Remove container-image: from location on the Dependency List
What does this MR do and why?
This MR removes container-image:
prefix from dependency location on the Dependency List when dependencies were found in container image (using container-scanning
analyzer).
Screenshots or screen recordings
Before
After
How to set up and validate locally
- Create new project.
- Configure Container-Scanning in
.gitlab-ci.yml
file:
variables:
DOCKER_IMAGE: alpine:3.12.0
include:
- template: Security/Container-Scanning.gitlab-ci.yml
- Run the pipeline
- Go to Security & Compliance -> Dependency list
- Take a look at the location field.
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Related to #349002 (closed)
Edited by Alan (Maciej) Paruszewski