ci: add SAST_EXCLUDED_ANALYZERS and remove unused analyzers
According to https://docs.gitlab.com/ee/update/deprecations#sast-analyzer-consolidation-and-cicd-template-changes and https://gitlab.com/gitlab-org/security-products/analyzers/gosec, the Gosec
analyzer has been deprecated and should not be used.
The replacement seems to be the semgrep
analyzer which is already being used by labkit because it is including the SAST template from the main GitLab repository.
The eslint
and nodejs-scan
analyzers are not used but their job is added to the pipeline because of commitlint
and package.json
.
This MR add SAST_EXCLUDED_ANALYZERS to avoid running those analyzers and speed up CI.
Note: sast analyzers are not run on MRs but this should still speed up full pipelines on commit/merge