|GitLab Adds Security Dashboards|
|Written by Kay Ewbank|
|Thursday, 26 July 2018|
The latest update for GitLab is designed to provide better security visibility, alongside contextual views, better code search, and improvements to the UX. GitLab is a web-based repository manager for Git that supports concurrent devops and issue-tracking.
The new security dashboard is the most visible change. It offers a higher level view of how all security issues are affecting a branch in aggregate, so that security teams can make decisions about the priority of issues so the most important vulnerabilities are tackled first. This information previously had to be collated from reports across Merge Requests. The dashboard can also be used to dismiss false positives.
The next change to GitLab is the addition of Static Application Security Testing (SAST) for Node.js. Until now, this was limited to C, C++, Go, Java and Python. SAST can be used to see code vulnerabilities when changes are committed to a repository.
Code searching options are another area to have been improved, with improvements to the advanced search syntax so you can filter by filename, path, and extension. These filters are available in both the Web UI and in the API.
The merge request widget info and pipeline sections have been redesigned, so that they appear slightly away form the rest of the widget control. This is intended to make them easier to consume. The developers felt that while the merge request widget is powerful, the fact it shows you so much integrated and relevant information and functions meant some users weren't making best use of the information and pipeline sections.
or email your comment to: firstname.lastname@example.org