From 607abc65504dcc8ca0b08c38a3cf3b11a6419504 Mon Sep 17 00:00:00 2001 From: Lindsay Kerr Date: Fri, 11 Dec 2020 21:55:30 +0000 Subject: [PATCH 1/3] Vale errors: future tense fixes --- doc/user/application_security/container_scanning/index.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/doc/user/application_security/container_scanning/index.md b/doc/user/application_security/container_scanning/index.md index 062b0d3e5b01c8..3e28855eb5a5b2 100644 --- a/doc/user/application_security/container_scanning/index.md +++ b/doc/user/application_security/container_scanning/index.md @@ -299,7 +299,7 @@ For details on saving and transporting Docker images as a file, see Docker's doc It can be worthwhile to set up a [scheduled pipeline](../../../ci/pipelines/schedules.md) to build a new version of the vulnerabilities database on a preset schedule. Automating -this with a pipeline means you won't have to do it manually each time. You can use the following +this with a pipeline means you do not have to do it manually each time. You can use the following `.gitlab-yml.ci` as a template: ```yaml @@ -319,7 +319,7 @@ build_latest_vulnerabilities: - docker push $CI_REGISTRY/namespace/clair-vulnerabilities-db ``` -The above template works for a GitLab Docker registry running on a local installation, however, if you're using a non-GitLab Docker registry, you'll need to change the `$CI_REGISTRY` value and the `docker login` credentials to match the details of your local registry. +The above template works for a GitLab Docker registry running on a local installation, however, if you're using a non-GitLab Docker registry, you need to change the `$CI_REGISTRY` value and the `docker login` credentials to match the details of your local registry. ## Running the standalone container scanning tool -- GitLab From 41764b340c96f31ef22014018f9687538ffffc31 Mon Sep 17 00:00:00 2001 From: Lindsay Kerr Date: Fri, 11 Dec 2020 21:59:10 +0000 Subject: [PATCH 2/3] future tense: container security integrations --- doc/development/integrations/secure.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/doc/development/integrations/secure.md b/doc/development/integrations/secure.md index 96e201e6ce706b..234ca5105d4632 100644 --- a/doc/development/integrations/secure.md +++ b/doc/development/integrations/secure.md @@ -217,7 +217,7 @@ then `artifacts:reports:dependency_scanning` must be set to `depscan.json`. ### Exit code -Following the POSIX exit code standard, the scanner will exit with 0 for success and any number from 1 to 255 for anything else. +Following the POSIX exit code standard, the scanner exits with 0 for success and any number from 1 to 255 for anything else. Success also includes the case when vulnerabilities are found. When executing a scanning job using the [Docker-in-Docker privileged mode](../../user/application_security/sast/index.md#requirements), @@ -397,7 +397,7 @@ Not all vulnerabilities have CVEs, and a CVE can be identified multiple times. A isn't a stable identifier and you shouldn't assume it as such when tracking vulnerabilities. The maximum number of identifiers for a vulnerability is set as 20. If a vulnerability has more than 20 identifiers, -the system will save only the first 20 of them. Note that vulnerabilities in the [Pipeline +the system saves only the first 20 of them. Note that vulnerabilities in the [Pipeline Security](../../user/application_security/security_dashboard/#pipeline-security) tab do not enforce this limit and will show all identifiers present in the report artifact. -- GitLab From 1644b6d65b47e0c2ba79673e1a3c60c90190996c Mon Sep 17 00:00:00 2001 From: Lindsay Kerr Date: Fri, 11 Dec 2020 21:59:10 +0000 Subject: [PATCH 3/3] Future tense: container security integrations --- doc/development/integrations/secure.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/doc/development/integrations/secure.md b/doc/development/integrations/secure.md index 96e201e6ce706b..234ca5105d4632 100644 --- a/doc/development/integrations/secure.md +++ b/doc/development/integrations/secure.md @@ -217,7 +217,7 @@ then `artifacts:reports:dependency_scanning` must be set to `depscan.json`. ### Exit code -Following the POSIX exit code standard, the scanner will exit with 0 for success and any number from 1 to 255 for anything else. +Following the POSIX exit code standard, the scanner exits with 0 for success and any number from 1 to 255 for anything else. Success also includes the case when vulnerabilities are found. When executing a scanning job using the [Docker-in-Docker privileged mode](../../user/application_security/sast/index.md#requirements), @@ -397,7 +397,7 @@ Not all vulnerabilities have CVEs, and a CVE can be identified multiple times. A isn't a stable identifier and you shouldn't assume it as such when tracking vulnerabilities. The maximum number of identifiers for a vulnerability is set as 20. If a vulnerability has more than 20 identifiers, -the system will save only the first 20 of them. Note that vulnerabilities in the [Pipeline +the system saves only the first 20 of them. Note that vulnerabilities in the [Pipeline Security](../../user/application_security/security_dashboard/#pipeline-security) tab do not enforce this limit and will show all identifiers present in the report artifact. -- GitLab