Documentation: rule-pack synthesis using rules from multiple sources

434882d8 · Julian Thome · Fiona Neill · 1cb050a9 · 434882d8 · 434882d8
Commit 434882d8 authored Dec 17, 2021 by Julian Thome Committed by Fiona Neill Dec 17, 2021
Showing with 311 additions and 84 deletions

doc/user/application_security/sast/index.md doc/user/application_security/sast/index.md +304 -82

doc/user/application_security/secret_detection/index.md doc/user/application_security/secret_detection/index.md +7 -2

No files found.
--- a/doc/user/application_security/sast/index.md
+++ b/doc/user/application_security/sast/index.md
--- a/doc/user/application_security/secret_detection/index.md
+++ b/doc/user/application_security/secret_detection/index.md
@@ -185,10 +185,12 @@ Secret Detection can be customized by defining available CI/CD variables:

 ### Custom rulesets **(ULTIMATE)**

-> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/211387) in GitLab 13.5.
+> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/211387) in GitLab 13.5.
+> - [Added](https://gitlab.com/gitlab-org/gitlab/-/issues/339614) support for
+>   passthrough chains. Expanded to include additional passthrough types of `file`, `git`, and `url` in GitLab 14.6.

 You can customize the default secret detection rules provided with GitLab.
-Customization allows replace the default secret detection rules with rules that you define.
+Customization allows replacing the default secret detection rules with rules that you define.

 To create a custom ruleset:

@@ -226,6 +228,9 @@ To create a custom ruleset:
         value = "config/gitleaks.toml"
     ```

+Passthroughs can also be chained to build more complex configurations.
+For more details, see [SAST Customize ruleset section](../sast/index.md#customize-rulesets).
+
 ### Logging level

 To control the verbosity of logs set the `SECURE_LOG_LEVEL` CI/CD variable. Messages of this logging level or higher are output. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/10880) in GitLab 13.1.