diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2022-03-18 23:02:30 +0300 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2022-03-18 23:02:30 +0300 |
| commit | 41fe97390ceddf945f3d967b8fdb3de4c66b7dea (patch) | |
| tree | 9c8d89a8624828992f06d892cd2f43818ff5dcc8 /doc/user/application_security/index.md | |
| parent | 0804d2dc31052fb45a1efecedc8e06ce9bc32862 (diff) | |
Add latest changes from gitlab-org/gitlab@14-9-stable-eev14.9.0-rc42
Diffstat (limited to 'doc/user/application_security/index.md')
| -rw-r--r-- | doc/user/application_security/index.md | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/doc/user/application_security/index.md b/doc/user/application_security/index.md index 6a0b81335fd..ff548f1d29f 100644 --- a/doc/user/application_security/index.md +++ b/doc/user/application_security/index.md @@ -110,11 +110,9 @@ For more details about each of the security scanning tools, see their respective ### Override the default registry base address -By default, GitLab security scanners use `registry.gitlab.com/gitlab-org/security-products/analyzers` as the +By default, GitLab security scanners use `registry.gitlab.com/security-products` as the base address for Docker images. You can override this globally by setting the CI/CD variable -`SECURE_ANALYZERS_PREFIX` to another location. Note that this affects all scanners at once, except -the container-scanning analyzer which uses -`registry.gitlab.com/security-products/container-scanning` as its registry. +`SECURE_ANALYZERS_PREFIX` to another location. Note that this affects all scanners at once. ### Use security scanning tools with merge request pipelines @@ -221,7 +219,7 @@ security issues: WARNING: This feature is in its end-of-life process. It is [deprecated](../../update/deprecations.md#vulnerability-check) for use in GitLab 14.8, and is planned for removal in GitLab 15.0. Users should migrate to the new -[Security Approval Policies](policies/#scan-result-policy-editor). +[Security Approval Policies](policies/scan-result-policies.md). To prevent a merge request introducing a security vulnerability in a project, enable the Vulnerability-Check rule. While this rule is enabled, additional merge request approval by @@ -397,6 +395,8 @@ any report artifacts that failed validation. ### Enable security report validation +> [Deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/354928) in GitLab 14.9, and planned for removal in GitLab 15.0. + To enable report artifacts validation, set the `VALIDATE_SCHEMA` environment variable to `"true"` for the desired jobs in the `.gitlab-ci.yml` file. |