitLab

Lucas Charles requested to merge theoretick-master-patch-79512 into master Jan 17, 2023

What does this MR do and why?

Fixes previous issue with #388223 (closed) where we document a non-native semgrep severity level.

In other custom ruleset cases we can support all GitLab severities; for example in the override section but for synthesis we pass the raw configuration directly to the underlying scanner so it must be one of the three documented severity types. Quoting from the severity docs:

--severity [INFO|WARNING|ERROR]  
                                Report findings only from rules matching the  
                                supplied severity level. By default all  
                                applicable rules are run. Can add multiple  
                                times. Each should be one of INFO, WARNING,  
                                or ERROR.

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

I have evaluated the MR acceptance checklist for this MR.

Edited Jan 17, 2023 by Lucas Charles

fix: SAST passthrough for semgrep must use valid severity

What does this MR do and why?

MR acceptance checklist

Merge request reports