Replace DS_DEFAULT_ANALYZERS in projects under gitlab-org/security-products
Why
As GitLab 15.0 dropped DS_DEFAULT_ANALYZERS
environment variable, the projects under @gitlab-org
should replace all of them with DS_EXCLUDED_ANALYZERS
.
Target projects
https://gitlab.com/gitlab-org/security-products
What to do
Replaces deprecated variable for disabling some default analyzers.
- https://docs.gitlab.com/ee/update/removals.html#dependency-scanning
- To disable all default analyazers
- To disable some default analyazers
Task list
-
gitlab-org/security-products/analyzers/phpcs-security-audit!67 (merged) -
gitlab-org/security-products/dast!612 (merged) -
TODO
Final task
-
Check if there is no usage in https://sourcegraph.com/search?q=context:global+repo:%5Egitlab%5C.com/gitlab-org/security-products+DS_DEFAULT_ANALYZERS&patternType=literal
Resources
DS_DEFAULT_ANALYZERS environment variable
This is a breaking change. Review the details carefully before upgrading.
We are removing the DS_DEFAULT_ANALYZERS environment variable from Dependency Scanning on May 22, 2022 in 15.0. After this removal, this variable’s value will be ignored. To configure which analyzers to run with the default configuration, you should use the DS_EXCLUDED_ANALYZERS variable instead.
from https://docs.gitlab.com/ee/update/removals.html#ds_default_analyzers-environment-variable
Test
SET should look into writing a tool to iterate over all projects and all branches, and try and find where we use DS_DEFAULT_ANALYZERS