Security Analyzer: semgrep merge to origin
Summary
The final item of Convert all GitLab Secure (security scanning) i... (&6) is to merge these changes to the primary product repository (gitlab.com/security-products/semgrep)
Details
To make this a part of the product itself, the changes of this repository's primary branch (distroless
) must be merged to the origin.
To perform this work:
-
Ensure distroless
includes and is compatible with the current state of the upstream primary (master
) by merging that branch into the working branch of this project.-
Fetch master
, mergemaster
intodistroless
, push to repository.
-
-
Prepare an within this project to test merge to master
, do not merge.-
Mark as Draft
, add note in description withDO NOT MERGE
.
-
-
Prepare an MR to the primary repository only after the previous step shows as safe. - Follow normal process. This MR, being a large change, will need a confirmed review from >1 maintainer.
Further
See also https://gitlab.com/gitlab-com/gitlab-OKRs/-/work_items/7017#deliverables
Acceptance
-
Changes from this repository for the Distroless implementation are merged to the primary repository
Edited by Jason Plum