Bring SAST to Core - secrets
Full requirements listing in &2098 (closed)
Scope of this issue specifically
Secret Detection security plugin scanning, when Docker-in-Docker is disabled - SAST_DISABLED_DIND = true
Plan
Implementation Plan
-
Update SAST vendored template -
Remove check for /sast/ in features for the brakeman analyzers for the DIND-free version.
-
-
Update license for the repository from EE LicensetoMIT ExpatMinor Version Bump
Test Plan
-
Test analyzers as a core user -
Verify Capability table from Epic
-
-
Test analyzers as an ultimate user -
Verify Capability table from Epic
-
-
-
Ensure support for downloading artifact
-