Import bandit ruleset from sast rules

Review changes
Open in Workspace
Download
Patches
Plain diff

Import bandit ruleset from sast rules

Craig Smithrequested to merge

craigmsmith-swtich-bandit-to-sast-rules into main May 18, 2023

Overview 9
Commits 1
Pipelines 0
Changes 11

What does this MR do?

Remove the local bandit ruleset
Import bandit ruleset from sast-rules

Note: Changes in the expected JSON are due to two factors:

semgrep version update that happened in !276 (merged)
Changes in the order of the vulnerability findings

What are the relevant issue numbers?

gitlab-org/gitlab#390908 (closed)

Does this MR meet the acceptance criteria?

Changelog entry added
Documentation created/updated for GitLab EE, if necessary
Documentation created/updated for this project, if necessary
Documentation reviewed by technical writer or follow-up review issue created
Tests added for this feature/bug
Job definition updated, if necessary
Conforms to the code review guidelines
Conforms to the Go guidelines
Security reports checked/validated by reviewer

Edited Jun 13, 2023 by Craig Smith

Merge request reports

Assignee Loading

Reviewers Loading

Request review from

Loading

Time tracking Loading

Loading