mirror of
https://github.com/OpenMW/openmw.git
synced 2025-01-21 06:53:53 +00:00
Merge branch 'disable_sast' into 'master'
Get rid of Gitlab SAST See merge request OpenMW/openmw!2011
This commit is contained in:
psi29a
commit
1a23f7efb8
2 changed files with 0 additions and 88 deletions
|
|
@ -1,14 +1,10 @@
|
|||
default:
|
||||
interruptible: true
|
||||
|
||||
include:
|
||||
- template: Security/SAST.gitlab-ci.yml
|
||||
|
||||
# Note: We set `needs` on each job to control the job DAG.
|
||||
# See https://docs.gitlab.com/ee/ci/yaml/#needs
|
||||
stages:
|
||||
- build
|
||||
- test
|
||||
|
||||
# https://blog.nimbleways.com/let-s-make-faster-gitlab-ci-cd-pipelines/
|
||||
variables:
|
||||
|
|
@ -17,14 +13,6 @@ variables:
|
|||
# These can be specified per job or per pipeline
|
||||
ARTIFACT_COMPRESSION_LEVEL: "fast"
|
||||
CACHE_COMPRESSION_LEVEL: "fast"
|
||||
SAST_EXCLUDED_ANALYZERS: "bandit"
|
||||
SAST_EXCLUDED_PATHS: "extern"
|
||||
|
||||
sast:
|
||||
tags:
|
||||
- docker
|
||||
- linux
|
||||
needs: []
|
||||
|
||||
.Ubuntu_Image:
|
||||
tags:
|
||||
|
|
|
|||
|
|
@ -1,76 +0,0 @@
|
|||
[flawfinder]
|
||||
[[flawfinder.ruleset]]
|
||||
disable = true
|
||||
[flawfinder.ruleset.identifier]
|
||||
type = "flawfinder_func_name"
|
||||
value = "readlink" # openmw isn't a privileged process
|
||||
[[flawfinder.ruleset]]
|
||||
disable = true
|
||||
[flawfinder.ruleset.identifier]
|
||||
type = "flawfinder_func_name"
|
||||
value = "access" # openmw isn't a privileged process
|
||||
[[flawfinder.ruleset]]
|
||||
disable = true
|
||||
[flawfinder.ruleset.identifier]
|
||||
type = "flawfinder_func_name"
|
||||
value = "random" # duh.
|
||||
[[flawfinder.ruleset]]
|
||||
disable = true
|
||||
[flawfinder.ruleset.identifier]
|
||||
type = "flawfinder_func_name"
|
||||
value = "getenv" # duh.
|
||||
[[flawfinder.ruleset]]
|
||||
disable = true
|
||||
[flawfinder.ruleset.identifier]
|
||||
type = "flawfinder_func_name"
|
||||
value = "open" # openmw isn't a privileged process
|
||||
[[flawfinder.ruleset]]
|
||||
disable = true
|
||||
[flawfinder.ruleset.identifier]
|
||||
type = "flawfinder_func_name"
|
||||
value = "char" # too many false positives
|
||||
[[flawfinder.ruleset]]
|
||||
disable = true
|
||||
[flawfinder.ruleset.identifier]
|
||||
type = "flawfinder_func_name"
|
||||
value = "read" # too many false positives
|
||||
[[flawfinder.ruleset]]
|
||||
disable = true
|
||||
[flawfinder.ruleset.identifier]
|
||||
type = "flawfinder_func_name"
|
||||
value = "snprintf" # too many false positives
|
||||
[[flawfinder.ruleset]]
|
||||
disable = true
|
||||
[flawfinder.ruleset.identifier]
|
||||
type = "flawfinder_func_name"
|
||||
value = "strlen" # too many false positives
|
||||
[[flawfinder.ruleset]]
|
||||
disable = true
|
||||
[flawfinder.ruleset.identifier]
|
||||
type = "flawfinder_func_name"
|
||||
value = "mkstemp" # openmw doesn't run on old Unix systems
|
||||
[[flawfinder.ruleset]]
|
||||
disable = true
|
||||
[flawfinder.ruleset.identifier]
|
||||
type = "flawfinder_func_name"
|
||||
value = "fopen" # openmw isn't a privileged process
|
||||
[[flawfinder.ruleset]]
|
||||
disable = true
|
||||
[flawfinder.ruleset.identifier]
|
||||
type = "flawfinder_func_name"
|
||||
value = "equal" # only false positives, sigh
|
||||
[[flawfinder.ruleset]]
|
||||
disable = true
|
||||
[flawfinder.ruleset.identifier]
|
||||
type = "flawfinder_func_name"
|
||||
value = "_snprintf" # only false positives, sigh
|
||||
[[flawfinder.ruleset]]
|
||||
disable = true
|
||||
[flawfinder.ruleset.identifier]
|
||||
type = "flawfinder_func_name"
|
||||
value = "printf" # only false positives, sigh
|
||||
[[flawfinder.ruleset]]
|
||||
disable = true
|
||||
[flawfinder.ruleset.identifier]
|
||||
type = "flawfinder_func_name"
|
||||
value = "system" # only false positives, sigh
|
||||
Loading…
Reference in a new issue