GitLab Adds Security Dashboards
Written by Kay Ewbank   
Thursday, 26 July 2018

The latest update for GitLab is designed to provide better security visibility, alongside contextual views, better code search, and improvements to the UX. GitLab is a web-based repository manager for Git that supports concurrent devops and issue-tracking. 

The new security dashboard is the most visible change. It offers a higher level view of how all security issues are affecting a branch in aggregate, so that security teams can make decisions about the priority of issues so the most important vulnerabilities are tackled first. This information previously had to be collated from reports across Merge Requests. The dashboard can also be used to dismiss false positives.


gitlab security dashboard


The next change to GitLab is the addition of Static Application Security Testing (SAST) for Node.js. Until now, this was limited to C, C++, Go, Java and Python. SAST can be used to see code vulnerabilities when changes are committed to a repository.

Code searching options are another area to have been improved, with improvements to the advanced search syntax so you can filter by filename, path, and extension. These filters are available in both the Web UI and in the API.

The merge request widget info and pipeline sections have been redesigned, so that they appear slightly away form the rest of the widget control. This is intended to make them easier to consume. The developers felt that while the merge request widget is powerful, the fact it shows you so much integrated and relevant information and functions meant some users weren't making best use of the information and pipeline sections.



More Information

GitLab 11.1 Release Notes

Related Articles

GitLab Adds Auto DevOps

Microsoft Buys GitHub - Get Ready For a Bigger Devil

InkScape Moves To GitLab

GitHub Marketplace Now Accepts Free Apps and Offers Free Trials

GitHub Victim Of Its Own Success

Microsoft CodePlex Is Shutting Down 

Microsoft Mass Migration To GitHub 

GitHub Octoverse Reveals The State Of Open Source


To be informed about new articles on I Programmer, sign up for our weekly newsletter, subscribe to the RSS feed and follow us on Twitter, Facebook or Linkedin.


Trusted Language Extensions Bring PostgreSQL Procedural UDFs To The Cloud

Trusted Language Extensions on Amazon allow you to write PostgreSQL user-defined functions for its cloud database offerings in one of several supported programming languages.

Microsoft Releases Dev Home

Microsoft has released a preview version of Dev Home, a new control center for Windows that makes it easy to connect to GitHub and configure cloud development environments like Microsoft Dev Box and G [ ... ]

More News





or email your comment to: