Code Quality scanners should be up to date
Problem to solve
As a gitlab user with the codequality template in my pipeline, I want CodeQuality plugins/engines to be up to date that take into account new versions of the languages I program in are accounted for in the scans, so that I can trust the code quality results are real issues.
A customer brought to our attention that code climate is behind on a couple plugins. For example, it is using eslint 5.7.0 while there's 6.5.1 already released. Also, codeclimate-eslint's last commit was 7 months ago. This affects our code quality offering, as it relies on code climate. This issue is being created to assess options on this regard.
Intended users
User experience goal
The user should be able to use the code quality template in .gitlab-ci.yml or ADO without customization and get recent plugins/engines for Code Quality. What is "recent" is still TBD.
Proposal
We may consider adding additional open source scanners like fbInfer or Application Inspector to enhance the existing results we gather from the codeclimate engine and plugins.
Further details
Permissions and Security
Documentation
Availability & Testing
What does success look like, and how can we measure that?
What is the type of buyer?
This would be a GitLab Core feature as it extends the base functionality of the Category:Code Quality category.
Is this a cross-stage feature?
Links / references
ZD https://gitlab.zendesk.com/agent/tickets/134570 (internal)