Draft: SASTBot: Monthly dependency updates for 16.0
requested to merge gitlab-org/security-products/analyzers/sast-bot/semgrep-forked:sast-bot-898 into main
What does this MR do?
- upgrade
Semgrep
version [1.17.1
=>1.22.0
] - upgrade
github.com/urfave/cli/v2
version [v2.25.1
=>v2.25.3
] - upgrade
gitlab.com/gitlab-org/security-products/analyzers/ruleset/v2
version [v2.0.1
=>v2.0.2
] - upgrade
golang.org/x/crypto
version [v0.8.0
=>v0.9.0
]
CHANGELOG is generated by SASTBot.
What are the relevant issue numbers?
Does this MR meet the acceptance criteria?
-
Changelog entry added -
Documentation created/updated for GitLab EE, if necessary -
Documentation created/updated for this project, if necessary -
Documentation reviewed by technical writer or follow-up review issue created -
Tests added for this feature/bug -
Job definition updated, if necessary -
Conforms to the code review guidelines -
Conforms to the Go guidelines -
Security reports checked/validated by reviewer