Merge requests · GitLab.org / GitLab · GitLab

Add DS config for bundler audit advisory DB 1 of 1 checklist item completed

!23717 · created Jan 24, 2020 by Igor Frenkel 12.8
Category:Dependency Scanning [DEPRECATED] Category:Software Composition Analysis Deliverable Enterprise Edition SCA:Dependency Scanning backend custom fields devopssecure groupcomposition analysis secure offline scanning typefeature workflowin dev
- Merged
- 8
- Approved
updated Apr 21, 2023
Document new vars for dependency scanning

!24517 · created Feb 05, 2020 by Igor Frenkel 12.8
Category:Dependency Scanning [DEPRECATED] Category:Software Composition Analysis Deliverable Enterprise Edition SCA:Dependency Scanning backend custom fields devopssecure documentation groupcomposition analysis secure offline scanning typefeature workflowin review
- Merged
- 10
- Approved
updated Apr 21, 2023
Document new env vars for Retire.js airgap usage 0 of 9 checklist items completed

!25883 · created Feb 25, 2020 by Adam Cohen 12.9
Category:Dependency Scanning [DEPRECATED] Category:Software Composition Analysis Deliverable Enterprise Edition Kickoff Highlight SCA:Dependency Scanning Technical Writing backend customer devopssecure direction docs-only documentation groupcomposition analysis planning priority secure offline scanning typefeature workflowproduction
- Merged
- 20
- Approved
updated Apr 21, 2023
Don't parse undefined severity confidence from reports 4 of 4 checklist items completed

!25884 · created Feb 25, 2020 by Can Eldem 12.9
Category:Container Scanning Category:DAST Category:Dependency Scanning [DEPRECATED] Category:SAST Category:Software Composition Analysis Deliverable SCA:Dependency Scanning UX backend backstage [DEPRECATED] devopssecure groupcomposition analysis security reports workflowproduction
- Merged
- 11
- Approved
updated Apr 21, 2023
Replace undefined severity with unknown severity for occurrences 4 of 4 checklist items completed

!26085 · created Feb 27, 2020 by Can Eldem 12.9
Category:Container Scanning Category:DAST Category:Dependency Scanning [DEPRECATED] Category:SAST Category:Software Composition Analysis Deliverable SCA:Dependency Scanning backend backstage [DEPRECATED] database databaseapproved devopssecure groupcomposition analysis security reports workflowproduction
- Merged
- 41
- Approved
updated Apr 21, 2023
Replace undefined severity with unknown severity for vulnerabilities 4 of 4 checklist items completed

!26305 · created Mar 02, 2020 by Can Eldem 12.9
Category:Container Scanning Category:DAST Category:Dependency Scanning [DEPRECATED] Category:SAST Category:Software Composition Analysis Deliverable SCA:Dependency Scanning backend backstage [DEPRECATED] database databaseapproved devopssecure groupcomposition analysis security reports workflowproduction
- Merged
- 21
- Approved
updated Apr 21, 2023
Add Retire.js vars to Dependency Scanning template 1 of 1 checklist item completed

!26463 · created Mar 04, 2020 by Adam Cohen 12.9
Category:Dependency Scanning [DEPRECATED] Category:Software Composition Analysis Deliverable Enterprise Edition Kickoff Highlight SCA:Dependency Scanning backend customer devopssecure direction groupcomposition analysis planning priority secure offline scanning typefeature workflowproduction
- Merged
- 5
- Approved
updated Apr 21, 2023
Add deprecation note for Severity and Confidence levels 2 of 6 checklist items completed

!26984 · created Mar 11, 2020 by Can Eldem 12.9
Category:Container Scanning Category:DAST Category:Dependency Scanning [DEPRECATED] Category:SAST Category:Software Composition Analysis Deliverable SCA:Dependency Scanning devopssecure docs-only documentation groupcomposition analysis security reports typemaintenance workflowproduction
- Merged
- 10
- Approved
updated Apr 21, 2023
Cleanup undefined severity level from code 3 of 3 checklist items completed

!27095 · created Mar 12, 2020 by Can Eldem 12.9
Category:Container Scanning Category:DAST Category:Dependency Scanning [DEPRECATED] Category:SAST Category:Software Composition Analysis Deliverable SCA:Dependency Scanning backend backstage [DEPRECATED] devopssecure groupcomposition analysis security reports workflowproduction
- Merged
- 9
- Approved
updated Apr 21, 2023
Document detection logic changes DS when switching no-DinD mode 5 of 9 checklist items completed

!28444 · created Mar 31, 2020 by Can Eldem 12.10
Category:Dependency Scanning [DEPRECATED] Category:SAST Category:Software Composition Analysis Deliverable Enterprise Edition SCA:Dependency Scanning Technical Writing backend backstage [DEPRECATED] devopssecure docs-only documentation groupcomposition analysis typemaintenance workflowproduction
- Merged
- 15
- Approved
updated Apr 21, 2023
Sort DS analysers according to scanner id 4 of 4 checklist items completed

!30190 · created Apr 22, 2020 by Can Eldem 13.0
Category:Dependency Scanning [DEPRECATED] Category:Software Composition Analysis Deliverable SCA:Dependency Scanning backend devopssecure groupcomposition analysis priority2 severity3 typebug workflowproduction
- Merged
- 27
- Approved
updated Apr 21, 2023
Make DS_DISABLE_DIND true 2 of 2 checklist items completed

!31588 · created May 11, 2020 by Fabien Catteau 13.0
Category:Dependency Scanning [DEPRECATED] Category:Software Composition Analysis Deliverable Enterprise Edition SCA:Dependency Scanning backend deprecation devopssecure groupcomposition analysis typefeature workflowproduction
- Merged
- 10
- Approved
updated Apr 21, 2023
Document no-DinD being the new default for Dependency Scanning 8 of 16 checklist items completed

!31592 · created May 11, 2020 by Fabien Catteau 13.0
Category:Dependency Scanning [DEPRECATED] Category:Software Composition Analysis Deliverable Enterprise Edition SCA:Dependency Scanning Technical Writing backend backstage [DEPRECATED] deprecation devopssecure docs-only docsimprovement documentation groupcomposition analysis typemaintenance workflowproduction
- Merged
- 39
- Approved
updated Apr 21, 2023
Update report schema documentation for Dependency Scanning 0 of 13 checklist items completed

!31830 · created May 13, 2020 by Igor Frenkel 13.1
Category:Dependency Scanning [DEPRECATED] Category:Software Composition Analysis Deliverable Enterprise Edition SCA:Dependency Scanning Technical Writing backend backstage [DEPRECATED] devopssecure docs-only groupcomposition analysis missed-deliverable missed:12.10 missed:12.9 missed:13.0 security reports integration typefeature workflowproduction
- Merged
- 5
- Approved
updated Apr 21, 2023
Update dependency list parser to parse vulnerability field in addition do dependency_list field 3 of 3 checklist items completed

!32560 · created May 19, 2020 by Can Eldem 13.1
Category:Dependency Scanning [DEPRECATED] Category:Software Composition Analysis Deliverable SCA:Dependency Scanning backend customer dependency list devopssecure groupcomposition analysis priority2 severity3 typebug workflowproduction
- Merged
- 37
- Approved
updated Apr 21, 2023
Extend configuration end point to return json when format is given 4 of 4 checklist items completed

!37217 · created Jul 17, 2020 by Can Eldem 13.3
Category:Dependency Scanning [DEPRECATED] Category:License Compliance [DEPRECATED] Category:Software Composition Analysis Category:Vulnerability Management Deliverable Enterprise Edition GitLab Ultimate SCA:Dependency Scanning SCA:License Scanning backend devopssecure featureaddition groupcomposition analysis sub-issue typefeature workflowproduction
- Merged
- 21
- Approved
updated Apr 21, 2023
Add Dependency Scanning support for NuGet lock files 1 of 13 checklist items completed

!37553 · created Jul 22, 2020 by Fabien Catteau 13.3
AST Leadership Category:Dependency Scanning [DEPRECATED] Category:Software Composition Analysis Deliverable Enterprise Edition GitLab Ultimate SCA:Dependency Scanning backend devopssecure direction groupcomposition analysis quad-planningcomplete-action typefeature workflowproduction
- Merged
- 13
- Approved
updated Apr 21, 2023
Document NuGet as supported by Dependency Scanning 7 of 18 checklist items completed

!37609 · created Jul 22, 2020 by Fabien Catteau 13.3
AST Leadership Category:Dependency Scanning [DEPRECATED] Category:Software Composition Analysis Deliverable Enterprise Edition GitLab Ultimate SCA:Dependency Scanning Technical Writing backend devopssecure direction docs-only docsfeature documentation groupcomposition analysis quad-planningcomplete-action typefeature workflowproduction
- Merged
- 4
- Approved
updated Apr 21, 2023
Count pipelines that have security jobs 4 of 4 checklist items completed

!37809 · created Jul 24, 2020 by Can Eldem 13.3
Category:Container Scanning Category:DAST Category:Dependency Scanning [DEPRECATED] Category:Fuzz Testing Category:SAST Category:Secret Detection Category:Software Composition Analysis Deliverable Enterprise Edition GitLab Ultimate SCA:Dependency Scanning backend database databaseapproved devopssecure documentation featureaddition groupcomposition analysis product intelligence product intelligenceapproved product metrics quad-planningcomplete-no-action typefeature workflowproduction
- Merged
- 24
- Approved
updated Apr 21, 2023
Update size limits for SCA artifacts 6 of 6 checklist items completed

!37975 · created Jul 27, 2020 by Tetiana Chupryna 13.3
Application Limits CI artifacts Category:Container Scanning Category:Continuous Integration Category:Dependency Scanning [DEPRECATED] Category:License Compliance [DEPRECATED] Category:Software Composition Analysis Deliverable Enterprise Edition GitLab Ultimate SCA:Dependency Scanning SCA:License Scanning backend database databaseapproved devopssecure groupcomposition analysis quad-planningcomplete-action typefeature workflowproduction
- Merged
- 11
- Approved
updated Apr 21, 2023