GitLab MR Vulnerability Widgetin Chrome with by

Name: GitLab MR Vulnerability Widget in Chrome with OffiDocs
Brand: OffiDocs
SKU: 331995fde0f5afbfeae53ef62c365d81
Availability: OnlineOnly
Rating: 4.94 (3128 reviews)

GitLab MR Vulnerability Widget screen for extension Chrome web store in OffiDocs Chromium

Run with Chromium online

GitLab MR Vulnerability Widget from Chrome web store to be run with OffiDocs Chromium online

DESCRIPTION

Adds a widget to GitLab merge request page showing vulnerabilities detected by Container Scanning.

Update:
Now also see Medium vulnerabilities in the widget.
Affected version number is included in the widget.

This extension adds a widget in the Gitlab merge request page showing critical and high vulnerabilities of a container image generated in the associated pipeline.

A container scanning job must exist in the pipeline. This job must generate a container scanning report artifact. To add a container scanning job, follow the steps defined here: https://docs.gitlab.com/ee/user/application_security/container_scanning/

The free version of Gitlab supports container scanning but does not support decoration of the merge request with vulnerability details. This extension fills that gap by decorating the merge request with a vulnerability widget.

Reference:
Container scanning job: https://docs.gitlab.com/ee/user/application_security/container_scanning/
Container scanning report artifact: https://docs.gitlab.com/ee/ci/yaml/artifacts_reports.html#artifactsreportscontainer_scanning

GitLab MR Vulnerability Widget web extension integrated with the OffiDocs Chromium online