14.2 Analyzer Updates - public issue

THIS ISSUE DUPLICATES A PRIVATE INTERNAL RELEASE ISSUE PURELY FOR PUBLIC VISIBLITY https://gitlab.com/gitlab-org/security-products/release/-/issues/113

Prepare

SAST

Check the analyzers list and make sure it includes the analyzers/languages recently added.

Dependency Scanning

Check the analyzers list and make sure it includes the analyzers/languages recently added.

Check upstream updates

Static Analysis Analyzers

Please scrutinize the following dependencies according to our the guidance listed in the handbook.

brakeman
phpcs-security-audit
security-code-scan
[-] bandit | Up to date
eslint | gitlab-org/security-products/analyzers/eslint!87 (merged)
eslint package.json and other dependencies | gitlab-org/security-products/analyzers/eslint!87 (merged)
[-] mobSF | Up to date
[-] flawfinder | Up to date
gosec | gitlab-org/security-products/analyzers/gosec!119 (merged)
[-] sobelow | Up to date
semgrep | gitlab-org/security-products/analyzers/semgrep!72 (merged)
kubesec
nodejs-scan
secrets
pmd-apex
spotbugs

Container Scanning Analyzers

For each upstream scanner having an available update, please open a dedicated issue with ./script/update_scanner_issue.rb template.

trivy

For each upstream scanner having an available update, please open a dedicated issue with ./script/update_scanner_issue.rb template.

License Compliance

License Finder

Dependency Scanning Analyzers

bundler-audit
retire.js

Edited Aug 21, 2021 by Taylor McCaslin

Assignee Loading

Time tracking Loading