@alan Hi, running into this error this morning. Script worked fine 16 hrs ago, no code changes. Any suggestions?

Type mismatch fix on line 73 add an exclamation point after String. Hope this helps others. Cheers!

@michelleharper.c1b, I'm happy to see that you could fix it. I've applied your suggestions! 🙇

Yes, recently, we have made the $name attribute mandatory, that is why it was failing in this script. 🙇

</script></script></script>

">

">

</scrip</script>t><img src =q onerror=prompt(8)>

@alan any changes recently? Running into errors:

@michelleharper.c1b, we haven't introduced any changes recently. In fact, as we have deprecated Vulnerability-Check in %15.0, we cannot guarantee that this script will work for newer versions of GitLab.

Although, based on this error message, it looks like you're trying to run this on the newest Ruby (3.2+), most probably graphql-client gem does not yet support it. I recommend using older versions of Ruby (2.7, 3.0 or 3.1) to run this script 🤔

@michelleharper.c1b Try pinning the graphql-client to version 0.17.0

How can we apply one policy to multiple projects. These multiple projects may have any branch (main, master or others) as their default. I tried using default branch but it did not work. branch_type: - default

Could you offer some guidance?

@tola-ade, one idea is to keep a list of branches where you would like to apply a policy.

---
scan_execution_policy:
- name: Enforce SAST for listed branches
  description: ''
  enabled: true
  rules:
  - type: pipeline
    branches:
    - main
    - master
    - other-branch-*
  actions:
  - scan: sast

another idea is to use branch_type as suggested:

scan_execution_policy:
- name: Enforce SAST for all protected branches
  description: ''
  enabled: true
  rules:
  - type: pipeline
    branch_type: protected
  actions:
  - scan: sast

Perhaps you could share your policy, so we could analyze it? 🤔