Draft: Add Advanced Vulnerability Tracking
What does this MR do?
This MR adds the tracking calculator so that vulnerable code can more easily be tracked as code changes.
What are the relevant issue numbers?
gitlab-org/gitlab#373921 (closed)
Does this MR meet the acceptance criteria?
-
Changelog entry added -
Documentation created/updated for GitLab EE, if necessary -
Documentation created/updated for this project, if necessary -
Documentation reviewed by technical writer or follow-up review issue created -
Tests updated/added for this feature/bug -
Job definition updated, if necessary -
Conforms to the code review guidelines -
Conforms to the Go guidelines -
Security reports checked/validated by reviewer
Merge request reports
Activity
changed milestone to %16.3
added Category:SAST devopssecure groupstatic analysis labels
assigned to @craigmsmith
added sectionsec label
added featureaddition typefeature labels
mentioned in issue gitlab-org/gitlab#373921 (closed)
4 Warnings This merge request is definitely too big (2473 lines changed), please split it into multiple merge requests. 9473c6e9: The commit subject must contain at least 3 words. For more information, take a look at our Commit message guidelines. 3d6e7b39: Commits that change 30 or more lines across at least 3 files should describe these changes in the commit body. For more information, take a look at our Commit message guidelines. eb302402: The commit subject must contain at least 3 words. For more information, take a look at our Commit message guidelines. Reviewer roulette
Changes that require review have been detected! A merge request is normally reviewed by both a reviewer and a maintainer in its primary category and by a maintainer in all other categories.
To spread load more evenly across eligible reviewers, Danger has picked a candidate for each review slot. Feel free to override these selections if you think someone else would be better-suited or use the GitLab Review Workload Dashboard to find other available reviewers.
To read more on how to use the reviewer roulette, please take a look at the Engineering workflow and code review guidelines. Please consider assigning a reviewer or maintainer who is a domain expert in the area of the merge request.
Once you've decided who will review this merge request, mention them as you normally would! Danger does not automatically notify them for you.
Reviewer Maintainer Vishwa Bhat (
@vbhat161
) (UTC+5.5, 4.5 hours behind@craigmsmith
)James Liu (
@jamesliu-gitlab
) (UTC+10, same timezone as@craigmsmith
)If needed, you can retry the
danger-review
job that generated this comment.Generated by
Dangermentioned in issue gitlab-org/gitlab#421147
mentioned in merge request !83 (merged)