https://romanoroth.com/en/tags/gemnasium/Recent content in Gemnasium on Romano RothHugo -- gohugo.ioenRomano RothWed, 17 Aug 2022 00:00:00 +0000https://romanoroth.com/en/blogs/gitlab-devsecops-sca/Wed, 17 Aug 2022 00:00:00 +0000https://romanoroth.com/en/blogs/gitlab-devsecops-sca/<p>Your code is the small part. The libraries you pull in are the big part — and that is where most of your CVEs live. In Part 3 of the GitLab DevSecOps series, Patrick Steger and I bring up a tiny Spring Boot demo, wire it into a GitLab pipeline, and then add Software Composition Analysis with a single include line.</p>