Add latest changes from gitlab-org/gitlab@master

2024-03-18 03:10:07 +00:00 · 2024-03-18 03:10:07 +00:00 · 5ef26a52ce
parent f96fb3b731
commit 5ef26a52ce
4 changed files with 5 additions and 8 deletions
--- a/doc/ci/testing/code_quality.md
+++ b/doc/ci/testing/code_quality.md
@ -239,7 +239,7 @@ To use a rootless private runner:
     --token "<project_token>" \
     --non-interactive \
     --builds-dir "/tmp/builds" \
-     --env "DOCKER_HOST=unix:///run/user/<gitlab-runner-user>/docker.sock"
+     --env "DOCKER_HOST=unix:///run/user/<gitlab-runner-user>/docker.sock" \
     --docker-host "unix:///run/user/<gitlab-runner-user>/docker.sock"
   ```

--- a/doc/user/application_security/policies/index.md
+++ b/doc/user/application_security/policies/index.md
@ -348,9 +348,6 @@ The workaround is to amend your group or instance push rules to allow branches f
 - When creating a Scan Result Policy, neither the array `severity_levels` nor the array
  `vulnerability_states` in the [`scan_finding` rule](../policies/scan-result-policies.md#scan_finding-rule-type)
  can be left empty. For a working rule, at least one entry must exist.
- When configuring pipeline and merge request approval policies, it's important to remember that security scans
-  performed in manual jobs are not verified to determine whether MR approval is required. When you
-  run a manual job with security scans, it does not ensure approval even if vulnerabilities are
-  introduced.
+- When merge request approval policies are enforced on projects containing manual jobs in their pipeline, policies evaluate the completed pipeline jobs and ignore the manual jobs. When the manual jobs are run, the policy re-evaluates the MR.

 If you are still experiencing issues, you can [view recent reported bugs](https://gitlab.com/gitlab-org/gitlab/-/issues/?sort=popularity&state=opened&label_name%5B%5D=group%3A%3Asecurity%20policies&label_name%5B%5D=type%3A%3Abug&first_page_size=20) and raise new unreported issues.
--- a/qa/Gemfile
+++ b/qa/Gemfile
@ -37,7 +37,7 @@ gem 'chemlab', '~> 0.11', '>= 0.11.1'
 gem 'chemlab-library-www-gitlab-com', '~> 0.1', '>= 0.1.1'

 # dependencies for jenkins client
-gem 'nokogiri', '~> 1.16', '>= 1.16.2'
+gem 'nokogiri', '~> 1.16', '>= 1.16.3'

 gem 'deprecation_toolkit', '~> 2.2.0', require: false

--- a/qa/Gemfile.lock
+++ b/qa/Gemfile.lock
@ -214,7 +214,7 @@ GEM
    multi_json (1.15.0)
    multi_xml (0.6.0)
    netrc (0.11.0)
-    nokogiri (1.16.2)
+    nokogiri (1.16.3)
      mini_portile2 (~> 2.8.2)
      racc (~> 1.4)
    octokit (8.1.0)
@ -365,7 +365,7 @@ DEPENDENCIES
  gitlab_quality-test_tooling (~> 1.19.1)
  influxdb-client (~> 3.1)
  knapsack (~> 4.0)
-  nokogiri (~> 1.16, >= 1.16.2)
+  nokogiri (~> 1.16, >= 1.16.3)
  octokit (~> 8.1.0)
  parallel (~> 1.24)
  parallel_tests (~> 4.4)