SASTBot: Monthly dependency updates for 15.7
What does this MR do?
-
[MAJOR UPSTREAM VERSION BUMP] upgrade
Semgrep
version [0.121.2
=>1.1.0
] - upgrade
github.com/urfave/cli/v2
version [v2.23.5
=>v2.23.6
] - upgrade
gitlab.com/gitlab-org/security-products/analyzers/report/v3
version [v3.16.0
=>v3.17.0
] - upgrade
golang.org/x/crypto
version [v0.2.0
=>v0.4.0
] -
[GO VERSION BUMP] update
go
version tov1.18
for Non-FIPS docker image
Note: Changelog is autogenerated by SASTBot.
What are the relevant issue numbers?
Does this MR meet the acceptance criteria?
-
Changelog entry added -
Documentation created/updated for GitLab EE, if necessary -
Documentation created/updated for this project, if necessary -
Documentation reviewed by technical writer or follow-up review issue created -
Tests added for this feature/bug -
Job definition updated, if necessary -
Conforms to the code review guidelines -
Conforms to the Go guidelines -
Security reports checked/validated by reviewer
Edited by Lucas Charles