2025-05-02 : Dependency Scanning latest template uses an incorrect image url

Dependency Scanning latest template uses an incorrect image url (Severity 4)

A recent change in the Dependency Scanning latest template has broken the image URL for the new GitLab Dependency Scanning Analyzer.

Specifically, the dependency-scanning CI job is trying to fetch an image that doesn't exist, due to an incorrect path in the CI job definition. See gitlab-org/gitlab!189072 (diffs, comment 2480894670)

The change of the CI template was actually not yet deployed to production and a new image has been pushed to the new location to avoid job failure.

The customer who reported the problem likely uses a direct reference of the file in the master branch of the gitlab git repository. This has allowed us to react and prevent the probem to arise for all other customers using this CI job.

Dashboard to track container registry queries for the related images: https://log.gprd.gitlab.net/app/r/s/MRb1k

---

This ticket was created to track INC-642, by incident.io 🔥