Merge branch 'philipcunningham-make-php-support-available-in-glas-523657' into 'main'

Add PHP language support to gitlab-advanced-sast See merge request components/sast!21
2025-07-03 16:58:28 +02:00 · 2025-05-30 15:25:43 +01:00
1 changed files with 2 additions and 2 deletions
--- a/templates/sast.yml
+++ b/templates/sast.yml
@ -201,7 +201,7 @@ semgrep-sast:
  rules:
    - if: '"$[[ inputs.excluded_analyzers ]]" =~ /semgrep/'
      when: never
-    # When gitlab-advanced-sast runs with PHP support enabled, exclude the `*.php` extension, as well as other files already scanned by gitlab-advanced-sast
+    # When advanced SAST runs with PHP support enabled
    - if: '$CI_COMMIT_BRANCH &&
          $GITLAB_FEATURES =~ /\bsast_advanced\b/ &&
          "$[[ inputs.excluded_analyzers ]]" !~ /gitlab-advanced-sast/ &&
@ -210,7 +210,7 @@ semgrep-sast:
      variables:
        SAST_EXCLUDED_PATHS: "$DEFAULT_SAST_EXCLUDED_PATHS, **/*.py, **/*.go, **/*.java, **/*.js, **/*.jsx, **/*.ts, **/*.tsx, **/*.cjs, **/*.mjs, **/*.cs, **/*.rb, **/*.php"
      exists: !reference [.semgrep-with-advanced-sast-exist-rules, exists]
-    # When gitlab-advanced-sast runs but PHP support is disabled, exclude files already scanned by gitlab-advanced-sast
+    # When advanced SAST runs but PHP support is disabled
    - if: '$CI_COMMIT_BRANCH &&
          $GITLAB_FEATURES =~ /\bsast_advanced\b/ &&
          "$[[ inputs.excluded_analyzers ]]" !~ /gitlab-advanced-sast/ &&