Parse and store dependency scanning results in database
What does this MR do?
Parse and store Dependency Scanning reports in Database by reusing the SAST parser and renaming it into Common
.
This also add a quick workaround to ensure stored vulnerabilities for dependency_scanning don't show up yet in the group dashboard, until we cleanly handle it with #6240 (closed) and #8481 (closed).
CE backport MR: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/23460
What are the relevant issue numbers?
Does this MR meet the acceptance criteria?
-
Changelog entry added, if necessary -
Documentation created/updated -
Tests added for this feature/bug -
Conforms to the code review guidelines -
Conforms to the merge request performance guidelines -
Conforms to the style guides -
Conforms to the database guides -
Link to e2e tests MR added if this MR has Requires e2e tests label. See the Test Planning Process. -
EE specific content should be in the top level /ee
folder -
For a paid feature, have we considered GitLab.com plans, how it works for groups, and is there a design for promoting it to users who aren't on the correct plan? -
Security reports checked/validated by reviewer
Edited by Kamil Trzciński (Back 2025-01-01)