Tagged “Renovate”

GitLab Semgrep SAST Analysis... But More

GitLab continues to migrate Static Application Security Testing (SAST) to Semgrep, and makes this available to all GitLab tiers. This analysis only includes the rules that GitLab manages, but there are many more available in the Semgrep Rules project. This post details how to combine the two to get a more comprehensive analysis.

Managing Alpine Linux Based Container Images With Renovate

With it's default configuration, Renovate does a great job of managing container image tag updates. One limitation is that for updates that include an OS in the tag, for example the Alpine Linux version in python:3.11.3-alpine3.17, Renovate only updates Python image tags matching that version, which may limit updates, and doesn't identify any OS updates. This post details how to configure Renovate to work around that limitation for Alpine images.

See all tags.