Remove nodejs-scan scanning gitlab-org/gitlab (!71946) · Merge requests · GitLab.org / GitLab

Joern Schneeweisz requested to merge js/remove-nodejs-scan into master Oct 07, 2021

What does this MR do and why?

Describe in detail what your merge request does and why.

This removes nodejs-scan from our configured SAST scanners we use to scan gitlab-org/gitlab. The change is made due to we're not dealing with nodejs code in our codebase. Having the scanner enabled results in false positives like https://gitlab.com/gitlab-org/gitlab/-/security/vulnerabilities/18889549

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

I have evaluated the MR acceptance checklist for this MR.

Remove nodejs-scan scanning gitlab-org/gitlab

What does this MR do and why?

MR acceptance checklist

Merge request reports