31 lines
1.7 KiB
YAML
31 lines
1.7 KiB
YAML
- name: "SAST support for .NET 2.1"
|
|
announcement_milestone: "14.8"
|
|
announcement_date: "2022-02-22"
|
|
removal_milestone: "15.0"
|
|
removal_date: "2022-05-22"
|
|
breaking_change: true
|
|
reporter: connorgilbert
|
|
body: | # Do not modify this line, instead modify the lines below.
|
|
The GitLab SAST Security Code Scan analyzer scans .NET code for security vulnerabilities.
|
|
For technical reasons, the analyzer must first build the code to scan it.
|
|
|
|
In GitLab versions prior to 15.0, the default analyzer image (version 2) includes support for:
|
|
|
|
- .NET 2.1
|
|
- .NET 3.0 and .NET Core 3.0
|
|
- .NET Core 3.1
|
|
- .NET 5.0
|
|
|
|
In GitLab 15.0, we will change the default major version for this analyzer from version 2 to version 3. This change:
|
|
|
|
- Adds [severity values for vulnerabilities](https://gitlab.com/gitlab-org/gitlab/-/issues/350408) along with [other new features and improvements](https://gitlab.com/gitlab-org/security-products/analyzers/security-code-scan/-/blob/master/CHANGELOG.md).
|
|
- Removes .NET 2.1 support.
|
|
- Adds support for .NET 6.0, Visual Studio 2019, and Visual Studio 2022.
|
|
|
|
Version 3 was [announced in GitLab 14.6](https://about.gitlab.com/releases/2021/12/22/gitlab-14-6-released/#sast-support-for-net-6) and made available as an optional upgrade.
|
|
|
|
If you rely on .NET 2.1 support being present in the analyzer image by default, you must take action as detailed in the [deprecation issue for this change](https://gitlab.com/gitlab-org/gitlab/-/issues/352553#breaking-change).
|
|
# The following items are not published on the docs page, but may be used in the future.
|
|
stage: Secure
|
|
tiers: [Free, Silver, Gold, Core, Premium, Ultimate]
|
|
issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/352553
|