MobSF is not honouring SAST_EXCLUDED_ANALYZERS
Summary
MobSF is not honouring SAST_EXCLUDED_ANALYZERS as ci/cd variable
Steps to reproduce
- activate experimental features
- run the project's pipeline
- a mobsf job is triggered
- add a
SAST_EXCLUDED_ANALYZERS
CI/CD variable to your project and set it tomobsf
- run the project's pipeline
- a mobsf job is triggered
Example Project
What is the current bug behavior?
A mobsf job is triggered even when SAST_EXCLUDED_ANALYZERS
is set to mobsf
before the pipeline is run
What is the expected correct behavior?
No mobsf job should be triggered when SAST_EXCLUDED_ANALYZERS
is set to mobsf
mobsf` before the pipeline is run
Relevant logs and/or screenshots
Output of checks
This bug happens on GitLab.com
Results of GitLab environment info
Results of GitLab application Check
Possible fixes
This other issue seems related and it's possible it links to the right codebase.