13.10 Analyzer Updates

THIS ISSUE DUPLICATES A PRIVATE INTERNAL RELEASE ISSUE PURELY FOR PUBLIC VISIBLITY https://gitlab.com/gitlab-org/security-products/release/-/issues/108

Check upstream updates

Static Analysis Analyzers

Please scrutinize the following dependencies according to our the guidance listed in the handbook.

@rossfuhrman:

• brakeman
• phpcs-security-audit
• security-code-scan

@ssarka:

• bandit
  • bandit has been updated to the latest version(1.7.0)
• eslint
  • Version updated to 7.21.0: gitlab-org/security-products/analyzers/eslint!73 (merged)
• mobSF
  • Version updated to 3.3.3: gitlab-org/security-products/analyzers/mobsf!19 (merged)
• SAST template for MobSF version
  • Version updated to 3.3.3 in the template: !56413 (merged)

@dsearles:

• flawfinder v2.0.15 is the latest, no update required.
• gosec Update to 2.7.0 gitlab-org/security-products/analyzers/gosec!91 (merged)
• sobelow Update to 0.11.1 gitlab-org/security-products/analyzers/sobelow!50 (merged)

@zrice:

• kubesec v2.11.0 is the latest, no update required.
• nodejs-scan gitlab-org/security-products/analyzers/nodejs-scan!94 (merged)
• secrets gitlab-org/security-products/analyzers/secrets!102 (merged)

@theoretick:

• pmd-apex gitlab-org/security-products/analyzers/pmd-apex!53 (merged)
• spotbugs

---