diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2022-05-11 21:07:55 +0300 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2022-05-11 21:07:55 +0300 |
| commit | 11df4bf91b8cf9ac7bb601241992e300eebf684c (patch) | |
| tree | d3c2360dbd3edec006a09ed150267dc202020a91 /lib/gitlab/ci/templates/Jobs | |
| parent | 6282dd78339f98cbc5624e7fdf744a342d3d8b73 (diff) | |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'lib/gitlab/ci/templates/Jobs')
| -rw-r--r-- | lib/gitlab/ci/templates/Jobs/Dependency-Scanning.gitlab-ci.yml | 17 |
1 files changed, 5 insertions, 12 deletions
diff --git a/lib/gitlab/ci/templates/Jobs/Dependency-Scanning.gitlab-ci.yml b/lib/gitlab/ci/templates/Jobs/Dependency-Scanning.gitlab-ci.yml index d41182ec9be..5b3baebd6fb 100644 --- a/lib/gitlab/ci/templates/Jobs/Dependency-Scanning.gitlab-ci.yml +++ b/lib/gitlab/ci/templates/Jobs/Dependency-Scanning.gitlab-ci.yml @@ -12,7 +12,6 @@ variables: # Setting this variable will affect all Security templates # (SAST, Dependency Scanning, ...) SECURE_ANALYZERS_PREFIX: "registry.gitlab.com/security-products" - DS_DEFAULT_ANALYZERS: "bundler-audit, retire.js, gemnasium, gemnasium-maven, gemnasium-python" DS_EXCLUDED_ANALYZERS: "" DS_EXCLUDED_PATHS: "spec, test, tests, tmp" DS_MAJOR_VERSION: 2 @@ -65,8 +64,7 @@ gemnasium-dependency_scanning: - if: $DS_EXCLUDED_ANALYZERS =~ /gemnasium([^-]|$)/ when: never - if: $CI_COMMIT_BRANCH && - $GITLAB_FEATURES =~ /\bdependency_scanning\b/ && - $DS_DEFAULT_ANALYZERS =~ /gemnasium([^-]|$)/ + $GITLAB_FEATURES =~ /\bdependency_scanning\b/ exists: - '{Gemfile.lock,*/Gemfile.lock,*/*/Gemfile.lock}' - '{composer.lock,*/composer.lock,*/*/composer.lock}' @@ -93,8 +91,7 @@ gemnasium-maven-dependency_scanning: - if: $DS_EXCLUDED_ANALYZERS =~ /gemnasium-maven/ when: never - if: $CI_COMMIT_BRANCH && - $GITLAB_FEATURES =~ /\bdependency_scanning\b/ && - $DS_DEFAULT_ANALYZERS =~ /gemnasium-maven/ + $GITLAB_FEATURES =~ /\bdependency_scanning\b/ exists: - '{build.gradle,*/build.gradle,*/*/build.gradle}' - '{build.gradle.kts,*/build.gradle.kts,*/*/build.gradle.kts}' @@ -116,8 +113,7 @@ gemnasium-python-dependency_scanning: - if: $DS_EXCLUDED_ANALYZERS =~ /gemnasium-python/ when: never - if: $CI_COMMIT_BRANCH && - $GITLAB_FEATURES =~ /\bdependency_scanning\b/ && - $DS_DEFAULT_ANALYZERS =~ /gemnasium-python/ + $GITLAB_FEATURES =~ /\bdependency_scanning\b/ exists: - '{requirements.txt,*/requirements.txt,*/*/requirements.txt}' - '{requirements.pip,*/requirements.pip,*/*/requirements.pip}' @@ -128,7 +124,6 @@ gemnasium-python-dependency_scanning: # See https://docs.gitlab.com/ee/user/application_security/dependency_scanning/#configuring-specific-analyzers-used-by-dependency-scanning - if: $CI_COMMIT_BRANCH && $GITLAB_FEATURES =~ /\bdependency_scanning\b/ && - $DS_DEFAULT_ANALYZERS =~ /gemnasium-python/ && $PIP_REQUIREMENTS_FILE bundler-audit-dependency_scanning: @@ -141,8 +136,7 @@ bundler-audit-dependency_scanning: - if: $DS_EXCLUDED_ANALYZERS =~ /bundler-audit/ when: never - if: $CI_COMMIT_BRANCH && - $GITLAB_FEATURES =~ /\bdependency_scanning\b/ && - $DS_DEFAULT_ANALYZERS =~ /bundler-audit/ + $GITLAB_FEATURES =~ /\bdependency_scanning\b/ exists: - '{Gemfile.lock,*/Gemfile.lock,*/*/Gemfile.lock}' @@ -156,7 +150,6 @@ retire-js-dependency_scanning: - if: $DS_EXCLUDED_ANALYZERS =~ /retire.js/ when: never - if: $CI_COMMIT_BRANCH && - $GITLAB_FEATURES =~ /\bdependency_scanning\b/ && - $DS_DEFAULT_ANALYZERS =~ /retire.js/ + $GITLAB_FEATURES =~ /\bdependency_scanning\b/ exists: - '{package.json,*/package.json,*/*/package.json}' |