Secure group issues requiring attention
Hi @bikebilly,
Here is a list of feature proposals without a milestone.
We would like to ask you to determine whether this issue should be scheduled or closed. For each issue please:
- Close the issue out if it is no longer relevant or a duplicate.
- Assign either a versioned milestone, the %Backlog or the %Awaiting further demand milestone.
For the issues triaged please check off the box in front of the given issue.
Please work with your team to complete the list this week.
-
https://gitlab.com/gitlab-org/gitlab-ee/issues/10280 Allow Export of Security Dashboard Data Persona: DevOps Engineer, Persona: Development Team Lead, Persona: Security Analyst, ~"Secure", feature -
https://gitlab.com/gitlab-org/gitlab-ee/issues/10272 First-class vulnerability from API source Persona: Security Analyst, ~"Secure", api, backend, customer, ~"devops:secure", feature -
https://gitlab.com/gitlab-org/gitlab-ee/issues/10215 Notify users when they have setup security jobs correctly ~"Secure", UX, auto updated, ~"devops:secure", feature -
https://gitlab.com/gitlab-org/gitlab-ee/issues/10194 Determine how to define security status ~"Secure", feature -
https://gitlab.com/gitlab-org/gitlab-ee/issues/10189 Create a security vulnerability from Slack ~"Defend", Persona: DevOps Engineer, Persona: Security Analyst, ~"Secure", ~"devops:secure", ~"external services", feature -
https://gitlab.com/gitlab-org/gitlab-ee/issues/10127 License Management for vendored go dependencies ~"Secure", backend, ~"devops:secure", feature, golang, ~"license management" -
https://gitlab.com/gitlab-org/gitlab-ee/issues/10078 Bill Of Materials API Persona: Development Team Lead, Persona: Security Analyst, ~"Secure", analysts, api, backend, ~"bill of materials", customer, ~"devops:secure", direction, feature -
https://gitlab.com/gitlab-org/gitlab-ee/issues/10077 Add Dependency Scanning information to the Bill Of Materials Persona: Development Team Lead, Persona: Security Analyst, ~"Secure", UX, analysts, backend, ~"bill of materials", customer, ~"dependency scanning", ~"devops:secure", direction, feature, frontend, internal customer -
https://gitlab.com/gitlab-org/gitlab-ee/issues/10069 Support multiple auto-remediation patches when applying a vulnerability solution Persona: Security Analyst, Persona: Software developer, ~"Secure", auto remediation, backend, ~"backstage", ~"devops:secure", feature, frontend, ~"technical debt" -
https://gitlab.com/gitlab-org/gitlab-ee/issues/10047 Auto Remediation support for Secret Detection ~"Secure", auto remediation, ~"devops:secure", direction, feature, ~"secret detection" -
https://gitlab.com/gitlab-org/gitlab-ee/issues/10046 Check if a vulnerable component is really used by a container Persona: Security Analyst, ~"Secure", backend, ~"container scanning", ~"devops:secure", direction, feature -
https://gitlab.com/gitlab-org/gitlab-ee/issues/10034 Add support for specifying project file in SAST dotnet security-code-scan Persona: Security Analyst, Persona: Software developer, ~"Secure", ~"devops:secure", feature, ~"sast" -
https://gitlab.com/gitlab-org/gitlab-ee/issues/10030 Exclude dirs from SAST analysis Persona: Development Team Lead, Persona: Software developer, ~"Secure", customer, ~"devops:secure", feature, ~"sast" -
https://gitlab.com/gitlab-org/gitlab-ee/issues/9997 Inline vulnerability management for the Group Security Dashboard GitLab Ultimate, Persona: Security Analyst, ~"Secure", UX, ~"devops:secure", direction, feature, frontend, security dashboard -
https://gitlab.com/gitlab-org/gitlab-ee/issues/9967 (confidential) ~"(confidential)"
Hi @leipert,
Here is a list of frontend bugs without severity and priority for the team.
We would like to ask you to work with your team to triage the issues in this list. For each issue please:
- Close the issue if it is no longer relevant or a duplicate.
- Assign a Priority and a Severity Label.
- Assign either a versioned milestone or to the %Backlog milestone.
The definition of these labels are defined at:
- Priority Labels (~P1 / ~P2 / ~P3 / ~P4)
- Severity Labels (~S1 / ~S2 / ~S3 / ~S4)
For the issues triaged please check off the box in front of the given issue.
Please work with your team to complete the list this week.
Dear @plafoucriere,
Here is a list of bugs without severity and priority for the team.
We would like to ask you to work with your team to triage the issues in this list. For each issue please:
- Close the issue if it is no longer relevant or a duplicate.
- Assign a Priority and a Severity Label.
- Assign either a versioned milestone or to the %Backlog milestone.
The definition of these labels are defined at:
- Priority Labels (~P1 / ~P2 / ~P3 / ~P4)
- Severity Labels (~S1 / ~S2 / ~S3 / ~S4)
For the issues triaged please check off the box in front of the given issue.
Please work with your team to complete the list this week.
-
https://gitlab.com/gitlab-org/gitlab-ee/issues/10281 Secrets analyzer buffer overflow on large files ~"Secure", ~"bug", ~"devops:secure", ~"sast" -
https://gitlab.com/gitlab-org/gitlab-ee/issues/10257 Secret Analyzer fails when no leak in repo ~"Secure", ~"bug", ~"sast" -
https://gitlab.com/gitlab-org/gitlab-ee/issues/10241 Container Scanning not working with NFS mounts GitLab Ultimate, ~"Secure", ~"Verify", ~"bug", ~"container scanning", customer, ~"devops:verify" -
https://gitlab.com/gitlab-org/gitlab-ee/issues/9894 Entry script of the DAST image can only parse short options, but auth params are long options ~"Secure", ~"bug", ~"dast", ~"devops:secure"
This is a group level triage package that aims to collate the latest bug reports (for frontend and otherwise) and feature proposals. For more information please refer to the handbook: