Use semver for Secure stage analyzers
What does this MR do and why?
While thinking about Create process for fixing bugs in sast-rules (#464264), I realized we are currently unable to come up with meaningful bugfix version numbers because we are abusing the Patch
part of the version to ship minor features.
This MR makes our use of versions closer to semver.org recommendations, so that only bugfixes will increment Patch
.
It also clarifies that we increment Major
only in sync with Major
GitLab releases.
Edited by Dinesh Bolkensteyn