Emit deprecation notice and remove functionality for API scans in DAST engine
Overview
In 16.0 we will be dropping support for running API scans using the DAST engine. Instead we are moving users to the API Security engine available through the DAST-API.gitlab-ci.yml file, which is much more powerful.
To ensure a smooth transition, we should emit a deprecation notice when the DAST engine is called in API mode.
"Use of the DAST.gitlab-ci.yml or DAST-latest.gitlab-ci.yml for API scans is deprecated and will no longer work in GitLab 16.0. Please use DAST-API.gitlab-ci.yml template and refer to https://docs.gitlab.com/ee/user/application_security/dast_api/#configure-dast-api-with-an-openapi-specification, for the any configuration changes."
-
Add deprecation notice to code -
Add conditional into DAST engine so that API scans do not run, if DAST version is >=4. This way, when we bump the version, we do not need to immediately remove the code. -
@derekferguson Publish Deprecation notice
Edited by Seth Berger