Syncronise Go version across SAST Analyzers
Problem to solve
As of SASTBot: Monthly dependency updates for 16.10 (gitlab-org/security-products/analyzers/semgrep!383 - merged) • Craig Smith • 16.10, semgrep is using Go 1.19, whereas all the other SAST analyzers are using Go 1.18
Proposal
-
Update each analyzer to use the most recent Go version provided in the go-fips image registry. https://gitlab.com/gitlab-org/gitlab-runner/container_registry/2588206
-
Update SASTBot to automatically update the Go version.
Edited by Craig Smith