summaryrefslogtreecommitdiff
path: root/doc/user/application_security
Commit message (Collapse)AuthorAgeFilesLines
* Refine topics for Phase 2 of SSoT auditEvan Read2019-07-257-13/+121
| | | | | Includes admin_area and application_security topics.
* Update docs to reflect new Security tabs12250-mvc-security-navigation-section-docsDave Pisek2019-07-245-3/+3
| | | | | | | | | | | This commit includes changes to update the documentation so it reflects the new navigation structure introduced by the additional tab "Security & Compliance" to the project-views sidebar and "Security" to the group-views sidebar. * Screenshot * Paths to the Dependency List * Paths to the group-level security dashboard
* Add PIP_DEPENDENCY_PATH to dependency scanning templatemo khan2019-07-231-0/+1
|
* Document all the available options for SASTAchilleas Pipinellis2019-07-222-0/+195
| | | | | | | Port all info from: - security-products/sast/blob/master/docs/README.md - security-products/sast/blob/master/docs/analyzers.md
* Merge branch 'docs/dast-analyzers' into 'master'Evan Read2019-07-191-0/+22
|\ | | | | | | | | | | | | Document all the available DAST variables Closes gitlab-ee#10122 See merge request gitlab-org/gitlab-ce!30801
| * Document all the available DAST variablesdocs/dast-analyzersAchilleas Pipinellis2019-07-161-0/+22
| |
* | Update numbered lists for docs standardsMarcel Amirault2019-07-192-5/+5
| | | | | | | | | | Ensure that all numbered lists use only 1. and no other numbers. Also ensure that numbered lists use proper spacing.
* | Propagate PIP index URLFabien Catteau2019-07-171-0/+2
|/ | | | | | | | Propagate PIP_INDEX_URL, PIP_EXTRA_INDEX_URL to the dependency-scanning Docker image to support Python projects depending on custom Pypi registries. These variables will be consumed by the gemnasium-python analyzer.
* Update dependency scanning to add new variableCan Eldem2019-07-151-0/+1
|
* Remove extra blank lines from docsMarcel Amirault2019-07-151-4/+5
| | | | | | Removing extra blank lines in docs that serve no purpose, as well as some --- lines that also are not needed.
* Remove deprecated docs sections of Secure jobsdocs/secure-rm-deprecated-jobsAchilleas Pipinellis2019-07-095-523/+75
| | | | | | | | | The manual job definitions are deprecated and are not guaranteed to work as expected. We should not confuse our users with including them in the docs. This deletes all the deprecated sections and cleans up the configuration section significantly.
* Changing badges to use parentheses not bracketsMarcel Amirault2019-07-088-14/+14
| | | | | | | | | | | | | | Previously, we used brackets to denote the tier badges, but this made Kramdown, the docs site Markdown renderer, show many warnings when building the site. This is now fixed by using parentheses instead of square brackets. This was caused by [PREMIUM] looking like a link to Kramdown, which couldn't find a URL there. See: - https://gitlab.com/gitlab-com/gitlab-docs/merge_requests/484 - https://gitlab.com/gitlab-org/gitlab-ce/issues/63800
* Added experimental languages to license management docs.Zachary Knight2019-07-051-2/+9
|
* Document the security tools maintenance and vulnerabilities DB updatedocs/secure-maintenanceAchilleas Pipinellis2019-06-265-5/+48
| | | | | | | | Addresses the following questions: - How often do we update the vulnerability DB or analyzers? - Do we have to update GitLab to benefit from latest vulnerabilities definitions?
* Mention what tools are not supported in Dependency Scanningdocs/dep-scanning-not-support-listAchilleas Pipinellis2019-06-251-7/+10
|
* Document all the available options for Dependency Scanningdocs/dep-scanningAchilleas Pipinellis2019-06-242-13/+174
| | | | | | | Port all info from: - security-products/dependency-scanning/blob/master/docs/README.md - security-products/dependency-scanning/blob/master/docs/analyzers.md
* Remove Gemnasium dead link from docsAchilleas Pipinellis2019-06-211-8/+8
|
* Mention Container Scanning NFS bug and how to fix itAchilleas Pipinellis2019-06-211-0/+20
|
* Paginate license management and add license searchpaginate-license-managementFernando2019-06-204-0/+16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | First pass at license pagination * Paginate license management client side * Refactor license list into seperate component Add string filtering to license names * Add search input to query on license name Add add license button * Refactor add license button to be a slot Clean up styles and button state logic * Clean up alignment * Disable button when dorpdown is open Remove client side alphabetical sorting * Let the databse return order by date Refactor list to use row slot Further abstract pagination list compnent Finish refactor of paginated list * Refactor component into generic paginated list component * Add additional style tweaks + responsive classes Run prettier Update license_management_spec Run Prettier Add unit tests for paginated list component * Refactor template to be valid html (li in ul) * Add jest unit tests Add additional unit tests * Add unit tests around pagination and search states Add unit tests for filter props Pretty print, lint, and add changelog Update po files Regernate pot file Backport EE changes * Update paginated list component * Update specs and snapshot Add POT file Update default copy for pagianted list * update copy for empty and empty search result states Update pot file Backport changes from EE merge request * Paginaed list component and specs Backport EE changes Update paginated list snapshot Update license management docs and images Backport paginated-list component from EE Link to gitlab-ui artifacts job Match gitlab ui build to EE Update pot file Backport Paginated list changes Set gitlab-ui to temp artifact Add changelog
* Fix typos, grammar and wording for SAST and DS report JSON docsVictor Zagorodny2019-06-182-8/+7
|
* Say that the dependency list is from GemnasiumFabien Catteau2019-06-161-1/+1
| | | | | Make it explicit that the dependency list is generated from Gemnasium.
* Document CI variable LM_PYTHON_VERSIONFabien Catteau2019-06-141-0/+17
| | | | Show how one can switch to Python 3.5.
* Add which tools is used by License Management projectCan Eldem2019-06-141-8/+8
|
* referring environment variablesCan Eldem2019-06-141-0/+3
|
* Merge branch 'pprokic-master-patch-44643' into 'master'Trevor Knudsen2019-06-134-5/+4
|\ | | | | | | | | Update application-security index.md's (SAST,DAST,LM and DS) See merge request gitlab-org/gitlab-ce!29547
| * Update application-security index.md's (SAST,DAST,LM and DS)pprokic-master-patch-44643Petar Prokic2019-06-124-5/+4
| |
* | [CE backport] Document SAST and Dependency Scanning report JSON formatVictor Zagorodny2019-06-122-1/+266
|/
* Remove unnecessary notes from AutoDevOps documentationMike Lewis2019-06-111-1/+1
|
* Add dependency list documentationTetiana Chupryna2019-06-071-0/+11
|
* Adds documentation for vulnerability dismissal reasonsSam Beckham2019-06-063-0/+10
|
* Add note on weekly updates of dast Docker imageVictor Zagorodny2019-06-061-0/+2
|
* Update project security dashboard documentationPaul Gascou-Vaillancourt2019-06-061-0/+0
|
* Explain how to contribute new vulnerabilitiesFabien Catteau2019-06-051-0/+6
| | | | | | | Add a link to the gemnasium-db and explain how to search for a vulnerability or contribute a new one. See https://gitlab.com/gitlab-org/gitlab-ee/issues/11169
* Docs: Convert remaining links in /user to relativeMarcel Amirault2019-05-311-2/+2
|
* Adds the CE port for the confidence filterSam Beckham2019-05-291-0/+1
| | | | https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/12805/
* Merge branch 'patch-61' into 'master'12-0-auto-deploy-0010045Achilleas Pipinellis2019-05-241-1/+1
|\ | | | | | | | | sast/index.md: link to current repository for "bandit" (Python tool) See merge request gitlab-org/gitlab-ce!28451
| * sast/index.md: link to current repository for "bandit" (Python tool)Jed Brown2019-05-191-1/+1
| |
* | Make env vars consistentPhilippe Lafoucrière2019-05-211-4/+1
| | | | | | | | `DAST_TARGET_AVAILABILITY_TIMEOUT` already defaults to 60 in `analyze`
* | Update group security dashboard docs - CE backportTristan Read2019-05-201-0/+0
| |
* | Update dependency scanning docs - Clarify sort orderLucas Charles2019-05-201-1/+2
|/
* Resync the docs that were submitted to EE instead of CEAchilleas Pipinellis2019-05-161-2/+4
|
* fix a typo of sastQuantum Operations2019-05-141-1/+1
|
* Docs: Realigning scattered EE docs into CEMarcel Amirault2019-05-062-0/+3
|
* Docs: Merge EE doc/user/application_security to CEMarcel Amirault2019-05-0523-0/+1411
View Lorry Controller Status