Merge branch 'connorgilbert/update-sast-deprecation' into 'master'

Deprecation: Update SCS image to v2, add IaC Scanning See merge request gitlab-org/gitlab!80983

Merge branch 'connorgilbert/update-sast-deprecation' into 'master'
Deprecation: Update SCS image to v2, add IaC Scanning See merge request gitlab-org/gitlab!80983
f5e786d8 · Russell Dickenson · af4201c9 · 4aeab92b · f5e786d8 · f5e786d8
Commit f5e786d8 authored Feb 18, 2022 by Russell Dickenson
Showing with 10 additions and 8 deletions

data/deprecations/14-8-secure-and-protect-analyzer-bump.yml data/deprecations/14-8-secure-and-protect-analyzer-bump.yml +5 -4

doc/update/deprecations.md doc/update/deprecations.md +5 -4

No files found.
--- a/data/deprecations/data/deprecations/14-9-secure-and-protect-analyzer-bump.yml.yml
+++ b/data/deprecations/data/deprecations/14-9-secure-and-protect-analyzer-bump.yml.yml
 - name: "Secure and Protect analyzer major version update"  # The name of the feature to be deprecated
  announcement_milestone: "14.8"  # The milestone when this feature was first announced as deprecated.
  announcement_date: "2022-02-22"  # The date of the milestone release when this feature was first announced as deprecated. This should almost always be the 22nd of a month (YYYY-MM-22), unless you did an out of band blog post.
-  removal_milestone: "15.00"  # The milestone when this feature is planned to be removed
-  removal_date:  # The date of the milestone release when this feature is planned to be removed. This should almost always be the 22nd of a month (YYYY-MM-22), unless you did an out of band blog post.
+  removal_milestone: "15.0"  # The milestone when this feature is planned to be removed
+  removal_date: "2022-05-22" # The date of the milestone release when this feature is planned to be removed. This should almost always be the 22nd of a month (YYYY-MM-22), unless you did an out of band blog post.
  breaking_change: true  # If this deprecation is a breaking change, set this value to true
  reporter: NicoleSchwartz  # GitLab username of the person reporting the deprecation
  body: |  # Do not modify this line, instead modify the lines below.
@@ -20,9 +20,10 @@
    - Coverage-guided fuzz testing: version 2
    - Dependency Scanning: version 2
    - Dynamic Application Security Testing (DAST): version 2
+    - Infrastructure as Code (IaC) Scanning: version 1
    - License Scanning: version 3
    - Secret Detection: version 3
-    - Static Application Security Testing (SAST): version 2, except security-code-scan which is version 3
+    - Static Application Security Testing (SAST): version 2 of [all analyzers](https://docs.gitlab.com/ee/user/application_security/sast/#supported-languages-and-frameworks), except `gosec` which is currently at version 3
      - `bandit`: version 2
      - `brakeman`: version 2
      - `eslint`: version 2
@@ -33,7 +34,7 @@
      - `nodejs-scan`: version 2
      - `phpcs-security-audit`: version 2
      - `pmd-apex`: version 2
-      - `security-code-scan`: version 3
+      - `security-code-scan`: version 2
      - `semgrep`: version 2
      - `sobelow`: version 2
      - `spotbugs`: version 2

--- a/doc/update/deprecations.md
+++ b/doc/update/deprecations.md
@@ -1292,7 +1292,7 @@ See the [deprecation issue](https://gitlab.com/gitlab-org/gitlab/-/issues/352564
 ### Secure and Protect analyzer major version update

 WARNING:
-This feature will be changed or removed in 15.00
+This feature will be changed or removed in 15.0
 as a [breaking change](https://docs.gitlab.com/ee/development/contributing/#breaking-changes).
 Before updating GitLab, review the details carefully to determine if you need to make any
 changes to your code, settings, or workflow.
@@ -1311,9 +1311,10 @@ Specifically, the following are being deprecated and will no longer be updated a
 - Coverage-guided fuzz testing: version 2
 - Dependency Scanning: version 2
 - Dynamic Application Security Testing (DAST): version 2
+- Infrastructure as Code (IaC) Scanning: version 1
 - License Scanning: version 3
 - Secret Detection: version 3
- Static Application Security Testing (SAST): version 2, except security-code-scan which is version 3
+- Static Application Security Testing (SAST): version 2 of [all analyzers](https://docs.gitlab.com/ee/user/application_security/sast/#supported-languages-and-frameworks), except `gosec` which is currently at version 3
  - `bandit`: version 2
  - `brakeman`: version 2
  - `eslint`: version 2
@@ -1324,12 +1325,12 @@ Specifically, the following are being deprecated and will no longer be updated a
  - `nodejs-scan`: version 2
  - `phpcs-security-audit`: version 2
  - `pmd-apex`: version 2
-  - `security-code-scan`: version 3
+  - `security-code-scan`: version 2
  - `semgrep`: version 2
  - `sobelow`: version 2
  - `spotbugs`: version 2

-**Planned removal milestone: 15.00 ()**
+**Planned removal milestone: 15.0 (2022-05-22)**

 ### Support for gRPC-aware proxy deployed between Gitaly and rest of GitLab