diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2023-07-10 18:08:17 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2023-07-10 18:08:17 +0300 |
commit | 69e6424b738ea9ac3c6eed0263fe5a6951df7195 (patch) | |
tree | 64f4c186ee1e5587d642eaaf1c6a064e841946ba /doc/tutorials/dependency_scanning.md | |
parent | 215001eca7ababe4c617a04a37d307a97353d6e0 (diff) |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'doc/tutorials/dependency_scanning.md')
-rw-r--r-- | doc/tutorials/dependency_scanning.md | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/doc/tutorials/dependency_scanning.md b/doc/tutorials/dependency_scanning.md index 51424c3319e..90bc2ec96a2 100644 --- a/doc/tutorials/dependency_scanning.md +++ b/doc/tutorials/dependency_scanning.md @@ -104,7 +104,7 @@ scanned for vulnerabilities. Use the content shown in the [Yarn lockfile](#yarn-lock-file-content) section. -1. Go to **CI/CD > Pipelines** and confirm that the latest pipeline completed successfully. +1. Go to **Build > Pipelines** and confirm that the latest pipeline completed successfully. In the pipeline, dependency scanning runs and the vulnerabilities are detected automatically. @@ -116,7 +116,7 @@ medium severity vulnerabilities and confirm only the high severity vulnerability To triage the vulnerabilities: -1. Go to **Security and Compliance > Vulnerability report**. +1. Go to **Secure > Vulnerability report**. 1. Select each of the medium severity vulnerabilities by selecting the checkbox in each row. 1. From the **Set status** dropdown list select **Dismiss**. From the **Dismissal reason** dropdown list select **Used in tests**, add the comment "Used in tests", then select **Change status**. @@ -161,12 +161,12 @@ To fix the vulnerability: ``` 1. Switch to the GitLab browser tab. -1. Go to **Merge requests**, then select **Create merge request**. +1. Go to **Code > Merge requests**, then select **Create merge request**. 1. On the **New merge request** page, scroll to the bottom and select **Create merge request**. Wait for the merge request pipeline to complete. 1. Refresh the page, then select **Merge**. 1. Wait for the pipeline to complete successfully. -1. Go to **Security and Compliance > Vulnerability report**. +1. Go to **Secure > Vulnerability report**. 1. Select the **High** vulnerability's description. A banner confirms that the vulnerability has been resolved in the `main` branch. You would @@ -174,7 +174,7 @@ To fix the vulnerability: `yarn.lock` file. For this tutorial, you can skip the verification step. 1. In the **Status** dropdown list, select **Resolve**, then select **Change status**. -1. Go to **Security and Compliance > Vulnerability report**. +1. Go to **Secure > Vulnerability report**. You should now see _no_ vulnerabilities listed in the vulnerability report. @@ -224,7 +224,7 @@ To add a new vulnerability: ``` 1. Switch to the GitLab browser tab. -1. Go to **Merge requests**, then select **Create merge request**. +1. Go to **Code > Merge requests**, then select **Create merge request**. 1. On the **New merge request** page, scroll to the bottom and select **Create merge request**. Wait for the merge request pipeline to complete, then refresh the page. The merge |