Skip to content

G
gitlab-ce
Commit 60010802 authored by Nick Gaskill's avatar Nick Gaskill
Browse files
Options

Merge branch 'aturinske-master-patch-32922' into 'master' 

Update Dependency List docs to include container

See merge request gitlab-org/gitlab!76384
parents 0acbdfa9 f56640a5
Hide whitespace changes
Inline Side-by-side
Showing with 6 additions and 4 deletions
doc/user/application_security/dependency_list/index.md
View file @ 60010802
...@@ -7,7 +7,8 @@ info: To determine the technical writer assigned to the Stage/Group associated w ...@@ -7,7 +7,8 @@ info: To determine the technical writer assigned to the Stage/Group associated w
# Dependency list **(ULTIMATE)** # Dependency list **(ULTIMATE)**
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/10075) in GitLab 12.0. > - Application dependencies [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/10075) in GitLab 12.0.
> - System dependencies [introduced](https://gitlab.com/groups/gitlab-org/-/epics/6698) in GitLab 14.6.
Use the dependency list to review your project's dependencies and key Use the dependency list to review your project's dependencies and key
details about those dependencies, including their known vulnerabilities. It is a collection of dependencies in your project, including existing and new findings. details about those dependencies, including their known vulnerabilities. It is a collection of dependencies in your project, including existing and new findings.
...@@ -22,8 +23,9 @@ The dependency list only shows the results of the last successful pipeline to ru ...@@ -22,8 +23,9 @@ The dependency list only shows the results of the last successful pipeline to ru
To view your project's dependencies, ensure you meet the following requirements: To view your project's dependencies, ensure you meet the following requirements:
- The [Dependency Scanning](../dependency_scanning/index.md) CI job must be - The [Dependency Scanning](../dependency_scanning/index.md)
configured for your project. or [Container Scanning](../container_scanning/index.md)
CI job must be configured for your project.
- Your project uses at least one of the - Your project uses at least one of the
[languages and package managers](../dependency_scanning/index.md#supported-languages-and-package-managers) [languages and package managers](../dependency_scanning/index.md#supported-languages-and-package-managers)
supported by Gemnasium. supported by Gemnasium.
...@@ -38,7 +40,7 @@ GitLab displays dependencies with the following information: ...@@ -38,7 +40,7 @@ GitLab displays dependencies with the following information:
|-----------|-------------| |-----------|-------------|
| Component | The dependency's name and version. | | Component | The dependency's name and version. |
| Packager | The packager used to install the dependency. | | Packager | The packager used to install the dependency. |
| Location | A link to the packager-specific lock file in your project that declared the dependency. It also shows the [dependency path](#dependency-paths) to a top-level dependency, if any, and if supported. | | Location | For system dependencies, this lists the image that was scanned. For application dependencies, this shows a link to the packager-specific lock file in your project that declared the dependency. It also shows the [dependency path](#dependency-paths) to a top-level dependency, if any, and if supported. |
| License | Links to dependency's software licenses. | | License | Links to dependency's software licenses. |
Displayed dependencies are initially sorted by the severity of their known vulnerabilities, if any. They Displayed dependencies are initially sorted by the severity of their known vulnerabilities, if any. They
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7