From abb469bc7f87b6907a7feecab3ac5f59fa1c636b Mon Sep 17 00:00:00 2001 From: GitLab Bot Date: Fri, 17 May 2024 09:20:40 +0000 Subject: [PATCH] Add latest changes from gitlab-org/gitlab@master --- .gitlab/CODEOWNERS | 1 + doc/administration/silent_mode/index.md | 2 +- doc/architecture/blueprints/cells/index.md | 2 +- .../blueprints/secret_detection/index.md | 4 +-- doc/ci/components/index.md | 4 +-- doc/ci/migration/bamboo.md | 2 +- doc/ci/mobile_devops.md | 7 ---- doc/ci/runners/index.md | 6 ++-- doc/ci/yaml/index.md | 2 ++ doc/ci/yaml/inputs.md | 2 +- doc/development/documentation/versions.md | 2 +- doc/integration/github.md | 4 +-- doc/policy/experiment-beta-support.md | 18 +++++------ doc/user/ai_features.md | 2 +- doc/user/ai_features_enable.md | 4 +-- .../dependency_list/index.md | 9 ++---- .../application_security/sast/analyzers.md | 29 +++++++---------- doc/user/application_security/sast/index.md | 32 ------------------- doc/user/gitlab_duo_chat.md | 8 ++--- doc/user/project/badges.md | 8 ++--- 20 files changed, 52 insertions(+), 96 deletions(-) diff --git a/.gitlab/CODEOWNERS b/.gitlab/CODEOWNERS index 78a4a3c3c88..47d684fe885 100644 --- a/.gitlab/CODEOWNERS +++ b/.gitlab/CODEOWNERS @@ -880,6 +880,7 @@ lib/gitlab/checks/** /doc/integration/datadog.md @fneill /doc/integration/diffblue_cover.md @marcel.amirault @lyspin /doc/integration/external-issue-tracker.md @eread @ashrafkhamis +/doc/integration/github.md @marcel.amirault @lyspin /doc/integration/gitpod.md @ashrafkhamis /doc/integration/gmail_action_buttons_for_gitlab.md @eread @ashrafkhamis /doc/integration/index.md @eread @ashrafkhamis diff --git a/doc/administration/silent_mode/index.md b/doc/administration/silent_mode/index.md index 0766f62253b..b0b18a8f0ed 100644 --- a/doc/administration/silent_mode/index.md +++ b/doc/administration/silent_mode/index.md @@ -12,7 +12,7 @@ DETAILS: > - [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/9826) in GitLab 15.11. This feature was an [experiment](../../policy/experiment-beta-support.md#experiment). > - Enabling and disabling Silent Mode through the web UI was [introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/131090) in GitLab 16.4. -> - Silent Mode was updated to [Generally Available (GA)](../../policy/experiment-beta-support.md#generally-available-ga) in GitLab 16.6. +> - Silent Mode was updated to [generally available (GA)](../../policy/experiment-beta-support.md#generally-available-ga) in GitLab 16.6. Silent Mode allows you to silence outbound communication, such as emails, from GitLab. Silent Mode is not intended to be used on environments which are in-use. Two use-cases are: diff --git a/doc/architecture/blueprints/cells/index.md b/doc/architecture/blueprints/cells/index.md index 7c5222b028a..30ddc1b0cca 100644 --- a/doc/architecture/blueprints/cells/index.md +++ b/doc/architecture/blueprints/cells/index.md @@ -38,7 +38,7 @@ We can't ship the entire Cells architecture in one go - it is too large. Instead, we are defining key workstreams required by the project. For each workstream, we need to define the effort necessary to make features compliant with Cell 1.0, Cell 1.5, and Cell 2.0, respectively. -It is expected that some objectives will not be completed for General Availability (GA), but will be enough to run Cells in production. +It is expected that some objectives will not be completed for general availability (GA), but will be enough to run Cells in production. ### 1. Data access layer diff --git a/doc/architecture/blueprints/secret_detection/index.md b/doc/architecture/blueprints/secret_detection/index.md index 5b2fb1143f1..680e2b0a7cb 100644 --- a/doc/architecture/blueprints/secret_detection/index.md +++ b/doc/architecture/blueprints/secret_detection/index.md @@ -320,7 +320,7 @@ In the case of a push detection, the commit is rejected inline and error returne #### Configuration -This phase will be considered "Generally Available" and on-by-default, with disablement configuration through organization-level settings. +This phase will be considered "generally available" and on-by-default, with disablement configuration through organization-level settings. #### High-Level Architecture @@ -443,7 +443,7 @@ existing Vulnerability Management UI. #### Configuration -This phase will be considered "Generally Available" and on-by-default, with disablement configuration through organization-level settings. +This phase will be considered "generally available" and on-by-default, with disablement configuration through organization-level settings. #### High-Level Architecture diff --git a/doc/ci/components/index.md b/doc/ci/components/index.md index e2bc1f0964a..8040d9eca12 100644 --- a/doc/ci/components/index.md +++ b/doc/ci/components/index.md @@ -14,7 +14,7 @@ DETAILS: > - [Enabled on GitLab.com and self-managed](https://gitlab.com/groups/gitlab-org/-/epics/9897) in GitLab 16.2. > - [Feature flag `ci_namespace_catalog_experimental` removed](https://gitlab.com/gitlab-org/gitlab/-/issues/394772) in GitLab 16.3. > - [Moved](https://gitlab.com/gitlab-com/www-gitlab-com/-/merge_requests/130824) to [beta](../../policy/experiment-beta-support.md#beta) in GitLab 16.6. -> - [Made Generally Available](https://gitlab.com/gitlab-com/www-gitlab-com/-/merge_requests/134062) in GitLab 17.0. +> - [Made generally available](https://gitlab.com/gitlab-com/www-gitlab-com/-/merge_requests/134062) in GitLab 17.0. A CI/CD component is a reusable single pipeline configuration unit. Use components to create a small part of a larger pipeline, or even to compose a complete pipeline configuration. @@ -213,7 +213,7 @@ DETAILS: > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/407249) as an [experiment](../../policy/experiment-beta-support.md#experiment) in GitLab 16.1. > - [Moved](https://gitlab.com/gitlab-org/gitlab/-/issues/432045) to [beta](../../policy/experiment-beta-support.md#beta) in GitLab 16.7. -> - [Made Generally Available](https://gitlab.com/gitlab-org/gitlab/-/issues/454306) in GitLab 17.0. +> - [Made generally available](https://gitlab.com/gitlab-org/gitlab/-/issues/454306) in GitLab 17.0. The CI/CD Catalog is a list of projects with published CI/CD components you can use to extend your CI/CD workflow. diff --git a/doc/ci/migration/bamboo.md b/doc/ci/migration/bamboo.md index 96e46fdc8e4..486c045388f 100644 --- a/doc/ci/migration/bamboo.md +++ b/doc/ci/migration/bamboo.md @@ -1,6 +1,6 @@ --- stage: Verify -group: Pipeline Authoring +group: Pipeline Execution info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments --- diff --git a/doc/ci/mobile_devops.md b/doc/ci/mobile_devops.md index 5f86c61dc36..5e602e630cf 100644 --- a/doc/ci/mobile_devops.md +++ b/doc/ci/mobile_devops.md @@ -427,13 +427,6 @@ For an overview, see [Review apps for mobile setup instructions](https://youtu.b To get started, see the [setup instructions](https://gitlab.com/gitlab-org/incubation-engineering/mobile-devops/readme/-/issues/15). -## Mobile SAST - -You can use [Static Application Security Testing (SAST)](../user/application_security/sast/index.md) -to run static analyzers on code to check for known security vulnerabilities. Mobile SAST -expands this functionality for mobile teams with an [experimental SAST feature](../user/application_security/sast/index.md#experimental-features) -based on [Mobile Security Framework (MobSF)](https://github.com/MobSF/Mobile-Security-Framework-MobSF). - ## Sample Reference Projects See the sample reference projects below for complete build, sign, and release pipeline examples for various platforms. A list of all available projects can be found in [the Mobile DevOps Demo Projects group](https://gitlab.com/gitlab-org/incubation-engineering/mobile-devops/demo-projects/). diff --git a/doc/ci/runners/index.md b/doc/ci/runners/index.md index 43a06de7f86..0858fe647f1 100644 --- a/doc/ci/runners/index.md +++ b/doc/ci/runners/index.md @@ -120,11 +120,11 @@ Supported images have the following lifecycle: ### Beta -New images are released as beta. This allows us to gather feedback and address potential issues before General Availablility (GA). +New images are released as beta. This allows us to gather feedback and address potential issues before general availablility (GA). Any jobs running on beta images are not covered by the service-level agreement. If you use beta images, you can provide feedback by creating an issue. -### General Availablility (GA) +### General availability (GA) A image becomes generally available after the image completes the beta phase and is considered stable. To become GA, the image must fulfill the following requirements: @@ -136,6 +136,6 @@ Jobs that run on GA images are covered by the defined service-level agreement. ### Deprecated -A maximum of two Generally Available (GA) images are supported at a time. After a new GA image is released, +A maximum of two generally available (GA) images are supported at a time. After a new GA image is released, the oldest GA image becomes deprecated. A deprecated image is no longer updated and is deleted after 3 months in accordance with the [deprecation guidelines](../../development/deprecation_guidelines/index.md). diff --git a/doc/ci/yaml/index.md b/doc/ci/yaml/index.md index 8c134483bcf..9d21aca92bd 100644 --- a/doc/ci/yaml/index.md +++ b/doc/ci/yaml/index.md @@ -4250,6 +4250,8 @@ job: globs always match. In other words, the `exists` rule always assumes a match in projects with more than 10,000 files, or if there are fewer than 10,000 files but the `exists` rules are checked more than 10,000 times. + - If there are multiple patterned globs, the limit is 10,000 divided by the number + of globs. For example, a rule with 4 patterned globs has file limit of 2500. - A maximum of 50 patterns or file paths can be defined per `rules:exists` section. - `exists` resolves to `true` if any of the listed files are found (an `OR` operation). diff --git a/doc/ci/yaml/inputs.md b/doc/ci/yaml/inputs.md index 30d0d7a0438..fe6c8f08dab 100644 --- a/doc/ci/yaml/inputs.md +++ b/doc/ci/yaml/inputs.md @@ -11,7 +11,7 @@ DETAILS: **Offering:** GitLab.com, Self-managed, GitLab Dedicated > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/391331) in GitLab 15.11 as a beta feature. -> - [Made Generally Available](https://gitlab.com/gitlab-com/www-gitlab-com/-/merge_requests/134062) in GitLab 17.0. +> - [Made generally available](https://gitlab.com/gitlab-com/www-gitlab-com/-/merge_requests/134062) in GitLab 17.0. Use inputs to increase the flexibility of CI/CD configuration files that are designed to be reused. diff --git a/doc/development/documentation/versions.md b/doc/development/documentation/versions.md index e9c642bff7e..1f139e0817e 100644 --- a/doc/development/documentation/versions.md +++ b/doc/development/documentation/versions.md @@ -96,7 +96,7 @@ If the feature status changes to experiment or beta, use `changed`: > - [Changed]() to beta in GitLab 16.0. ``` -For a change to Generally Available, use: +For a change to generally available, use: ```markdown > - [Generally available](issue-link) in GitLab 16.10. diff --git a/doc/integration/github.md b/doc/integration/github.md index 3875c14602c..d7d5edd6d81 100644 --- a/doc/integration/github.md +++ b/doc/integration/github.md @@ -1,6 +1,6 @@ --- -stage: Govern -group: Authentication +stage: Verify +group: Pipeline Execution info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments --- diff --git a/doc/policy/experiment-beta-support.md b/doc/policy/experiment-beta-support.md index 12ae35595aa..510bc104edd 100644 --- a/doc/policy/experiment-beta-support.md +++ b/doc/policy/experiment-beta-support.md @@ -17,7 +17,7 @@ Some reasons for these kinds of feature releases include: Please note that some features may not be aligned to these recommendations if they were developed before the recommendations were in place, or if a team determined an alternative implementation approach was needed. -All other features are considered to be Generally Available (GA). +All other features are considered to be generally available (GA). ## Experiment @@ -42,13 +42,13 @@ Beta features: - Might be unstable. - Have configuration and dependencies that are unlikely to change. - Have features and functions that are unlikely to change. However, breaking changes can occur outside of major releases - or with less notice than for Generally Available features. + or with less notice than for generally available features. - Have a low risk of data loss. - Have a user experience that is complete or near completion. -## Generally Available (GA) +## Generally available (GA) -Generally Available features: +Generally available features: - Are ready for production use at any scale. - Are [fully supported](https://about.gitlab.com/support/statement-of-support/) and documented. @@ -107,7 +107,7 @@ by following the [Production Readiness Review process](https://handbook.gitlab.c ### GA features -Generally Available features that [meet the review criteria](https://handbook.gitlab.com/handbook/engineering/infrastructure/production/readiness/#criteria-for-starting-a-production-readiness-review) +Generally available features that [meet the review criteria](https://handbook.gitlab.com/handbook/engineering/infrastructure/production/readiness/#criteria-for-starting-a-production-readiness-review) must complete the [Production Readiness Review](https://handbook.gitlab.com/handbook/engineering/infrastructure/production/readiness/) and complete all sections up to and including the [GA section in the readiness template](https://gitlab.com/gitlab-com/gl-infra/readiness/-/blob/master/.gitlab/issue_templates/production_readiness.md#general-availability). @@ -127,7 +127,7 @@ so we are allowed to make mistakes here and literally experiment. ### Experiment and beta exit criteria -To ensure the phases before General Availability are as short as possible each phase of experiment, +To ensure the phases before general availability are as short as possible each phase of experiment, beta, and limited availability should include exit criteria. This encourages rapid iteration and reduces [cycle time](https://handbook.gitlab.com/handbook/values/#reduce-cycle-time). @@ -144,10 +144,10 @@ to apply to their experimental and beta features: - Consider also setting a time bound when using user feedback as an exit criteria for leaving a phase. If a given time period elapses and we can not solicit feedback from enough users, it is better to ship what we have and iterate on it as a GA at that point rather than maintain a pre-GA state. -- **Limited Feature Completion**: Determine if there is functionality that should be completed before moving to General Availability. +- **Limited Feature Completion**: Determine if there is functionality that should be completed before moving to general availability. - Be wary of including "just one more" feature. Iteration is easier and more effective with more feedback from more users, - so getting to General Availability is preferred. -- **System Performance metrics**: Determine the criteria that the platform has shown before being ready for General Availability. + so getting to general availability is preferred. +- **System Performance metrics**: Determine the criteria that the platform has shown before being ready for general availability. Examples include response times and successfully handling a specific number of requests per second. - **Success criteria**: Not all features may reach GA. It is OK to pivot if early feedback indicates that a different direction would provide more value or a better user experience. If open questions must be answered diff --git a/doc/user/ai_features.md b/doc/user/ai_features.md index 7556182797b..c0d4f7103f1 100644 --- a/doc/user/ai_features.md +++ b/doc/user/ai_features.md @@ -21,7 +21,7 @@ GitLab is [transparent](https://handbook.gitlab.com/handbook/values/#transparenc As GitLab Duo features mature, the documentation will be updated to clearly state how and where you can access these features. -## Generally Available features +## Generally available features ### Code Suggestions diff --git a/doc/user/ai_features_enable.md b/doc/user/ai_features_enable.md index 0ce4b25f2ff..96db338c703 100644 --- a/doc/user/ai_features_enable.md +++ b/doc/user/ai_features_enable.md @@ -13,12 +13,12 @@ DETAILS: > - [Settings to turn off AI features introduced](https://gitlab.com/groups/gitlab-org/-/epics/12404) in GitLab 16.10. > - [Settings to turn off AI features added to the UI](https://gitlab.com/gitlab-org/gitlab/-/issues/441489) in GitLab 16.11. -GitLab Duo features that are Generally Available are automatically turned on for all users that have access. +GitLab Duo features that are generally available are automatically turned on for all users that have access. In addition: - If you have self-managed GitLab, you must [allow connectivity](#configure-gitlab-duo-on-a-self-managed-instance). -- For some Generally Available features, like [Code Suggestions](project/repository/code_suggestions/index.md), +- For some generally available features, like [Code Suggestions](project/repository/code_suggestions/index.md), [you must assign seats](../subscriptions/subscription-add-ons.md#assign-gitlab-duo-pro-seats) to the users you want to have access. diff --git a/doc/user/application_security/dependency_list/index.md b/doc/user/application_security/dependency_list/index.md index c79d6513f87..35698534aad 100644 --- a/doc/user/application_security/dependency_list/index.md +++ b/doc/user/application_security/dependency_list/index.md @@ -85,6 +85,9 @@ select the vulnerability's description. The [vulnerability's details](../vulnera ## Dependency paths +> - Dependency path information from CycloneDX SBOM was [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/393061) in GitLab 16.9 [with a flag](../../../administration/feature_flags.md) named `project_level_sbom_occurrences`. Disabled by default. +> - Dependency path information from CycloneDX SBOM was [enabled on GitLab.com, self-managed, and GitLab Dedicated](https://gitlab.com/gitlab-org/gitlab/-/issues/434371) in GitLab 17.0. + The dependency list shows the path between a dependency and a top-level dependency it's connected to, if any. Multiple paths may connect a transient dependency to top-level dependencies, but the user interface shows only one of the shortest paths. @@ -92,12 +95,6 @@ dependencies, but the user interface shows only one of the shortest paths. NOTE: The dependency path is only displayed for dependencies that have vulnerabilities. -WARNING: -The dependency path based on the `dependency_files` property from the Dependency Scanning report was -[deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/396376) in GitLab -16.9 and is planned for removal in 17.0. -This will be replaced with data from the [CycloneDX report](https://gitlab.com/gitlab-org/gitlab/-/issues/441118). - ![Dependency path](img/yarn_dependency_path_v13_6.png) Dependency paths are supported for the following package managers: diff --git a/doc/user/application_security/sast/analyzers.md b/doc/user/application_security/sast/analyzers.md index 813865346ee..6d84fecd190 100644 --- a/doc/user/application_security/sast/analyzers.md +++ b/doc/user/application_security/sast/analyzers.md @@ -30,33 +30,28 @@ For each scanner, an analyzer: SAST supports the following official analyzers: -- [`brakeman`](https://gitlab.com/gitlab-org/security-products/analyzers/brakeman) (Brakeman) -- [`flawfinder`](https://gitlab.com/gitlab-org/security-products/analyzers/flawfinder) (Flawfinder) - [`kubesec`](https://gitlab.com/gitlab-org/security-products/analyzers/kubesec) (Kubesec) -- [`mobsf`](https://gitlab.com/gitlab-org/security-products/analyzers/mobsf) (MobSF) (**Status:** Beta) -- [`nodejs-scan`](https://gitlab.com/gitlab-org/security-products/analyzers/nodejs-scan) (NodeJsScan) -- [`phpcs-security-audit`](https://gitlab.com/gitlab-org/security-products/analyzers/phpcs-security-audit) (PHP CS security-audit) - [`pmd-apex`](https://gitlab.com/gitlab-org/security-products/analyzers/pmd-apex) (PMD (Apex only)) - [`semgrep`](https://gitlab.com/gitlab-org/security-products/analyzers/semgrep) (Semgrep) - [`sobelow`](https://gitlab.com/gitlab-org/security-products/analyzers/sobelow) (Sobelow (Elixir Phoenix)) - [`spotbugs`](https://gitlab.com/gitlab-org/security-products/analyzers/spotbugs) (SpotBugs with the Find Sec Bugs plugin (Ant, Gradle and wrapper, Grails, Maven and wrapper, SBT)) -NOTE: -`brakeman`, `flawfinder`, `nodejs-scan`, and `phpcs-security-audit` were -[deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/431123) in GitLab 16.9 -and are planned for removal in 17.0. -The [Semgrep analyzer](https://gitlab.com/gitlab-org/security-products/analyzers/semgrep) is proposed as their replacement. +The following analyzers reached End of Support status and do not receive updates. They were replaced +by the `semgrep` analyzer with GitLab-managed rules. -SAST has used other analyzers in previous versions. These analyzers reached End of Support status and do not receive updates: - -- [`bandit`](https://gitlab.com/gitlab-org/security-products/analyzers/bandit) (Bandit); [End of Support](https://gitlab.com/gitlab-org/gitlab/-/issues/352554) in GitLab 15.4. Replaced by the `semgrep` analyzer with GitLab-managed rules. -- [`eslint`](https://gitlab.com/gitlab-org/security-products/analyzers/eslint) (ESLint (JavaScript and React)); [End of Support](https://gitlab.com/gitlab-org/gitlab/-/issues/352554) in GitLab 15.4. Replaced by the `semgrep` analyzer with GitLab-managed rules. -- [`gosec`](https://gitlab.com/gitlab-org/security-products/analyzers/gosec) (Gosec); [End of Support](https://gitlab.com/gitlab-org/gitlab/-/issues/352554) in GitLab 15.4. Replaced by the `semgrep` analyzer with GitLab-managed rules. -- [`security-code-scan`](https://gitlab.com/gitlab-org/security-products/analyzers/security-code-scan) (Security Code Scan (.NET)); [End of Support](https://gitlab.com/gitlab-org/gitlab/-/issues/390416) in GitLab 16.0. Replaced by the `semgrep` analyzer with GitLab-managed rules. +- [`bandit`](https://gitlab.com/gitlab-org/security-products/analyzers/bandit) (Bandit); [End of Support](https://gitlab.com/gitlab-org/gitlab/-/issues/352554) in GitLab 15.4. +- [`brakeman`](https://gitlab.com/gitlab-org/security-products/analyzers/brakeman) (Brakeman); [End of Support](https://gitlab.com/gitlab-org/gitlab/-/issues/412060) in GitLab 17.0. +- [`eslint`](https://gitlab.com/gitlab-org/security-products/analyzers/eslint) (ESLint (JavaScript and React)); [End of Support](https://gitlab.com/gitlab-org/gitlab/-/issues/352554) in GitLab 15.4. +- [`flawfinder`](https://gitlab.com/gitlab-org/security-products/analyzers/flawfinder) (Flawfinder); [End of Support](https://gitlab.com/gitlab-org/gitlab/-/issues/412060) in GitLab 17.0. +- [`gosec`](https://gitlab.com/gitlab-org/security-products/analyzers/gosec) (Gosec); [End of Support](https://gitlab.com/gitlab-org/gitlab/-/issues/352554) in GitLab 15.4. +- [`mobsf`](https://gitlab.com/gitlab-org/security-products/analyzers/mobsf) (MobSF); [End of Support](https://gitlab.com/gitlab-org/gitlab/-/issues/450925) in GitLab 17.0. +- [`nodejs-scan`](https://gitlab.com/gitlab-org/security-products/analyzers/nodejs-scan) (NodeJsScan); [End of Support](https://gitlab.com/gitlab-org/gitlab/-/issues/412060) in GitLab 17.0. +- [`phpcs-security-audit`](https://gitlab.com/gitlab-org/security-products/analyzers/phpcs-security-audit) (PHP CS security-audit) +- [`security-code-scan`](https://gitlab.com/gitlab-org/security-products/analyzers/security-code-scan) (Security Code Scan (.NET)); [End of Support](https://gitlab.com/gitlab-org/gitlab/-/issues/390416) in GitLab 16.0. ## SAST analyzer features -For an analyzer to be considered Generally Available, it is expected to minimally +For an analyzer to be considered generally available, it is expected to minimally support the following features: - [Customizable configuration](index.md#available-cicd-variables) diff --git a/doc/user/application_security/sast/index.md b/doc/user/application_security/sast/index.md index b36396ac6ad..8d58d479e65 100644 --- a/doc/user/application_security/sast/index.md +++ b/doc/user/application_security/sast/index.md @@ -119,14 +119,8 @@ GitLab SAST can scan repositories that contain multiple projects. The following analyzers have multi-project support: -- Bandit -- ESLint -- Gosec - Kubesec -- NodeJsScan -- MobSF - PMD -- Security Code Scan - Semgrep - SpotBugs - Sobelow @@ -690,32 +684,6 @@ all [custom variables](../../../ci/variables/index.md#define-a-cicd-variable-in- to the underlying SAST analyzer images if [the SAST vendored template](#configuration) is used. -### Experimental features - -You can receive early access to experimental features. Experimental features might be added, -removed, or promoted to regular features at any time. - -Experimental features available are: - -- Enable scanning of iOS and Android apps using the [MobSF analyzer](https://gitlab.com/gitlab-org/security-products/analyzers/mobsf/). This includes the automatic detection and scanning of Xcode projects, Android manifest files, `.ipa` (iOS) and `.apk` (Android) binary files. - -These features were previously experimental, but are now generally available: - -- Disable the [`eslint.detect-object-injection`](https://gitlab.com/gitlab-org/security-products/analyzers/semgrep/-/blob/6c4764567d9854f5e4a4a35dacf5a68def7fb4c1/rules/eslint.yml#L751-773) in the [Semgrep analyzer](https://gitlab.com/gitlab-org/security-products/analyzers/semgrep) because it causes a high rate of false positives. - - This rule was [disabled by default](https://gitlab.com/gitlab-org/gitlab/-/issues/373920) in 15.10. - -#### Enable experimental features - -To enable experimental features, add the following to your `.gitlab-ci.yml` file: - -```yaml -include: - - template: Jobs/SAST.gitlab-ci.yml - -variables: - SAST_EXPERIMENTAL_FEATURES: "true" -``` - ## Running SAST in an offline environment For self-managed GitLab instances in an environment with limited, restricted, or intermittent access diff --git a/doc/user/gitlab_duo_chat.md b/doc/user/gitlab_duo_chat.md index e0d7ba31ba9..cc004b238fc 100644 --- a/doc/user/gitlab_duo_chat.md +++ b/doc/user/gitlab_duo_chat.md @@ -14,7 +14,7 @@ DETAILS: > - Changed to [beta](../policy/experiment-beta-support.md#beta) for SaaS in GitLab 16.6. > - [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/11251) as a [beta](../policy/experiment-beta-support.md#beta) for self-managed in GitLab 16.8. > - Changed from Ultimate to [Premium](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/142808) tier in GitLab 16.9 while in [beta](../policy/experiment-beta-support.md#beta). -> - Changed to [Generally Available](../policy/experiment-beta-support.md#generally-available-ga) in GitLab 16.11. +> - Changed to [generally available](../policy/experiment-beta-support.md#generally-available-ga) in GitLab 16.11. > - Freely available for Ultimate and Premium users for a limited time. GitLab Duo Chat is your personal AI-powered assistant for boosting productivity. @@ -58,7 +58,7 @@ Only the last 50 messages are retained in the chat history. The chat history exp ## Use GitLab Duo Chat in the Web IDE > - Introduced in GitLab 16.6 as an [experiment](../policy/experiment-beta-support.md#experiment). -> - Changed to Generally Available in GitLab 16.11. +> - Changed to generally available in GitLab 16.11. To use GitLab Duo Chat in the Web IDE on GitLab: @@ -81,7 +81,7 @@ GitLab Duo Chat is not available in the Web IDE on self-managed. ## Use GitLab Duo Chat in VS Code > - Introduced in GitLab 16.6 as an [experiment](../policy/experiment-beta-support.md#experiment). -> - Changed to Generally Available in GitLab 16.11. +> - Changed to generally available in GitLab 16.11. To use GitLab Duo Chat in GitLab Workflow extension for VS Code: @@ -101,7 +101,7 @@ If you have selected code in the editor, this selection is sent along with your ## Use GitLab Duo Chat in JetBrains IDEs -> - Introduced as Generally Available in GitLab 16.11. +> - Introduced as generally available in GitLab 16.11. To use GitLab Duo Chat in the GitLab Duo plugin for JetBrains IDEs: diff --git a/doc/user/project/badges.md b/doc/user/project/badges.md index 094dae30ad2..dd257732fe8 100644 --- a/doc/user/project/badges.md +++ b/doc/user/project/badges.md @@ -125,7 +125,7 @@ If you set an out of range value, GitLab automatically adjusts it to the default ## Project badges -Badges can be added to a project by Maintainers or Owners, and are visible on the project's overview page. +Badges can be added to a project by Maintainers or Owners, and are visible on the project's **Overview** page. If you find that you have to add the same badges to several projects, you may want to add them at the [group level](#group-badges). ### Example project badge: Pipeline Status @@ -146,9 +146,10 @@ To add this badge to a project: ## Group badges -By adding a badge to a group, you add and enforce a project-level badge -for all projects in the group. The group badge is visible on the **Overview** +Badges can be added to a group by Owners, and are visible on the **Overview** page of any project that belongs to the group. +By adding a badge to a group, you add and enforce a project-level badge +for all projects in the group. NOTE: While these badges appear as project-level badges in the codebase, they @@ -283,7 +284,6 @@ To delete a badge in a project or group: 1. Expand **Badges**. 1. Next to the badge you want to delete, select **Delete** (**{remove}**). 1. On the confirmation dialog, select **Delete badge**. -1. Select **Save changes**. NOTE: Badges associated with a group can be edited or deleted only at the [group level](#group-badges).