Commit d472e717 authored by Fabien Catteau's avatar Fabien Catteau Committed by Achilleas Pipinellis

Say that DS scans transitive dependencies

Say that GitLab Dependency Scanning scans transitive
dependencies, also known as nested dependencies.
parent 236fb31b
...@@ -14,6 +14,7 @@ application is using an external (open source) library which is known to be vuln ...@@ -14,6 +14,7 @@ application is using an external (open source) library which is known to be vuln
If you are using [GitLab CI/CD](../../../ci/README.md), you can analyze your dependencies for known If you are using [GitLab CI/CD](../../../ci/README.md), you can analyze your dependencies for known
vulnerabilities using Dependency Scanning. vulnerabilities using Dependency Scanning.
All dependencies are scanned, including the transitive dependencies (also known as nested dependencies).
You can take advantage of Dependency Scanning by either [including the CI job](#configuration) You can take advantage of Dependency Scanning by either [including the CI job](#configuration)
in your existing `.gitlab-ci.yml` file or by implicitly using in your existing `.gitlab-ci.yml` file or by implicitly using
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment