gitlab-org--gitlab-foss/data/removals/15_0/15-0-sast-dotnet-21.yml

33 lines
2.2 KiB
YAML

- name: "SAST support for .NET 2.1"
announcement_milestone: "14.8"
announcement_date: "2022-02-22"
removal_milestone: "15.0"
removal_date: "2022-05-22"
breaking_change: false
reporter: connorgilbert
stage: Secure
issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/352553
body: | # (required) Do not modify this line, instead modify the lines below.
The [GitLab SAST Security Code Scan analyzer](https://gitlab.com/gitlab-org/security-products/analyzers/security-code-scan) scans .NET code for security vulnerabilities.
For technical reasons, the analyzer must first build the code to scan it.
In GitLab versions prior to 15.0, the default analyzer image (version 2) included support for:
- .NET 2.1
- .NET Core 3.1
- .NET 5.0
In GitLab 15.0, we've changed the default major version for this analyzer from version 2 to version 3. This change:
- Adds [severity values for vulnerabilities](https://gitlab.com/gitlab-org/gitlab/-/issues/350408) along with [other new features and improvements](https://gitlab.com/gitlab-org/security-products/analyzers/security-code-scan/-/blob/master/CHANGELOG.md).
- Removes .NET 2.1 support.
- Adds support for .NET 6.0, Visual Studio 2019, and Visual Studio 2022.
Version 3 was [announced in GitLab 14.6](https://about.gitlab.com/releases/2021/12/22/gitlab-14-6-released/#sast-support-for-net-6) and made available as an optional upgrade.
If you rely on .NET 2.1 support being present in the analyzer image by default, you must take action as detailed in the [deprecation issue for this change](https://gitlab.com/gitlab-org/gitlab/-/issues/352553#breaking-change).
# The following items are not published on the docs page, but may be used in the future.
tiers: [Free, Silver, Gold, Core, Premium, Ultimate]
documentation_url: https://docs.gitlab.com/ee/user/application_security/sast/#supported-languages-and-frameworks # (optional) This is a link to the current documentation page
image_url: # (optional) This is a link to a thumbnail image depicting the feature
video_url: # (optional) Use the youtube thumbnail URL with the structure of https://img.youtube.com/vi/UNIQUEID/hqdefault.jpg