From 1aeafc5e53a8d3b9dee0ccac1dccc4bf543b6c47 Mon Sep 17 00:00:00 2001
From: John Crowley <jcrowley@gitlab.com>
Date: Fri, 14 Feb 2025 20:52:28 +0000
Subject: [PATCH] Update file
 17-9-ast-dast-crawl-extract-search-timeout-envs.yml

---
 ...cate-crawl-extract-search-timeout-envs.yml | 21 +++++++++++++++++++
 doc/update/deprecations.md                    | 18 ++++++++++++++++
 2 files changed, 39 insertions(+)
 create mode 100644 data/deprecations/17-9-ast-da-deprecate-crawl-extract-search-timeout-envs.yml

diff --git a/data/deprecations/17-9-ast-da-deprecate-crawl-extract-search-timeout-envs.yml b/data/deprecations/17-9-ast-da-deprecate-crawl-extract-search-timeout-envs.yml
new file mode 100644
index 0000000000000..ae9df18a726a5
--- /dev/null
+++ b/data/deprecations/17-9-ast-da-deprecate-crawl-extract-search-timeout-envs.yml
@@ -0,0 +1,21 @@
+- title: "DAST `dast_crawl_extract_element_timeout` and `dast_crawl_search_element_timeout` variables are deprecated"
+  removal_milestone: "18.0"
+  announcement_milestone: "17.9"
+  breaking_change: false
+  window: 1
+  reporter: DavidNelsonGL
+  stage: application security testing
+  issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/517250
+  impact: low
+  scope: project
+  resolution_role: Developer
+  manual_task: true
+  body: |  # (required) Don't change this line.
+   The DAST variables `DAST_CRAWL_EXTRACT_ELEMENT_TIMEOUT` and `DAST_CRAWL_SEARCH_ELEMENT_TIMEOUT` are deprecated and will be removed in GitLab 18.0.
+   When they were introduced, the variables provided granular timeout controls for specific browser interactions. These interactions are now governed by a common timeout value, which makes the variables unnecessary. In addition, because of an underlying implementation issue, the variables haven't been functional since the introduction of the DAST browser-based analyzer.
+   Removing these two variables will simplify DAST configuration, and provide a better onboarding experience for users.
+  end_of_support_milestone:
+  tiers: [Ultimate]
+  documentation_url: https://docs.gitlab.com/ee/user/application_security/dast/browser/configuration/variables.html
+  image_url:
+  video_url:
diff --git a/doc/update/deprecations.md b/doc/update/deprecations.md
index 5681ceae15217..691070d12c6dc 100644
--- a/doc/update/deprecations.md
+++ b/doc/update/deprecations.md
@@ -595,6 +595,24 @@ To continue showing these findings, you must configure the `CS_SEVERITY_THRESHOL
 
 </div>
 
+<div class="deprecation " data-milestone="18.0">
+
+### DAST `dast_crawl_extract_element_timeout` and `dast_crawl_search_element_timeout` variables are deprecated
+
+<div class="deprecation-notes">
+
+- Announced in GitLab <span class="milestone">17.9</span>
+- Removal in GitLab <span class="milestone">18.0</span>
+- To discuss this change or learn more, see the [deprecation issue](https://gitlab.com/gitlab-org/gitlab/-/issues/517250).
+
+</div>
+
+The DAST variables `DAST_CRAWL_EXTRACT_ELEMENT_TIMEOUT` and `DAST_CRAWL_SEARCH_ELEMENT_TIMEOUT` are deprecated and will be removed in GitLab 18.0.
+When they were introduced, the variables provided granular timeout controls for specific browser interactions. These interactions are now governed by a common timeout value, which makes the variables unnecessary. In addition, because of an underlying implementation issue, the variables haven't been functional since the introduction of the DAST browser-based analyzer.
+Removing these two variables will simplify DAST configuration, and provide a better onboarding experience for users.
+
+</div>
+
 <div class="deprecation breaking-change" data-milestone="18.0">
 
 ### DAST `dast_devtools_api_timeout` will have a lower default value
-- 
GitLab