Secure group issues requiring attention
Hi @kencjohnston,
Here is a list of feature proposals without a milestone.
We would like to ask you to determine whether this issue should be scheduled or closed. For each issue please:
- Close the issue out if it is no longer relevant or a duplicate.
- Assign either a versioned milestone, the %Backlog or the %Awaiting further demand milestone.
For the issues triaged please check off the box in front of the given issue.
Please work with your team to complete the list this week.
-
#12012 (closed) Pipfile.lock support for License Management ~"Secure", ~"Secure::Software Composition Analysis", devopssecure, feature, ~"license management" -
#11947 (closed) Add Trivy as an option for Container Scanning ~"Secure", ~"Secure::Software Composition Analysis", ~"auto devops", feature -
#11853 (closed) Configuring DAST to use PKI certs through an API ~"Secure", ~"Secure::Static and Dynamic Analysis", ~"dast", devopssecure, feature -
#11849 (closed) Preview, check advisory in Gemnasium without being an admin ~"Secure", ~"Secure::Software Composition Analysis", ~"dependency scanning", devopssecure, feature -
#8428 (closed) License Management ignores pip configurations with private servers ~"Secure", ~"Secure::Software Composition Analysis", blocked, devopssecure, feature, ~"license management", upstream deps
Hi @leipert,
Here is a list of frontend bugs without severity and priority for the team.
We would like to ask you to work with your team to triage the issues in this list. For each issue please:
- Close the issue if it is no longer relevant or a duplicate.
- Assign a Priority and a Severity Label.
- Assign either a versioned milestone or to the %Backlog milestone.
The definition of these labels are defined at:
- Priority Labels (~P1 / ~P2 / ~P3 / ~P4)
- Severity Labels (~S1 / ~S2 / ~S3 / ~S4)
For the issues triaged please check off the box in front of the given issue.
Please work with your team to complete the list this week.
-
#5438 (closed) Sast report in CI View: Tab only appears after job has successfully run ~"Secure", ~"Secure::Static and Dynamic Analysis", UX, backend, ~"bug", devopssecure, frontend
Dear @twoodham,
Here is a list of bugs without severity and priority for the team.
We would like to ask you to work with your team to triage the issues in this list. For each issue please:
- Close the issue if it is no longer relevant or a duplicate.
- Assign a Priority and a Severity Label.
- Assign either a versioned milestone or to the %Backlog milestone.
The definition of these labels are defined at:
- Priority Labels (~P1 / ~P2 / ~P3 / ~P4)
- Severity Labels (~S1 / ~S2 / ~S3 / ~S4)
For the issues triaged please check off the box in front of the given issue.
Please work with your team to complete the list this week.
-
#12035 (closed) Bug: MRs submitted with code owners cannot have modify approval rules once disabled ~"Secure", approvals, ~"bug", groupsource code, regression -
#12017 (closed) Security Report parser failure - Missing locationattribute in dependency scanning vulnerability ~"Secure", ~"Secure::Software Composition Analysis", ~"bug", ~"group::software composition analysis" -
#12021 (closed) Dependency Scanning analysis is taking too much time on CE/EE ~"Secure", ~"Secure::Software Composition Analysis", ~"bug", ~"dependency scanning", devopssecure, ~"performance"
This is a group level triage package that aims to collate the latest bug reports (for frontend and otherwise) and feature proposals. For more information please refer to the handbook: