Execute passthroughs selectively through ProcessPassthroughsOfTypes
What does this MR do?
Provide an API in https://gitlab.com/gitlab-org/security-products/analyzers/ruleset that checks which types of passthroughs are used in a custom configuration. This information can be used in https://gitlab.com/gitlab-org/security-products/analyzers/gitlab-advanced-sast to determine which passthroughs should be applied and which passthroughs should be ignored.
-
1️⃣ ruleset module Adding keepdefaultrules option by means of a di... (!59 - merged) • Julian Thome • 18.5 (Adding support forkeepdefaultrules) -
3️⃣ ruleset module (this MR) Execute passthroughs selectively through Proces... (!62 - merged) • Julian Thome • 18.5 (Adding support for selective passthrough application)
What are the relevant issue numbers?
- Implement passthrough filtering in the ruleset ... (gitlab-org/gitlab#569182 - closed) • Julian Thome • 18.5 • On track (main issue)
- Allow SAST custom rules to be appended to rathe... (gitlab-org/gitlab#426406 - closed) • Julian Thome • 18.5 • On track (secondary issue)
Test projects
- Semgrep Integration: Ruleset customization with default configuratio... (semgrep!630 - merged) • Julian Thome • 18.5
- Test Project: https://gitlab.com/julianthome/keepdefaultconfig
Does this MR meet the acceptance criteria?
-
Changelog entry added -
Documentation created/updated for GitLab EE, if necessary -
Documentation created/updated for this project, if necessary -
Documentation reviewed by technical writer or follow-up review issue created -
Tests updated/added for this feature/bug -
Job definition updated, if necessary -
Conforms to the code review guidelines -
Conforms to the Go guidelines -
Security reports checked/validated by reviewer
Edited by Julian Thome