Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add Gitlab SAST Reporter #3610

Open
wants to merge 4 commits into
base: main
Choose a base branch
from
Open

Add Gitlab SAST Reporter #3610

wants to merge 4 commits into from
+234 −0

Conversation

shane-davidson
Copy link

Add Gitlab SAST reporter

Created a PR for a Gitlab SAST reporter I made and use on our private Gitlab instance. Can't promise I'll have time to fix it up or anything but thought you guys might like to take what I've done so far and run with it :)

echoix
echoix reviewed Jun 4, 2024
View reviewed changes
Copy link
Collaborator

@echoix echoix left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't have CI experience with GitLab, so can't review if it is the right thing that is done.

For your comments questioning if we should extract SARIF functionality in another file/class, I agree that it can be a good idea if it's possible, but I don't have it as a strong requirement for this specific PR, it can be in another one or this one.

@echoix
Copy link
Collaborator

echoix commented Jun 4, 2024

And thanks for sharing this, more people will benefit from it, that's the goal of Megalinter, to combine the efforts of setting up many linters and using them all easily in CI, without every project having to reinvent the wheel to make it usable.

@shane-davidson
Add better parsing to Gitlab SAST reporter
0648bbd 
Update severity handling and default values so Gitlab handles the report better
@echoix
Copy link
Collaborator

echoix commented Jun 11, 2024

I don't know how to continue with this one, it's not my skillset

@echoix
Copy link
Collaborator

echoix commented Jun 16, 2024

@TommyE123 since you seem to be using GitLab casually, would you mind giving your opinion on this, and if it is correct to merge as is? It's been waiting a bit

@echoix
Copy link
Collaborator

echoix commented Jun 19, 2024

@TommyE123 what does the thumbs up reaction to my comment mean? That you will do, or it is an approval/review, that it is a solution adapted for this environment?

@TommyE123
Copy link
Contributor

@TommyE123 what does the thumbs up reaction to my comment mean? That you will do, or it is an approval/review, that it is a solution adapted for this environment?

Means I can have a look 🙂

@nvuillam
Copy link
Member

Sorry I'm late :)

This PR is great and i'd love to merge it, but there are additional updates to complete :)

@github-actions GitHub Actions
Copy link
Contributor

This pull request has been automatically marked as stale because it has not had recent activity.
It will be closed in 14 days if no further activity occurs.
Thank you for your contributions.

If you think this pull request should stay open, please remove the O: stale 🤖 label or comment on the pull request.

@github-actions github-actions bot added the O: stale 🤖 This issue or pull request is stale, it will be closed if there is no activity label Jul 23, 2024
@nvuillam
Copy link
Member

Anyone wanting to complete this nice PR to apply my comments ? 😋

@github-actions github-actions bot removed the O: stale 🤖 This issue or pull request is stale, it will be closed if there is no activity label Jul 24, 2024
@github-actions GitHub Actions
Copy link
Contributor

This pull request has been automatically marked as stale because it has not had recent activity.
It will be closed in 14 days if no further activity occurs.
Thank you for your contributions.

If you think this pull request should stay open, please remove the O: stale 🤖 label or comment on the pull request.

@github-actions github-actions bot added the O: stale 🤖 This issue or pull request is stale, it will be closed if there is no activity label Aug 23, 2024
@github-actions github-actions bot closed this Sep 6, 2024
@nvuillam nvuillam removed the O: stale 🤖 This issue or pull request is stale, it will be closed if there is no activity label Sep 9, 2024
@nvuillam nvuillam reopened this Sep 9, 2024
@github-actions GitHub Actions
Copy link
Contributor

This pull request has been automatically marked as stale because it has not had recent activity.
It will be closed in 14 days if no further activity occurs.
Thank you for your contributions.

If you think this pull request should stay open, please remove the O: stale 🤖 label or comment on the pull request.

@github-actions github-actions bot added the O: stale 🤖 This issue or pull request is stale, it will be closed if there is no activity label Oct 10, 2024
@nvuillam nvuillam added nostale This issue or pull request is not stale, keep it open and removed O: stale 🤖 This issue or pull request is stale, it will be closed if there is no activity labels Oct 10, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@echoix echoix echoix left review comments

@nvuillam nvuillam Awaiting requested review from nvuillam nvuillam is a code owner

@bdovaz bdovaz Awaiting requested review from bdovaz bdovaz is a code owner

@Kurt-von-Laven Kurt-von-Laven Awaiting requested review from Kurt-von-Laven Kurt-von-Laven is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

@nvuillam nvuillam

Labels
nostale This issue or pull request is not stale, keep it open
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@shane-davidson @echoix @TommyE123 @nvuillam