Deprecation: Update SCS image to v2, add IaC Scanning

We're already changing from SCS v2 to v3 in 15.0, so we don't need to skip to v4 as well. IaC was missed in the first commit.

Deprecation: Update SCS image to v2, add IaC Scanning
We're already changing from SCS v2 to v3 in 15.0, so we don't need to skip to v4 as well. IaC was missed in the first commit.
4aeab92b · Connor Gilbert · c29c5e4a · 4aeab92b · 4aeab92b
Commit 4aeab92b authored Feb 17, 2022 by Connor Gilbert
Showing with 10 additions and 8 deletions

data/deprecations/14-8-secure-and-protect-analyzer-bump.yml data/deprecations/14-8-secure-and-protect-analyzer-bump.yml +5 -4

doc/update/deprecations.md doc/update/deprecations.md +5 -4

No files found.
--- a/data/deprecations/data/deprecations/14-9-secure-and-protect-analyzer-bump.yml.yml
+++ b/data/deprecations/data/deprecations/14-9-secure-and-protect-analyzer-bump.yml.yml
 - name: "Secure and Protect analyzer major version update"  # The name of the feature to be deprecated
  announcement_milestone: "14.8"  # The milestone when this feature was first announced as deprecated.
  announcement_date: "2022-02-22"  # The date of the milestone release when this feature was first announced as deprecated. This should almost always be the 22nd of a month (YYYY-MM-22), unless you did an out of band blog post.
-  removal_milestone: "15.00"  # The milestone when this feature is planned to be removed
-  removal_date:  # The date of the milestone release when this feature is planned to be removed. This should almost always be the 22nd of a month (YYYY-MM-22), unless you did an out of band blog post.
+  removal_milestone: "15.0"  # The milestone when this feature is planned to be removed
+  removal_date: "2022-05-22" # The date of the milestone release when this feature is planned to be removed. This should almost always be the 22nd of a month (YYYY-MM-22), unless you did an out of band blog post.
  breaking_change: true  # If this deprecation is a breaking change, set this value to true
  reporter: NicoleSchwartz  # GitLab username of the person reporting the deprecation
  body: |  # Do not modify this line, instead modify the lines below.
@@ -20,9 +20,10 @@
    - Coverage-guided fuzz testing: version 2
    - Dependency Scanning: version 2
    - Dynamic Application Security Testing (DAST): version 2
+    - Infrastructure as Code (IaC) Scanning: version 1
    - License Scanning: version 3
    - Secret Detection: version 3
-    - Static Application Security Testing (SAST): version 2, except security-code-scan which is version 3
+    - Static Application Security Testing (SAST): version 2 of [all analyzers](https://docs.gitlab.com/ee/user/application_security/sast/#supported-languages-and-frameworks), except `gosec` which is currently at version 3
      - `bandit`: version 2
      - `brakeman`: version 2
      - `eslint`: version 2
@@ -33,7 +34,7 @@
      - `nodejs-scan`: version 2
      - `phpcs-security-audit`: version 2
      - `pmd-apex`: version 2
-      - `security-code-scan`: version 3
+      - `security-code-scan`: version 2
      - `semgrep`: version 2
      - `sobelow`: version 2
      - `spotbugs`: version 2

--- a/doc/update/deprecations.md
+++ b/doc/update/deprecations.md
@@ -1292,7 +1292,7 @@ See the [deprecation issue](https://gitlab.com/gitlab-org/gitlab/-/issues/352564
 ### Secure and Protect analyzer major version update

 WARNING:
-This feature will be changed or removed in 15.00
+This feature will be changed or removed in 15.0
 as a [breaking change](https://docs.gitlab.com/ee/development/contributing/#breaking-changes).
 Before updating GitLab, review the details carefully to determine if you need to make any
 changes to your code, settings, or workflow.
@@ -1311,9 +1311,10 @@ Specifically, the following are being deprecated and will no longer be updated a
 - Coverage-guided fuzz testing: version 2
 - Dependency Scanning: version 2
 - Dynamic Application Security Testing (DAST): version 2
+- Infrastructure as Code (IaC) Scanning: version 1
 - License Scanning: version 3
 - Secret Detection: version 3
- Static Application Security Testing (SAST): version 2, except security-code-scan which is version 3
+- Static Application Security Testing (SAST): version 2 of [all analyzers](https://docs.gitlab.com/ee/user/application_security/sast/#supported-languages-and-frameworks), except `gosec` which is currently at version 3
  - `bandit`: version 2
  - `brakeman`: version 2
  - `eslint`: version 2
@@ -1324,12 +1325,12 @@ Specifically, the following are being deprecated and will no longer be updated a
  - `nodejs-scan`: version 2
  - `phpcs-security-audit`: version 2
  - `pmd-apex`: version 2
-  - `security-code-scan`: version 3
+  - `security-code-scan`: version 2
  - `semgrep`: version 2
  - `sobelow`: version 2
  - `spotbugs`: version 2

-**Planned removal milestone: 15.00 ()**
+**Planned removal milestone: 15.0 (2022-05-22)**

 ### Support for gRPC-aware proxy deployed between Gitaly and rest of GitLab