diff options
Diffstat (limited to 'data/removals/14_0/remove_dast_legacy_domain_validation.yml')
| -rw-r--r-- | data/removals/14_0/remove_dast_legacy_domain_validation.yml | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/data/removals/14_0/remove_dast_legacy_domain_validation.yml b/data/removals/14_0/remove_dast_legacy_domain_validation.yml new file mode 100644 index 00000000000..61fb9002880 --- /dev/null +++ b/data/removals/14_0/remove_dast_legacy_domain_validation.yml @@ -0,0 +1,8 @@ +- name: "Remove legacy DAST domain validation" + removal_date: "2021-06-22" + removal_milestone: "14.0" + reporter: derekferguson + body: | + The legacy method of DAST Domain Validation for CI/CD scans was deprecated in GitLab 13.8, and is removed in GitLab 14.0. This method of domain validation only disallows scans if the `DAST_FULL_SCAN_DOMAIN_VALIDATION_REQUIRED` environment variable is set to `true` in the `gitlab-ci.yml` file, and a `Gitlab-DAST-Permission` header on the site is not set to `allow`. This two-step method required users to opt in to using the variable before they could opt out from using the header. + + For more information, see the [removal issue](https://gitlab.com/gitlab-org/gitlab/-/issues/293595). |