Skip to content

Remove flag that enables CVS GA

Fabien Catteau requested to merge 427425-remove-global_dependency_scanning_on_advisory_ingestion into master

What does this MR do and why?

Remove the global_dependency_scanning_on_advisory_ingestion flag. As a result, Continuous Vulnerability Scanning (CVS) for Dependency Scanning always runs globally, and the opt-in behavior introduced when the feature was experimental is no longer available.

global_dependency_scanning_on_advisory_ingestion isn't documented, so the documentation doesn't need to be changed.

The DB column continuous_vulnerability_scans_enabled can be removed from the project_security_settings table, but this is going to be handled in a follow-up MR.

Screenshots or screen recordings

Screenshot_2023-12-04_at_11.56.03

Screenshot_2023-12-04_at_12.17.41

Screenshot_2023-12-04_at_12.18.23

How to set up and validate locally

  1. Go through the demo instructions.
  2. Check the security settings. There should no longer be a toggle for CVS under the DS section.
  3. Look for vulnerabilities created by CVS DS in the vulnerability report page.

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

Related to #427425 (closed)

Edited by Fabien Catteau

Merge request reports