Add SAST NO-DinD note about not scanning MRs

Adds note to SAST No-DinD docs to clarify that introduced languages and/or frameworks will not be scanned within the context of a Merge Request See https://gitlab.com/gitlab-org/gitlab/-/issues/211694#note_319207982 for related discussion

Add SAST NO-DinD note about not scanning MRs
Adds note to SAST No-DinD docs to clarify that introduced languages and/or frameworks will not be scanned within the context of a Merge Request See https://gitlab.com/gitlab-org/gitlab/-/issues/211694#note_319207982 for related discussion
31a2cb43 · Lucas Charles · Nick Gaskill · 1fc514cc · 31a2cb43
Commit 31a2cb43 authored Apr 08, 2020 by Lucas Charles Committed by Nick Gaskill Apr 08, 2020
Hide whitespace changes
Inline Side-by-side

Showing with 5 additions and 0 deletions

doc/user/application_security/sast/index.md doc/user/application_security/sast/index.md +5 -0

No files found.
--- a/doc/user/application_security/sast/index.md
+++ b/doc/user/application_security/sast/index.md
@@ -195,6 +195,11 @@ looks for `*.java` files to spin up the [spotbugs](https://gitlab.com/gitlab-org
 image, while orchestrator only looks for the existence of `pom.xml`, `build.xml`, `gradlew`,
 `grailsw`, or `mvnw`.

+NOTE: **Note:**
+With the current language detection logic, any new languages or frameworks introduced within the
+context of a merge request don't trigger a corresponding scan. These scans only occur once the code
+is committed to the default branch.
+
 #### Enabling kubesec analyzer

 > [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/12752) in GitLab Ultimate 12.6.