Enable dependency scanning
- enable conan lock files
- add a
buildjob that exports lock files as CI artifacts - enable Dependency Scanning
- add QA job for Gemnasium
Merge request reports
Activity
changed milestone to %13.4
added 1 commit
- c2dd9a7b - Use dependency scanning template for conan support
1 variables: 2 DS_ANALYZER_IMAGE_PREFIX: "registry.gitlab.com/gitlab-org/security-products/analyzers" 3 DS_DISABLE_DIND: "true" 4 1 5 stages: 2 6 - test 3 7 - qa 8 - dast 4 9 5 10 include: 6 - template: License-Scanning.gitlab-ci.yml 7 - https://gitlab.com/gitlab-org/security-products/ci-templates/raw/master/includes-dev/qa-license_scanning.yml 11 - https://gitlab.com/gitlab-org/gitlab/-/raw/add-conan-lock-file-to-gemnasium-job/lib/gitlab/ci/templates/Security/Dependency-Scanning.gitlab-ci.yml TODO: change this back to master when gitlab-org/gitlab!39811 (merged) has been merged
Yes, to be done in a separate MR.
To me we should proceed in this particular order:
- merge MR in test project (this very MR); it uses the MR of
gitlabthat changes the CI template - merge MR in analyzer project; from there we have a prove that it works in production
- merge MR in
gitlab, to update the CI template - update the test project to fetch the CI template from the
masterbranch ofgitlab
That's what I did to implement NuGet support. See implementation plan.
(I'll like to document this later this month, and link gitlab-org/security-products/analyzers/gemnasium!94 (merged) from there.)
- merge MR in test project (this very MR); it uses the MR of
mentioned in merge request gitlab-org/security-products/analyzers/gemnasium!98 (merged)
assigned to @fcatteau
mentioned in issue gitlab-org/gitlab#225218 (closed)
assigned to @adamcohen and unassigned @fcatteau
added 1 commit
- ba756ca6 - Update to gemnasium-db v1.2.116, add wolfssl
@fcatteau I've updated to
GEMNASIUM_DB_REF_NAME: "v1.2.116"and fixed the expectations, back to you.assigned to @fcatteau and unassigned @adamcohen
mentioned in commit 00f82a68
mentioned in merge request !5 (merged)
