Commit 11fd6bdf authored by Achilleas Pipinellis's avatar Achilleas Pipinellis

Merge branch 'docs/license-compliance' into 'master'

Rename License Management to License Compliance

Closes #63329

See merge request gitlab-org/gitlab-ce!31590
parents 5251dec5 450d84ff
...@@ -358,7 +358,7 @@ The following documentation relates to the DevOps **Secure** stage: ...@@ -358,7 +358,7 @@ The following documentation relates to the DevOps **Secure** stage:
| [Dependency Scanning](user/application_security/dependency_scanning/index.md) **(ULTIMATE)** | Analyze your dependencies for known vulnerabilities. | | [Dependency Scanning](user/application_security/dependency_scanning/index.md) **(ULTIMATE)** | Analyze your dependencies for known vulnerabilities. |
| [Dynamic Application Security Testing (DAST)](user/application_security/dast/index.md) **(ULTIMATE)** | Analyze running web applications for known vulnerabilities. | | [Dynamic Application Security Testing (DAST)](user/application_security/dast/index.md) **(ULTIMATE)** | Analyze running web applications for known vulnerabilities. |
| [Group Security Dashboard](user/application_security/security_dashboard/index.md) **(ULTIMATE)** | View vulnerabilities in all the projects in a group and its subgroups. | | [Group Security Dashboard](user/application_security/security_dashboard/index.md) **(ULTIMATE)** | View vulnerabilities in all the projects in a group and its subgroups. |
| [License Management](user/application_security/license_management/index.md) **(ULTIMATE)** | Search your project's dependencies for their licenses. | | [License Compliance](user/application_security/license_management/index.md) **(ULTIMATE)** | Search your project's dependencies for their licenses. |
| [Project Security Dashboard](user/application_security/security_dashboard/index.md) **(ULTIMATE)** | View the latest security reports for your project. | | [Project Security Dashboard](user/application_security/security_dashboard/index.md) **(ULTIMATE)** | View the latest security reports for your project. |
| [Static Application Security Testing (SAST)](user/application_security/sast/index.md) **(ULTIMATE)** | Analyze source code for known vulnerabilities. | | [Static Application Security Testing (SAST)](user/application_security/sast/index.md) **(ULTIMATE)** | Analyze source code for known vulnerabilities. |
......
...@@ -131,7 +131,7 @@ Its feature set is listed on the table below according to DevOps stages. ...@@ -131,7 +131,7 @@ Its feature set is listed on the table below according to DevOps stages.
| **Secure** || | **Secure** ||
| [Container Scanning](../user/application_security/container_scanning/index.md) **(ULTIMATE)** | Check your Docker containers for known vulnerabilities.| | [Container Scanning](../user/application_security/container_scanning/index.md) **(ULTIMATE)** | Check your Docker containers for known vulnerabilities.|
| [Dependency Scanning](../user/application_security/dependency_scanning/index.md) **(ULTIMATE)** | Analyze your dependencies for known vulnerabilities. | | [Dependency Scanning](../user/application_security/dependency_scanning/index.md) **(ULTIMATE)** | Analyze your dependencies for known vulnerabilities. |
| [License Management](../user/application_security/license_management/index.md) **(ULTIMATE)** | Search your project dependencies for their licenses. | | [License Compliance](../user/application_security/license_management/index.md) **(ULTIMATE)** | Search your project dependencies for their licenses. |
| [Security Test reports](../user/project/merge_requests/index.md#security-reports-ultimate) **(ULTIMATE)** | Check for app vulnerabilities. | | [Security Test reports](../user/project/merge_requests/index.md#security-reports-ultimate) **(ULTIMATE)** | Check for app vulnerabilities. |
## Examples ## Examples
......
...@@ -1582,7 +1582,7 @@ dashboards. ...@@ -1582,7 +1582,7 @@ dashboards.
The `license_management` report collects [Licenses](../../user/project/merge_requests/license_management.md) The `license_management` report collects [Licenses](../../user/project/merge_requests/license_management.md)
as artifacts. as artifacts.
The collected License Management report will be uploaded to GitLab as an artifact and will The collected License Compliance report will be uploaded to GitLab as an artifact and will
be automatically shown in merge requests, pipeline view and provide data for security be automatically shown in merge requests, pipeline view and provide data for security
dashboards. dashboards.
......
...@@ -65,7 +65,7 @@ project in a simple and automatic way: ...@@ -65,7 +65,7 @@ project in a simple and automatic way:
1. [Auto Code Quality](#auto-code-quality-starter) **(STARTER)** 1. [Auto Code Quality](#auto-code-quality-starter) **(STARTER)**
1. [Auto SAST (Static Application Security Testing)](#auto-sast-ultimate) **(ULTIMATE)** 1. [Auto SAST (Static Application Security Testing)](#auto-sast-ultimate) **(ULTIMATE)**
1. [Auto Dependency Scanning](#auto-dependency-scanning-ultimate) **(ULTIMATE)** 1. [Auto Dependency Scanning](#auto-dependency-scanning-ultimate) **(ULTIMATE)**
1. [Auto License Management](#auto-license-management-ultimate) **(ULTIMATE)** 1. [Auto License Compliance](#auto-license-compliance-ultimate) **(ULTIMATE)**
1. [Auto Container Scanning](#auto-container-scanning-ultimate) **(ULTIMATE)** 1. [Auto Container Scanning](#auto-container-scanning-ultimate) **(ULTIMATE)**
1. [Auto Review Apps](#auto-review-apps) 1. [Auto Review Apps](#auto-review-apps)
1. [Auto DAST (Dynamic Application Security Testing)](#auto-dast-ultimate) **(ULTIMATE)** 1. [Auto DAST (Dynamic Application Security Testing)](#auto-dast-ultimate) **(ULTIMATE)**
...@@ -401,13 +401,13 @@ check out. ...@@ -401,13 +401,13 @@ check out.
Any security warnings are also shown in the merge request widget. Read more about Any security warnings are also shown in the merge request widget. Read more about
[Dependency Scanning](../../user/application_security/dependency_scanning/index.md). [Dependency Scanning](../../user/application_security/dependency_scanning/index.md).
### Auto License Management **(ULTIMATE)** ### Auto License Compliance **(ULTIMATE)**
> Introduced in [GitLab Ultimate][ee] 11.0. > Introduced in [GitLab Ultimate][ee] 11.0.
License Management uses the License Compliance uses the
[License Management Docker image](https://gitlab.com/gitlab-org/security-products/license-management) [License Compliance Docker image](https://gitlab.com/gitlab-org/security-products/license-management)
to search the project dependencies for their license. The Auto License Management stage to search the project dependencies for their license. The Auto License Compliance stage
will be skipped on licenses other than Ultimate. will be skipped on licenses other than Ultimate.
Once the Once the
...@@ -415,7 +415,7 @@ report is created, it's uploaded as an artifact which you can later download and ...@@ -415,7 +415,7 @@ report is created, it's uploaded as an artifact which you can later download and
check out. check out.
Any licenses are also shown in the merge request widget. Read more how Any licenses are also shown in the merge request widget. Read more how
[License Management works](../../user/application_security/license_management/index.md). [License Compliance works](../../user/application_security/license_management/index.md).
### Auto Container Scanning **(ULTIMATE)** ### Auto Container Scanning **(ULTIMATE)**
......
...@@ -167,7 +167,7 @@ In the **test** stage, GitLab runs various checks on the application: ...@@ -167,7 +167,7 @@ In the **test** stage, GitLab runs various checks on the application:
- The `sast` job runs static analysis on the current code to check for potential - The `sast` job runs static analysis on the current code to check for potential
security issues and is allowed to fail([Auto SAST](index.md#auto-sast-ultimate)) **(ULTIMATE)** security issues and is allowed to fail([Auto SAST](index.md#auto-sast-ultimate)) **(ULTIMATE)**
- The `license_management` job searches the application's dependencies to determine each of their - The `license_management` job searches the application's dependencies to determine each of their
licenses and is allowed to fail ([Auto License Management](index.md#auto-license-management-ultimate)) **(ULTIMATE)** licenses and is allowed to fail ([Auto License Compliance](index.md#auto-license-compliance-ultimate)) **(ULTIMATE)**
NOTE: **Note:** NOTE: **Note:**
As you might have noticed, all jobs except `test` are allowed to fail in the As you might have noticed, all jobs except `test` are allowed to fail in the
......
...@@ -28,7 +28,7 @@ GitLab can scan and report any vulnerabilities found in your project. ...@@ -28,7 +28,7 @@ GitLab can scan and report any vulnerabilities found in your project.
| [Dependency List](dependency_list/index.md) **(ULTIMATE)** | View your project's dependencies and their known vulnerabilities. | | [Dependency List](dependency_list/index.md) **(ULTIMATE)** | View your project's dependencies and their known vulnerabilities. |
| [Dependency Scanning](dependency_scanning/index.md) **(ULTIMATE)** | Analyze your dependencies for known vulnerabilities. | | [Dependency Scanning](dependency_scanning/index.md) **(ULTIMATE)** | Analyze your dependencies for known vulnerabilities. |
| [Dynamic Application Security Testing (DAST)](dast/index.md) **(ULTIMATE)** | Analyze running web applications for known vulnerabilities. | | [Dynamic Application Security Testing (DAST)](dast/index.md) **(ULTIMATE)** | Analyze running web applications for known vulnerabilities. |
| [License Management](license_management/index.md) **(ULTIMATE)** | Search your project's dependencies for their licenses. | | [License Compliance](license_management/index.md) **(ULTIMATE)** | Search your project's dependencies for their licenses. |
| [Security Dashboard](security_dashboard/index.md) **(ULTIMATE)** | View vulnerabilities in all your projects and groups. | | [Security Dashboard](security_dashboard/index.md) **(ULTIMATE)** | View vulnerabilities in all your projects and groups. |
| [Static Application Security Testing (SAST)](sast/index.md) **(ULTIMATE)** | Analyze source code for known vulnerabilities. | | [Static Application Security Testing (SAST)](sast/index.md) **(ULTIMATE)** | Analyze source code for known vulnerabilities. |
......
...@@ -2,7 +2,7 @@ ...@@ -2,7 +2,7 @@
type: reference, howto type: reference, howto
--- ---
# License Management **(ULTIMATE)** # License Compliance **(ULTIMATE)**
> [Introduced](https://gitlab.com/gitlab-org/gitlab-ee/issues/5483) > [Introduced](https://gitlab.com/gitlab-org/gitlab-ee/issues/5483)
in [GitLab Ultimate](https://about.gitlab.com/pricing/) 11.0. in [GitLab Ultimate](https://about.gitlab.com/pricing/) 11.0.
...@@ -10,18 +10,18 @@ in [GitLab Ultimate](https://about.gitlab.com/pricing/) 11.0. ...@@ -10,18 +10,18 @@ in [GitLab Ultimate](https://about.gitlab.com/pricing/) 11.0.
## Overview ## Overview
If you are using [GitLab CI/CD](../../../ci/README.md), you can search your project dependencies for their licenses If you are using [GitLab CI/CD](../../../ci/README.md), you can search your project dependencies for their licenses
using License Management. using License Compliance.
You can take advantage of License Management by either [including the job](#configuration) You can take advantage of License Compliance by either [including the job](#configuration)
in your existing `.gitlab-ci.yml` file or by implicitly using in your existing `.gitlab-ci.yml` file or by implicitly using
[Auto License Management](../../../topics/autodevops/index.md#auto-license-management-ultimate) [Auto License Compliance](../../../topics/autodevops/index.md#auto-license-compliance-ultimate)
that is provided by [Auto DevOps](../../../topics/autodevops/index.md). that is provided by [Auto DevOps](../../../topics/autodevops/index.md).
GitLab checks the License Management report, compares the licenses between the GitLab checks the License Compliance report, compares the licenses between the
source and target branches, and shows the information right on the merge request. source and target branches, and shows the information right on the merge request.
Blacklisted licenses will be clearly visible with an `x` red icon next to them Blacklisted licenses will be clearly visible with an `x` red icon next to them
as well as new licenses which need a decision from you. In addition, you can as well as new licenses which need a decision from you. In addition, you can
[manually approve or blacklist](#project-policies-for-license-management) [manually approve or blacklist](#project-policies-for-license-compliance)
licenses in your project's settings. licenses in your project's settings.
NOTE: **Note:** NOTE: **Note:**
...@@ -31,7 +31,7 @@ will be displayed in the merge request area. That is the case when you add the ...@@ -31,7 +31,7 @@ will be displayed in the merge request area. That is the case when you add the
Consecutive merge requests will have something to compare to and the license Consecutive merge requests will have something to compare to and the license
management report will be shown properly. management report will be shown properly.
![License Management Widget](img/license_management.png) ![License Compliance Widget](img/license_management.png)
If you are a project or group Maintainer, you can click on a license to be given If you are a project or group Maintainer, you can click on a license to be given
the choice to approve it or blacklist it. the choice to approve it or blacklist it.
...@@ -66,12 +66,12 @@ The following languages and package managers are supported. ...@@ -66,12 +66,12 @@ The following languages and package managers are supported.
## Requirements ## Requirements
To run a License Management scanning job, you need GitLab Runner with the To run a License Compliance scanning job, you need GitLab Runner with the
[`docker` executor](https://docs.gitlab.com/runner/executors/docker.html). [`docker` executor](https://docs.gitlab.com/runner/executors/docker.html).
## Configuration ## Configuration
For GitLab 11.9 and later, to enable License Management, you must For GitLab 11.9 and later, to enable License Compliance, you must
[include](../../../ci/yaml/README.md#includetemplate) the [include](../../../ci/yaml/README.md#includetemplate) the
[`License-Management.gitlab-ci.yml` template](https://gitlab.com/gitlab-org/gitlab-ee/blob/master/lib/gitlab/ci/templates/Security/License-Management.gitlab-ci.yml) [`License-Management.gitlab-ci.yml` template](https://gitlab.com/gitlab-org/gitlab-ee/blob/master/lib/gitlab/ci/templates/Security/License-Management.gitlab-ci.yml)
that's provided as a part of your GitLab installation. that's provided as a part of your GitLab installation.
...@@ -89,14 +89,14 @@ The included template will create a `license_management` job in your CI/CD pipel ...@@ -89,14 +89,14 @@ The included template will create a `license_management` job in your CI/CD pipel
and scan your dependencies to find their licenses. and scan your dependencies to find their licenses.
The results will be saved as a The results will be saved as a
[License Management report artifact](../../../ci/yaml/README.md#artifactsreportslicense_management-ultimate) [License Compliance report artifact](../../../ci/yaml/README.md#artifactsreportslicense_management-ultimate)
that you can later download and analyze. Due to implementation limitations, we that you can later download and analyze. Due to implementation limitations, we
always take the latest License Management artifact available. Behind the scenes, the always take the latest License Compliance artifact available. Behind the scenes, the
[GitLab License Management Docker image](https://gitlab.com/gitlab-org/security-products/license-management) [GitLab License Compliance Docker image](https://gitlab.com/gitlab-org/security-products/license-management)
is used to detect the languages/frameworks and in turn analyzes the licenses. is used to detect the languages/frameworks and in turn analyzes the licenses.
The License Management settings can be changed through environment variables by using the The License Compliance settings can be changed through environment variables by using the
[`variables`](../../../ci/yaml/README.md#variables) parameter in `.gitlab-ci.yml`. These variables are documented in the [License Management documentation](https://gitlab.com/gitlab-org/security-products/license-management#settings). [`variables`](../../../ci/yaml/README.md#variables) parameter in `.gitlab-ci.yml`. These variables are documented in the [License Compliance documentation](https://gitlab.com/gitlab-org/security-products/license-management#settings).
### Installing custom dependencies ### Installing custom dependencies
...@@ -143,7 +143,7 @@ license_management: ...@@ -143,7 +143,7 @@ license_management:
### Configuring Maven projects ### Configuring Maven projects
The License Management tool provides a `MAVEN_CLI_OPTS` environment variable which can hold The License Compliance tool provides a `MAVEN_CLI_OPTS` environment variable which can hold
the command line arguments to pass to the `mvn install` command which is executed under the hood. the command line arguments to pass to the `mvn install` command which is executed under the hood.
Feel free to use it for the customization of Maven execution. For example: Feel free to use it for the customization of Maven execution. For example:
...@@ -169,7 +169,7 @@ If you still need to run tests during `mvn install`, add `-DskipTests=false` to ...@@ -169,7 +169,7 @@ If you still need to run tests during `mvn install`, add `-DskipTests=false` to
> [Introduced](https://gitlab.com/gitlab-org/security-products/license-management/merge_requests/36) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 12.0. > [Introduced](https://gitlab.com/gitlab-org/security-products/license-management/merge_requests/36) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 12.0.
License Management uses Python 2.7 and pip 10.0 by default. License Compliance uses Python 2.7 and pip 10.0 by default.
If your project requires Python 3, you can switch to Python 3.5 and pip 19.1 If your project requires Python 3, you can switch to Python 3.5 and pip 19.1
by setting the `LM_PYTHON_VERSION` environment variable to `3`. by setting the `LM_PYTHON_VERSION` environment variable to `3`.
...@@ -182,7 +182,7 @@ license_management: ...@@ -182,7 +182,7 @@ license_management:
LM_PYTHON_VERSION: 3 LM_PYTHON_VERSION: 3
``` ```
## Project policies for License Management ## Project policies for License Compliance
> [Introduced](https://gitlab.com/gitlab-org/gitlab-ee/issues/5940) > [Introduced](https://gitlab.com/gitlab-org/gitlab-ee/issues/5940)
in [GitLab Ultimate](https://about.gitlab.com/pricing/) 11.4. in [GitLab Ultimate](https://about.gitlab.com/pricing/) 11.4.
...@@ -196,10 +196,10 @@ To approve or blacklist a license: ...@@ -196,10 +196,10 @@ To approve or blacklist a license:
1. Either use the **Manage licenses** button in the merge request widget, or 1. Either use the **Manage licenses** button in the merge request widget, or
navigate to the project's **Settings > CI/CD** and expand the navigate to the project's **Settings > CI/CD** and expand the
**License Management** section. **License Compliance** section.
1. Click the **Add a license** button. 1. Click the **Add a license** button.
![License Management Add License](img/license_management_add_license.png) ![License Compliance Add License](img/license_management_add_license.png)
1. In the **License name** dropdown, either: 1. In the **License name** dropdown, either:
- Select one of the available licenses. You can search for licenses in the field - Select one of the available licenses. You can search for licenses in the field
...@@ -211,17 +211,17 @@ To approve or blacklist a license: ...@@ -211,17 +211,17 @@ To approve or blacklist a license:
To modify an existing license: To modify an existing license:
1. In the **License Management** list, click the **Approved/Declined** dropdown to change it to the desired status. 1. In the **License Compliance** list, click the **Approved/Declined** dropdown to change it to the desired status.
![License Management Settings](img/license_management_settings.png) ![License Compliance Settings](img/license_management_settings.png)
Searching for Licenses: Searching for Licenses:
1. Use the **Search** box to search for a specific license. 1. Use the **Search** box to search for a specific license.
![License Management Search](img/license_management_search.png) ![License Compliance Search](img/license_management_search.png)
## License Management report under pipelines ## License Compliance report under pipelines
> [Introduced](https://gitlab.com/gitlab-org/gitlab-ee/issues/5491) > [Introduced](https://gitlab.com/gitlab-org/gitlab-ee/issues/5491)
in [GitLab Ultimate](https://about.gitlab.com/pricing/) 11.2. in [GitLab Ultimate](https://about.gitlab.com/pricing/) 11.2.
...@@ -230,7 +230,7 @@ From your project's left sidebar, navigate to **CI/CD > Pipelines** and click on ...@@ -230,7 +230,7 @@ From your project's left sidebar, navigate to **CI/CD > Pipelines** and click on
pipeline ID that has a `license_management` job to see the Licenses tab with the listed pipeline ID that has a `license_management` job to see the Licenses tab with the listed
licenses (if any). licenses (if any).
![License Management Pipeline Tab](img/license_management_pipeline_tab.png) ![License Compliance Pipeline Tab](img/license_management_pipeline_tab.png)
<!-- ## Troubleshooting <!-- ## Troubleshooting
......
...@@ -45,7 +45,7 @@ The following table depicts the various user permission levels in a project. ...@@ -45,7 +45,7 @@ The following table depicts the various user permission levels in a project.
| Leave comments | ✓ (*1*) | ✓ | ✓ | ✓ | ✓ | | Leave comments | ✓ (*1*) | ✓ | ✓ | ✓ | ✓ |
| View Insights charts **(ULTIMATE)** | ✓ | ✓ | ✓ | ✓ | ✓ | | View Insights charts **(ULTIMATE)** | ✓ | ✓ | ✓ | ✓ | ✓ |
| View approved/blacklisted licenses **(ULTIMATE)** | ✓ | ✓ | ✓ | ✓ | ✓ | | View approved/blacklisted licenses **(ULTIMATE)** | ✓ | ✓ | ✓ | ✓ | ✓ |
| View license management reports **(ULTIMATE)** | ✓ (*1*) | ✓ | ✓ | ✓ | ✓ | | View License Compliance reports **(ULTIMATE)** | ✓ (*1*) | ✓ | ✓ | ✓ | ✓ |
| View Security reports **(ULTIMATE)** | ✓ (*1*) | ✓ | ✓ | ✓ | ✓ | | View Security reports **(ULTIMATE)** | ✓ (*1*) | ✓ | ✓ | ✓ | ✓ |
| View Dependency list **(ULTIMATE)** | ✓ (*1*) | ✓ | ✓ | ✓ | ✓ | | View Dependency list **(ULTIMATE)** | ✓ (*1*) | ✓ | ✓ | ✓ | ✓ |
| View [Design Management](project/issues/design_management.md) pages **(PREMIUM)** | ✓ (*1*) | ✓ | ✓ | ✓ | ✓ | | View [Design Management](project/issues/design_management.md) pages **(PREMIUM)** | ✓ (*1*) | ✓ | ✓ | ✓ | ✓ |
......
...@@ -98,7 +98,7 @@ When you create a project in GitLab, you'll have access to a large number of ...@@ -98,7 +98,7 @@ When you create a project in GitLab, you'll have access to a large number of
- [Maven packages](packages/maven_repository.md): your private Maven repository in GitLab. **(PREMIUM)** - [Maven packages](packages/maven_repository.md): your private Maven repository in GitLab. **(PREMIUM)**
- [NPM packages](packages/npm_registry.md): your private NPM package registry in GitLab. **(PREMIUM)** - [NPM packages](packages/npm_registry.md): your private NPM package registry in GitLab. **(PREMIUM)**
- [Code owners](code_owners.md): specify code owners for certain files **(STARTER)** - [Code owners](code_owners.md): specify code owners for certain files **(STARTER)**
- [License Management](../application_security/license_management/index.md): approve and blacklist licenses for projects. **(ULTIMATE)** - [License Compliance](../application_security/license_management/index.md): approve and blacklist licenses for projects. **(ULTIMATE)**
- [Dependency List](../application_security/dependency_list/index.md): view project dependencies. **(ULTIMATE)** - [Dependency List](../application_security/dependency_list/index.md): view project dependencies. **(ULTIMATE)**
### Project integrations ### Project integrations
......
...@@ -41,7 +41,7 @@ With **[GitLab Enterprise Edition][ee]**, you can also: ...@@ -41,7 +41,7 @@ With **[GitLab Enterprise Edition][ee]**, you can also:
- View the deployment process across projects with [Multi-Project Pipelines](../../../ci/multi_project_pipelines.md) **(PREMIUM)** - View the deployment process across projects with [Multi-Project Pipelines](../../../ci/multi_project_pipelines.md) **(PREMIUM)**
- Request [approvals](merge_request_approvals.md) from your managers **(STARTER)** - Request [approvals](merge_request_approvals.md) from your managers **(STARTER)**
- Analyze the impact of your changes with [Code Quality reports](code_quality.md) **(STARTER)** - Analyze the impact of your changes with [Code Quality reports](code_quality.md) **(STARTER)**
- Manage the licenses of your dependencies with [License Management](../../application_security/license_management/index.md) **(ULTIMATE)** - Manage the licenses of your dependencies with [License Compliance](../../application_security/license_management/index.md) **(ULTIMATE)**
- Analyze your source code for vulnerabilities with [Static Application Security Testing](../../application_security/sast/index.md) **(ULTIMATE)** - Analyze your source code for vulnerabilities with [Static Application Security Testing](../../application_security/sast/index.md) **(ULTIMATE)**
- Analyze your running web applications for vulnerabilities with [Dynamic Application Security Testing](../../application_security/dast/index.md) **(ULTIMATE)** - Analyze your running web applications for vulnerabilities with [Dynamic Application Security Testing](../../application_security/dast/index.md) **(ULTIMATE)**
- Analyze your dependencies for vulnerabilities with [Dependency Scanning](../../application_security/dependency_scanning/index.md) **(ULTIMATE)** - Analyze your dependencies for vulnerabilities with [Dependency Scanning](../../application_security/dependency_scanning/index.md) **(ULTIMATE)**
...@@ -57,7 +57,7 @@ A. Consider you are a software developer working in a team: ...@@ -57,7 +57,7 @@ A. Consider you are a software developer working in a team:
1. You gather feedback from your team 1. You gather feedback from your team
1. You work on the implementation optimizing code with [Code Quality reports](code_quality.md) **(STARTER)** 1. You work on the implementation optimizing code with [Code Quality reports](code_quality.md) **(STARTER)**
1. You verify your changes with [JUnit test reports](../../../ci/junit_test_reports.md) in GitLab CI/CD 1. You verify your changes with [JUnit test reports](../../../ci/junit_test_reports.md) in GitLab CI/CD
1. You avoid using dependencies whose license is not compatible with your project with [License Management reports](license_management.md) **(ULTIMATE)** 1. You avoid using dependencies whose license is not compatible with your project with [License Compliance reports](license_management.md) **(ULTIMATE)**
1. You request the [approval](#merge-request-approvals-starter) from your manager 1. You request the [approval](#merge-request-approvals-starter) from your manager
1. Your manager pushes a commit with their final review, [approves the merge request](merge_request_approvals.md), and set it to [merge when pipeline succeeds](#merge-when-pipeline-succeeds) (Merge Request Approvals are available in GitLab Starter) 1. Your manager pushes a commit with their final review, [approves the merge request](merge_request_approvals.md), and set it to [merge when pipeline succeeds](#merge-when-pipeline-succeeds) (Merge Request Approvals are available in GitLab Starter)
1. Your changes get deployed to production with [manual actions](../../../ci/yaml/README.md#whenmanual) for GitLab CI/CD 1. Your changes get deployed to production with [manual actions](../../../ci/yaml/README.md#whenmanual) for GitLab CI/CD
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment