Run Security Scanners on default branch (!86791) · Merge requests · GitLab.org / GitLab

What does this MR do and why?

Describe in detail what your merge request does and why.

Follow-up of this Slack discussion, the Dependency List isn't updated/available if the latest pipeline with a security report doesn't run Dependency Scanning. This happens when we merge into master, where some analyzers are running, but not DS because of the rules:changes clause configured in this project.

This MR makes sure we run Dependency Scanning on master every time, and therefore we'll always have a dependency list.

Note that Secrets Detection runs into the same issue: If we don't run it on master when we merge, we might lose some findings if they are more merges until the next schedule.

refs #361657 (closed)

Screenshots or screen recordings

These are strongly recommended to assist reviewers and reduce the time to merge your change.

How to set up and validate locally

Numbered steps to set up and validate the change are strongly suggested.

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

I have evaluated the MR acceptance checklist for this MR.

Edited May 06, 2022 by Philippe Lafoucrière

Run Security Scanners on default branch

What does this MR do and why?

Screenshots or screen recordings

How to set up and validate locally

MR acceptance checklist

Merge request reports