Skip to content

Enable SAST

Dennis Appelt requested to merge da-enable-sast into master

Enables GitLab's SAST security job. For more information on SAST, see https://docs.gitlab.com/ee/user/application_security/sast/.

The effect of this MR is that there is an additional job running in CI pipelines called gosec. This job will run the code analyzer gosec. The results of gosec will be reported in the security dashboard and in merge requests. To get an idea of how the results look like, see what is reported on this MR by clicking on: image

The App Sec team reviews findings in Gitaly's security dashboard and will create an issue if something requires your attention. The results of gosec can also be beneficial for MR reviews, as they highlight potential problems.

Edited by GitLab Release Tools Bot

Merge request reports