Receive daily AI-curated summaries of engineering articles from top tech companies worldwide.
Endigest AI Core Summary
This article explains GitLab's auto-dismiss vulnerability policies, which let security teams codify triage decisions and apply them automatically across pipelines.
•Policies are defined in a YAML file using criteria based on file path, directory, or vulnerability identifier (CVE/CWE), with a specified dismissal reason.
•Supported dismissal reasons include: acceptable_risk, false_positive, mitigating_control, used_in_tests, and not_applicable.
•Each policy supports up to 3 criteria per rule and 5 rules per policy; multiple criteria in a rule use AND logic, multiple rules use OR logic.
•Up to 1,000 vulnerabilities are processed per pipeline run, and dismissed findings remain in the report for audit transparency.
•Six ready-to-use configurations are provided: test code, vendored dependencies, known false positive CVEs, generated code, WAF-mitigated CWEs, and CVE families.
This summary was automatically generated by AI based on the original article and may not be fully accurate.
GitLab
The Hacker News