Enable NodeJS Scan and upgrade SAST rules
What does this MR do?
This MR enabled the NodeJS Scan ruleset.
- Upgrade SAST rules which includes the NodeJS scan ruleset
- Import the NodeJS Scan ruleset to semgrep in the dockerfiles
- Add NodeJS specific fixture and refresh expected JSON to ensure the rules are running
What are the relevant issue numbers?
Does this MR meet the acceptance criteria?
-
Changelog entry added -
Documentation created/updated for GitLab EE, if necessary -
Documentation created/updated for this project, if necessary -
Documentation reviewed by technical writer or follow-up review issue created -
Tests updated/added for this feature/bug -
Job definition updated, if necessary -
Conforms to the code review guidelines -
Conforms to the Go guidelines -
Security reports checked/validated by reviewer
Edited by Craig Smith