Skip to content

GitLab Next

Why GitLab
Pricing
Contact Sales
Explore

Sign in
Get free trial

Explain new sast / dependency_scanning error that was introduced in 13.4

Review changes
Download
Patches
Plain diff

Ben Prescott_ requested to merge docs-bprescott-20201110-sastds into master Nov 10, 2020

Overview 29
Commits 4
Pipelines 12
Changes 3

What does this MR do?

Explains the error [sast|dependency_scanning] is used for configuration only, and its script should not be executed

Customer raised a ticket for it, as they were adding rules to sast in 12.x and when they upgraded to 13.5 their CI started generating this error.

Related issues

Author's checklist (required)

Follow the Documentation Guidelines and Style Guide.
If you have Developer permissions or higher:
- Ensure that the product tier badge is added to doc's h1.
- Apply the documentation label, plus:
  - The corresponding DevOps stage and group labels, if applicable.
  - development guidelines when changing docs under doc/development/*, CONTRIBUTING.md, or README.md.
  - development guidelines and Documentation guidelines when changing docs under development/documentation/*.
  - development guidelines and Description templates (.gitlab/*) when creating/updating issue and MR description templates.
- Assign the designated Technical Writer.

Do not add the feature, frontend, backend, ~"bug", or database labels if you are only updating documentation. These labels will cause the MR to be added to code verification QA issues.

When applicable:

Update the permissions table.
Link docs to and from the higher-level index page, plus other related docs where helpful.
Add the product tier badge accordingly.
Add GitLab's version history note(s).
Add/update the feature flag section.

Review checklist

All reviewers can help ensure accuracy, clarity, completeness, and adherence to the Documentation Guidelines and Style Guide.

1. Primary Reviewer

Review by a code reviewer or other selected colleague to confirm accuracy, clarity, and completeness. This can be skipped for minor fixes without substantive content changes.

2. Technical Writer

Technical writer review. If not requested for this MR, must be scheduled post-merge. To request for this MR, assign the writer listed for the applicable DevOps stage.
- Ensure docs metadata are present and up-to-date.
- Ensure Technical Writing and documentation are added.
- Add the corresponding docs:: scoped label.
- If working on UI text, add the corresponding UI Text scoped label.
- Add twdoing when starting work on the MR.
- Add twfinished if Technical Writing team work on the MR is complete but it remains open.

For more information about labels, see Technical Writing workflows - Labels.

For suggestions that you are confident don't need to be reviewed, change them locally and push a commit directly to save others from unneeded reviews. For example:

Clear typos, like this is a typpo.
Minor issues, like single quotes instead of double quotes, Oxford commas, and periods.

For more information, see our documentation on Merging a merge request.

3. Maintainer

Review by assigned maintainer, who can always request/require the above reviews. Maintainer's review can occur before or after a technical writer review.
Ensure a release milestone is set.
If there has not been a technical writer review, create an issue for one using the Doc Review template.

Merge request reports

Assignee

Reviewers

Request review from

Time tracking