Adding SAST/Secret-Detection?Dependency Scanning to .gitlab-ci.yml to provide...
Adding SAST/Secret-Detection?Dependency Scanning to .gitlab-ci.yml to provide output to your security & compliance
section.
The information for these scans can be found: https://docs.gitlab.com/ee/user/application_security/sast/#configuration
I ran these on a copy of your project and found a few things that I believe would be beneficial for your team to look into.
Do keep in mind that there should be, what I believe, 2 false negatives from the initial scan.
Password in URL
doc/ase/db/db.rst
What I found when researching these reports, looked to be an example of a username:password for a db connection. So as long as that is just an example, you can dismiss those two vulnerabilities.