diff options
Diffstat (limited to 'data/deprecations/14-6-deprecation-secure-dependency-scanning-bundler-audit.yml')
| -rw-r--r-- | data/deprecations/14-6-deprecation-secure-dependency-scanning-bundler-audit.yml | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/data/deprecations/14-6-deprecation-secure-dependency-scanning-bundler-audit.yml b/data/deprecations/14-6-deprecation-secure-dependency-scanning-bundler-audit.yml new file mode 100644 index 00000000000..23e59da21e4 --- /dev/null +++ b/data/deprecations/14-6-deprecation-secure-dependency-scanning-bundler-audit.yml @@ -0,0 +1,16 @@ +- name: "Deprecation of bundler-audit Dependency Scanning tool" # The name of the feature to be deprecated + announcement_milestone: "14.6" # The milestone when this feature was first announced as deprecated. + announcement_date: "2021-12-22" # The date of the milestone release when this feature was first announced as deprecated. This should almost always be the 22nd of a month (YYYY-MM-22), unless you did an out of band blog post. + removal_milestone: "15.0" # The milestone when this feature is planned to be removed + body: | # Do not modify this line, instead modify the lines below. + As of 14.6 bundler-audit is being deprecated from Dependency Scanning. It will continue to be in our CI/CD template while deprecated. We are removing bundler-audit from Dependency Scanning on May 22, 2022 in 15.0. After this removal Ruby scanning functionality will not be affected as it is still being covered by Gemnasium. + + If you have explicitly excluded bundler-audit using DS_EXCLUDED_ANALYZERS you will need to clean up (remove the reference) in 15.0. If you have customized your pipeline's Dependency Scanning configuration, for example to edit the `bundler-audit-dependency_scanning` job, you will want to switch to gemnasium-dependency_scanning before removal in 15.0, to prevent your pipeline from failing. If you have not used the DS_EXCLUDED_ANALYZERS to reference bundler-audit, or customized your template specifically for bundler-audit, you will not need to take action. +# The following items are not published on the docs page, but may be used in the future. + stage: secure # (optional - may be required in the future) String value of the stage that the feature was created in. e.g., Growth + tiers: ultimate # (optional - may be required in the future) An array of tiers that the feature is available in currently. e.g., [Free, Silver, Gold, Core, Premium, Ultimate] + issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/289832 # (optional) This is a link to the deprecation issue in GitLab + documentation_url: https://docs.gitlab.com/ee/user/application_security/dependency_scanning/analyzers.html # (optional) This is a link to the current documentation page + image_url: # (optional) This is a link to a thumbnail image depicting the feature + video_url: # (optional) Use the youtube thumbnail URL with the structure of https://img.youtube.com/vi/UNIQUEID/hqdefault.jpg + removal_date: 2022-05-22 # (optional - may be required in the future) YYYY-MM-DD format. This should almost always be the 22nd of a month (YYYY-MM-22), the date of the milestone release when this feature is planned to be removed |