Remove Dependency Scanning (!33) · Merge requests · GitLab.org / security-products / Tests / ruby-bundler-rails

Fabien Catteau requested to merge remove-ds into master Jan 04, 2021

Remove Dependency Scanning and DS QA from CI configuration because:

this test project is supported by 3 analyzers (gemnasium, bundler-audit, and retire.js); moving the expected reports to the analyzer projects and maintaining them is quite expensive
it's totally redundant with ruby-bundler and js-yarn; there's nothing special about scanning a Rails project

This test projects is only relevant in the context of SAST, because Brakeman only supports Rails projects; Bundler projects that aren't Rails projects are skipped.

Edited Jan 04, 2021 by Fabien Catteau

Remove Dependency Scanning

Merge request reports