SASTBot: Monthly dependency updates for 15.11
requested to merge gitlab-org/security-products/analyzers/sast-bot/semgrep-forked:sast-bot-634 into main
What does this MR do?
- upgrade
Semgrep
version [1.3.0
=>1.17.1
] - upgrade
github.com/stretchr/testify
version [v1.8.1
=>v1.8.2
] - upgrade
github.com/urfave/cli/v2
version [v2.23.7
=>v2.25.1
] - upgrade
gitlab.com/gitlab-org/security-products/analyzers/report/v3
version [v3.22.0
=>v3.22.1
] - upgrade
gitlab.com/gitlab-org/security-products/analyzers/ruleset
version [v1.4.0
=>v1.4.1
] - upgrade
golang.org/x/crypto
version [v0.5.0
=>v0.8.0
] - upgrade
golang.org/x/mod
version [v0.9.0
=>v0.10.0
]
Note: Changelog is autogenerated by SASTBot.
What are the relevant issue numbers?
Does this MR meet the acceptance criteria?
-
Changelog entry added -
Documentation created/updated for GitLab EE, if necessary -
Documentation created/updated for this project, if necessary -
Documentation reviewed by technical writer or follow-up review issue created -
Tests added for this feature/bug -
Job definition updated, if necessary -
Conforms to the code review guidelines -
Conforms to the Go guidelines -
Security reports checked/validated by reviewer