Skip to content

Add GitLab Advanced SAST to CI/CD config

Dominic Couture requested to merge dcouture-gitlab-advanced-sast into master

What does this MR do and why?

This MR adds GitLab Advanced SAST to the pipeline.

GitLab Advanced SAST is able to parse more complex code flows to find more complex vulnerabilities and greatly reduce false positives.

Related to https://gitlab.com/gitlab-com/gl-security/product-security/appsec/appsec-team/-/issues/786

MR acceptance checklist

Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Screenshots or screen recordings

N/A

How to set up and validate locally

Looking at the pipeline results and comparing with existing vulnerability findings

Edited by Dominic Couture

Merge request reports

Loading