8. You chose poorly
Test compliance policies by adding a dependency to the project with open critical vulnerabilities.
-
1. Find the 8-you-chose-poorlybranch inRepository > Branches -
2. Click Merge Requestto create a new MR from this branch -
3. Uncheck Delete source branch when merge request is accepted.if you prefer to keep the branch. -
4. Click Create Merge Request, wait for the pipeline to run -
5. Inspect the dependency scanning results on the Overviewtab -
6. Click Mark as Readyon theOverviewtab -
7. Note that the Merge Request requires approval due to the open vulnerability on the lodash library (although, the rule will be marked "invalid" since the only available approver is the author of the merge request)