Overview
Adds a widget to GitLab merge request page showing vulnerabilities detected by Container Scanning.
Update: Now also see Medium vulnerabilities in the widget. Affected version number is included in the widget. This extension adds a widget in the Gitlab merge request page showing critical and high vulnerabilities of a container image generated in the associated pipeline. A container scanning job must exist in the pipeline. This job must generate a container scanning report artifact. To add a container scanning job, follow the steps defined here: https://docs.gitlab.com/ee/user/application_security/container_scanning/ The free version of Gitlab supports container scanning but does not support decoration of the merge request with vulnerability details. This extension fills that gap by decorating the merge request with a vulnerability widget. Reference: Container scanning job: https://docs.gitlab.com/ee/user/application_security/container_scanning/ Container scanning report artifact: https://docs.gitlab.com/ee/ci/yaml/artifacts_reports.html#artifactsreportscontainer_scanning
Details
- Version0.0.2
- UpdatedApril 23, 2025
- Offered byAbhinav Sonkar
- Size24.3KiB
- LanguagesEnglish (United States)
- Developer
Email
abhinavcext@gmail.com - Non-traderThis developer has not identified itself as a trader. For consumers in the European Union, please note that consumer rights do not apply to contracts between you and this developer.
Privacy
This developer declares that your data is
- Not being sold to third parties, outside of the approved use cases
- Not being used or transferred for purposes that are unrelated to the item's core functionality
- Not being used or transferred to determine creditworthiness or for lending purposes
