diff --git a/data/deprecations/14-8-sast-dotnet-21.yml b/data/deprecations/14-8-sast-dotnet-21.yml new file mode 100644 index 0000000000000000000000000000000000000000..ab1b3c16b23f76c74dc104f51a6e0ba8842c880a --- /dev/null +++ b/data/deprecations/14-8-sast-dotnet-21.yml @@ -0,0 +1,31 @@ +- name: "SAST support for .NET 2.1" + announcement_milestone: "14.8" + announcement_date: "2022-02-22" + removal_milestone: "15.0" + removal_date: "2022-05-22" + breaking_change: true + reporter: connorgilbert + body: | # Do not modify this line, instead modify the lines below. + The GitLab SAST Security Code Scan analyzer scans .NET code for security vulnerabilities. + For technical reasons, the analyzer must first build the code to scan it. + + In GitLab versions prior to 15.0, the default analyzer image (version 2) includes support for: + + - .NET 2.1 + - .NET 3.0 and .NET Core 3.0 + - .NET Core 3.1 + - .NET 5.0 + + In GitLab 15.0, we will change the default major version for this analyzer from version 2 to version 3. This change: + + - Adds [severity values for vulnerabilities](https://gitlab.com/gitlab-org/gitlab/-/issues/350408) along with [other new features and improvements](https://gitlab.com/gitlab-org/security-products/analyzers/security-code-scan/-/blob/master/CHANGELOG.md). + - Removes .NET 2.1 support. + - Adds support for .NET 6.0, Visual Studio 2019, and Visual Studio 2022. + + Version 3 was [announced in GitLab 14.6](https://about.gitlab.com/releases/2021/12/22/gitlab-14-6-released/#sast-support-for-net-6) and made available as an optional upgrade. + + If you rely on .NET 2.1 support being present in the analyzer image by default, you must take action as detailed in the [deprecation issue for this change](https://gitlab.com/gitlab-org/gitlab/-/issues/352553#breaking-change). +# The following items are not published on the docs page, but may be used in the future. + stage: Secure + tiers: [Free, Silver, Gold, Core, Premium, Ultimate] + issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/352553 diff --git a/doc/update/deprecations.md b/doc/update/deprecations.md index 4768a729cb2da8b77a109143e74b537f3758452c..058b927e966690268cbff8fe7a5843f96d2fc45e 100644 --- a/doc/update/deprecations.md +++ b/doc/update/deprecations.md @@ -1113,6 +1113,36 @@ If you applied customizations to any of the affected analyzers, you must take ac **Planned removal milestone: 15.0 (2022-05-22)** +### SAST support for .NET 2.1 + +WARNING: +This feature will be changed or removed in 15.0 +as a [breaking change](https://docs.gitlab.com/ee/development/contributing/#breaking-changes). +Before updating GitLab, review the details carefully to determine if you need to make any +changes to your code, settings, or workflow. + +The GitLab SAST Security Code Scan analyzer scans .NET code for security vulnerabilities. +For technical reasons, the analyzer must first build the code to scan it. + +In GitLab versions prior to 15.0, the default analyzer image (version 2) includes support for: + +- .NET 2.1 +- .NET 3.0 and .NET Core 3.0 +- .NET Core 3.1 +- .NET 5.0 + +In GitLab 15.0, we will change the default major version for this analyzer from version 2 to version 3. This change: + +- Adds [severity values for vulnerabilities](https://gitlab.com/gitlab-org/gitlab/-/issues/350408) along with [other new features and improvements](https://gitlab.com/gitlab-org/security-products/analyzers/security-code-scan/-/blob/master/CHANGELOG.md). +- Removes .NET 2.1 support. +- Adds support for .NET 6.0, Visual Studio 2019, and Visual Studio 2022. + +Version 3 was [announced in GitLab 14.6](https://about.gitlab.com/releases/2021/12/22/gitlab-14-6-released/#sast-support-for-net-6) and made available as an optional upgrade. + +If you rely on .NET 2.1 support being present in the analyzer image by default, you must take action as detailed in the [deprecation issue for this change](https://gitlab.com/gitlab-org/gitlab/-/issues/352553#breaking-change). + +**Planned removal milestone: 15.0 (2022-05-22)** + ### Support for gRPC-aware proxy deployed between Gitaly and rest of GitLab WARNING: