diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2023-11-01 03:10:57 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2023-11-01 03:10:57 +0300 |
commit | 533fed8bd825f93b4b43bd41d41caa38cfc6ae55 (patch) | |
tree | bdc5458e4fb19126f705b0786c055d1b9c118748 /doc/user | |
parent | 24fb09b2eb3f4703b09eef3c9bbf842cd055626a (diff) |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'doc/user')
-rw-r--r-- | doc/user/application_security/continuous_vulnerability_scanning/index.md | 5 | ||||
-rw-r--r-- | doc/user/application_security/terminology/index.md | 2 | ||||
-rw-r--r-- | doc/user/compliance/license_scanning_of_cyclonedx_files/index.md | 9 | ||||
-rw-r--r-- | doc/user/discussions/img/add_internal_note_v15_0.png | bin | 18963 -> 0 bytes | |||
-rw-r--r-- | doc/user/discussions/img/add_internal_note_v16_6.png | bin | 0 -> 8531 bytes | |||
-rw-r--r-- | doc/user/discussions/img/create_thread_v16_6.png | bin | 0 -> 14366 bytes | |||
-rw-r--r-- | doc/user/discussions/img/discussion_comment.png | bin | 18323 -> 0 bytes | |||
-rw-r--r-- | doc/user/discussions/img/quickly_assign_commenter_v13_1.png | bin | 43849 -> 0 bytes | |||
-rw-r--r-- | doc/user/discussions/img/quickly_assign_commenter_v16_6.png | bin | 0 -> 11074 bytes | |||
-rw-r--r-- | doc/user/discussions/index.md | 8 | ||||
-rw-r--r-- | doc/user/project/deploy_tokens/index.md | 6 |
11 files changed, 13 insertions, 17 deletions
diff --git a/doc/user/application_security/continuous_vulnerability_scanning/index.md b/doc/user/application_security/continuous_vulnerability_scanning/index.md index 4094a0add28..e31fc5f7eb0 100644 --- a/doc/user/application_security/continuous_vulnerability_scanning/index.md +++ b/doc/user/application_security/continuous_vulnerability_scanning/index.md @@ -29,10 +29,9 @@ To enable Continuous Vulnerability Scanning: - Enable the Continuous Vulnerability Scanning setting in the project's [security configuration](../configuration/index.md). - Enable [Dependency Scanning](../dependency_scanning/index.md#configuration) and ensure that its prerequisites are met. +- On GitLab self-managed only, you can [choose package registry metadata to synchronize](../../../administration/settings/security_and_compliance.md#choose-package-registry-metadata-to-sync) in the Admin Area for the GitLab instance. For this data synchronization to work, you must allow outbound network traffic from your GitLab instance to the domain `storage.googleapis.com`. If you have limited or no network connectivity then please refer to the documentation section [running in an offline environment](#running-in-an-offline-environment) for further guidance. -On GitLab self-managed only, you can [choose package registry metadata to sync](../../../administration/settings/security_and_compliance.md#choose-package-registry-metadata-to-sync) in the Admin Area for the GitLab instance. - -### Requirements for offline environments +### Running in an offline environment For self-managed GitLab instances in an environment with limited, restricted, or intermittent access to external resources through the internet, some adjustments are required to successfully scan CycloneDX reports for vulnerabilities. diff --git a/doc/user/application_security/terminology/index.md b/doc/user/application_security/terminology/index.md index 0f0a61a2b02..f09672685de 100644 --- a/doc/user/application_security/terminology/index.md +++ b/doc/user/application_security/terminology/index.md @@ -259,7 +259,7 @@ A finding's primary identifier is a value that is unique to each finding. The ex of the finding's [first identifier](https://gitlab.com/gitlab-org/security-products/security-report-schemas/-/blob/v2.4.0-rc1/dist/sast-report-format.json#L228) combine to create the value. -Examples of primary identifiers include `PluginID` for OWASP Zed Attack Proxy (ZAP), or `CVE` for +Examples of primary identifiers include `PluginID` for Zed Attack Proxy (ZAP), or `CVE` for Trivy. The identifier must be stable. Subsequent scans must return the same value for the same finding, even if the location has slightly changed. diff --git a/doc/user/compliance/license_scanning_of_cyclonedx_files/index.md b/doc/user/compliance/license_scanning_of_cyclonedx_files/index.md index 81f7cc61782..5d7a689e610 100644 --- a/doc/user/compliance/license_scanning_of_cyclonedx_files/index.md +++ b/doc/user/compliance/license_scanning_of_cyclonedx_files/index.md @@ -22,16 +22,11 @@ Licenses not in the SPDX list are reported as "Unknown". License information can ## Configuration -Prerequisites: +To enable License scanning of CycloneDX files: -- On GitLab self-managed only, enable [Synchronization with the GitLab License Database](../../../administration/settings/security_and_compliance.md#choose-package-registry-metadata-to-sync) in the Admin Area for the GitLab instance. On GitLab SaaS this step has already been completed. - Enable [Dependency Scanning](../../application_security/dependency_scanning/index.md#enabling-the-analyzer) and ensure that its prerequisites are met. - -From the `.gitlab-ci.yml` file, remove the deprecated line `Jobs/License-Scanning.gitlab-ci.yml`, if -it's present. - -On GitLab self-managed only, you can [choose package registry metadata to sync](../../../administration/settings/security_and_compliance.md#choose-package-registry-metadata-to-sync) in the Admin Area for the GitLab instance. +- On GitLab self-managed only, you can [choose package registry metadata to synchronize](../../../administration/settings/security_and_compliance.md#choose-package-registry-metadata-to-sync) in the Admin Area for the GitLab instance. For this data synchronization to work, you must allow outbound network traffic from your GitLab instance to the domain `storage.googleapis.com`. If you have limited or no network connectivity then please refer to the documentation section [running in an offline environment](#running-in-an-offline-environment) for further guidance. ## Supported languages and package managers diff --git a/doc/user/discussions/img/add_internal_note_v15_0.png b/doc/user/discussions/img/add_internal_note_v15_0.png Binary files differdeleted file mode 100644 index cf052edd5e7..00000000000 --- a/doc/user/discussions/img/add_internal_note_v15_0.png +++ /dev/null diff --git a/doc/user/discussions/img/add_internal_note_v16_6.png b/doc/user/discussions/img/add_internal_note_v16_6.png Binary files differnew file mode 100644 index 00000000000..0d6b4c05160 --- /dev/null +++ b/doc/user/discussions/img/add_internal_note_v16_6.png diff --git a/doc/user/discussions/img/create_thread_v16_6.png b/doc/user/discussions/img/create_thread_v16_6.png Binary files differnew file mode 100644 index 00000000000..3e0abb3d589 --- /dev/null +++ b/doc/user/discussions/img/create_thread_v16_6.png diff --git a/doc/user/discussions/img/discussion_comment.png b/doc/user/discussions/img/discussion_comment.png Binary files differdeleted file mode 100644 index 3fec5962363..00000000000 --- a/doc/user/discussions/img/discussion_comment.png +++ /dev/null diff --git a/doc/user/discussions/img/quickly_assign_commenter_v13_1.png b/doc/user/discussions/img/quickly_assign_commenter_v13_1.png Binary files differdeleted file mode 100644 index aa8f65ef6c4..00000000000 --- a/doc/user/discussions/img/quickly_assign_commenter_v13_1.png +++ /dev/null diff --git a/doc/user/discussions/img/quickly_assign_commenter_v16_6.png b/doc/user/discussions/img/quickly_assign_commenter_v16_6.png Binary files differnew file mode 100644 index 00000000000..7d6e54fdfa2 --- /dev/null +++ b/doc/user/discussions/img/quickly_assign_commenter_v16_6.png diff --git a/doc/user/discussions/index.md b/doc/user/discussions/index.md index ae74b534e02..50f2eca8d05 100644 --- a/doc/user/discussions/index.md +++ b/doc/user/discussions/index.md @@ -192,7 +192,7 @@ To add an internal note: 1. Below the comment, select the **Make this an internal note** checkbox. 1. Select **Add internal note**. -![Internal notes](img/add_internal_note_v15_0.png) +![Internal notes](img/add_internal_note_v16_6.png) You can also mark an [issue as confidential](../project/issues/confidential_issues.md). @@ -233,7 +233,7 @@ You can assign an issue to a user who made a comment. 1. In the comment, select the **More Actions** (**{ellipsis_v}**) menu. 1. Select **Assign to commenting user**: - ![Assign to commenting user](img/quickly_assign_commenter_v13_1.png) + ![Assign to commenting user](img/quickly_assign_commenter_v16_6.png) 1. To unassign the commenter, select the button again. ## Create a thread by replying to a standard comment @@ -272,9 +272,9 @@ To create a thread: 1. From the list, select **Start thread**. 1. Select **Start thread** again. -A threaded comment is created. +![Create a thread](img/create_thread_v16_6.png) -![Thread comment](img/discussion_comment.png) +A threaded comment is created. ## Resolve a thread diff --git a/doc/user/project/deploy_tokens/index.md b/doc/user/project/deploy_tokens/index.md index 8b7e185508b..351762228fb 100644 --- a/doc/user/project/deploy_tokens/index.md +++ b/doc/user/project/deploy_tokens/index.md @@ -88,7 +88,8 @@ Create a deploy token to automate deployment tasks that can run independently of Prerequisites: -- You must have at least the Maintainer role for the project or group. +- To create a group deploy token, you must have the Owner role for the group. +- To create a project deploy token, you must have at least the Maintainer role for the project. 1. On the left sidebar, select **Search or go to** and find your project or group. 1. Select **Settings > Repository**. @@ -106,7 +107,8 @@ Revoke a token when it's no longer required. Prerequisites: -- You must have at least the Maintainer role for the project or group. +- To revoke a group deploy token, you must have the Owner role for the group. +- To revoke a project deploy token, you must have at least the Maintainer role for the project. To revoke a deploy token: |