diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2021-01-08 15:10:35 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2021-01-08 15:10:35 +0300 |
commit | 9157fbe06fde892c647403f477ce31c888cbc822 (patch) | |
tree | 81e50784fb79e9f3e467aac46c37cfcc5c7267b3 /.gitlab | |
parent | 32e1683f8b0b5b5bb24986adeb99118ceb875ea5 (diff) |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to '.gitlab')
-rw-r--r-- | .gitlab/ci/reports.gitlab-ci.yml | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/.gitlab/ci/reports.gitlab-ci.yml b/.gitlab/ci/reports.gitlab-ci.yml index 095fd4e784e..77ada89aa6a 100644 --- a/.gitlab/ci/reports.gitlab-ci.yml +++ b/.gitlab/ci/reports.gitlab-ci.yml @@ -119,7 +119,7 @@ dependency_scanning gemnasium: # git-lfs is needed for auto-remediation - apk add git-lfs after_script: - # Post-processing: This will be an after_script once this job will use the Dependency Scanning CI template + # Post-processing - apk add jq # Lower execa severity based on https://gitlab.com/gitlab-org/gitlab/-/issues/223859#note_452922390 - jq '(.vulnerabilities[] | select (.cve == "yarn.lock:execa:gemnasium:05cfa2e8-2d0c-42c1-8894-638e2f12ff3d")).severity = "Medium"' gl-dependency-scanning-report.json > temp.json && mv temp.json gl-dependency-scanning-report.json @@ -134,6 +134,11 @@ dependency_scanning retire-js: image: name: "$SECURE_ANALYZERS_PREFIX/retire.js:$DS_MAJOR_VERSION" +dependency_scanning gemnasium-python: + extends: .dependency_scanning + image: + name: "$SECURE_ANALYZERS_PREFIX/gemnasium-python:$DS_MAJOR_VERSION" + # Analyze dependencies for malicious behavior # See https://gitlab.com/gitlab-com/gl-security/security-research/package-hunter package_hunter: |