Replace custom scripting with product-supported custom ruleset (!92598) · Merge requests · GitLab.org / GitLab

Dominic Couture requested to merge dcouture-sast-custom-ruleset into master Jul 16, 2022

What does this MR do and why?

It removes custom scripting and replaces it with usage of the product-supported custom ruleset. We'll follow that up with Security Approvals to have something similar to the custom automation.

Screenshots or screen recordings

N/A

How to set up and validate locally

It's a pipelines modification - We can see in https://gitlab.com/gitlab-org/gitlab/-/jobs/2736500617 that the custom ruleset was used. There's a warning but it's related to the contents of a file and not the ruleset itself.

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

I have evaluated the MR acceptance checklist for this MR.

Edited Jul 18, 2022 by Dominic Couture

Replace custom scripting with product-supported custom ruleset

What does this MR do and why?

Screenshots or screen recordings

How to set up and validate locally

MR acceptance checklist

Merge request reports