Use dependency scanning for GitLab omnibus
We are using GitLab Dependency Scanning for gitlab-ce
and gitlab-ee
repositories, but we are currently unable to use it for omnibus-gitlab
.
This is mainly because we don't have dependencies declared in omnibus, but as part of the projects it collects to create the package.
We want to better understand the scenario, and see if we can improve our security coverage there.