https://romanoroth.com/en/tags/merge-request/Recent content in Merge Request on Romano RothHugo -- gohugo.ioenRomano RothWed, 02 Nov 2022 00:00:00 +0000https://romanoroth.com/en/blogs/gitlab-devsecops-merge-request/Wed, 02 Nov 2022 00:00:00 +0000https://romanoroth.com/en/blogs/gitlab-devsecops-merge-request/<p>In the previous nine sessions Patrick Steger and I built a GitLab DevSecOps pipeline that runs SAST, secret detection, software composition analysis, container scanning and DAST. Useful — but only if it actually catches issues <em>before</em> they reach the default branch. In Part 10 we close that loop: we wire the pipeline into Merge Requests so every change is scanned, the deltas against the default branch are visible, and approvals are required when new high or critical vulnerabilities appear.</p>