Item logo image for GitLab MR Vulnerability Widget

GitLab MR Vulnerability Widget

5.0(

5 ratings

)
ExtensionDeveloper Tools26 users
Item media 3 (screenshot) for GitLab MR Vulnerability Widget
Item media 1 (screenshot) for GitLab MR Vulnerability Widget
Item media 2 (screenshot) for GitLab MR Vulnerability Widget
Item media 3 (screenshot) for GitLab MR Vulnerability Widget
Item media 1 (screenshot) for GitLab MR Vulnerability Widget
Item media 1 (screenshot) for GitLab MR Vulnerability Widget
Item media 2 (screenshot) for GitLab MR Vulnerability Widget
Item media 3 (screenshot) for GitLab MR Vulnerability Widget

Overview

Adds a widget to GitLab merge request page showing vulnerabilities detected by Container Scanning.

Update: Now also see Medium vulnerabilities in the widget. Affected version number is included in the widget. This extension adds a widget in the Gitlab merge request page showing critical and high vulnerabilities of a container image generated in the associated pipeline. A container scanning job must exist in the pipeline. This job must generate a container scanning report artifact. To add a container scanning job, follow the steps defined here: https://docs.gitlab.com/ee/user/application_security/container_scanning/ The free version of Gitlab supports container scanning but does not support decoration of the merge request with vulnerability details. This extension fills that gap by decorating the merge request with a vulnerability widget. Reference: Container scanning job: https://docs.gitlab.com/ee/user/application_security/container_scanning/ Container scanning report artifact: https://docs.gitlab.com/ee/ci/yaml/artifacts_reports.html#artifactsreportscontainer_scanning

5 out of 55 ratings

Google doesn't verify reviews. Learn more about results and reviews.

Details

  • Version
    0.0.2
  • Updated
    April 23, 2025
  • Offered by
    Abhinav Sonkar
  • Size
    24.3KiB
  • Languages
    English (United States)
  • Developer
    Email
    abhinavcext@gmail.com
  • Non-trader
    This developer has not identified itself as a trader. For consumers in the European Union, please note that consumer rights do not apply to contracts between you and this developer.

Privacy

The developer has disclosed that it will not collect or use your data.

This developer declares that your data is

  • Not being sold to third parties, outside of the approved use cases
  • Not being used or transferred for purposes that are unrelated to the item's core functionality
  • Not being used or transferred to determine creditworthiness or for lending purposes

Support

Related

GitKraken

4.4(14)

The GitKraken Browser Extension bridges your hosted git repositories to GitKraken Desktop and with GitLens in VS Code.

LeetCode Tracker

4.5(8)

Sync LeetCode's submissions with a GitHub repository

Le Git Graph - Commits Graph for GitHub

4.6(30)

A browser extension that displays the git graph for any GitHub repository.

PullApprove

0.0(0)

Integrates PullApprove into the GitHub interface

CAST Highlight SCA Chrome Extension

5.0(2)

Check health of Open Source components directly from forge websites (github, gitlab, npmjs...)

Plugin Vulnerabilities

5.0(1)

Adds warning message to WordPress Plugin Directory pages when plugins are from developer we have released security advisories for.

Github Code Counter

5.0(3)

A Chrome extension to count lines of code in a GitHub repository.

Review process enhancer

5.0(1)

Extension to enhance the user experience on the Gitlab merge request process

API Call Detector

5.0(1)

Security tool to actively detect external API calls made from displayed web page

DotGit

4.8(12)

An extension for checking if .git is exposed in visited websites

Codecode Review for GitLab

5.0(6)

Adds more features to GitLab code reviews

Library Detector (Academic Tool)

5.0(8)

Detect JavaScript libraries used on the current web page. This tool is supported by academic software engineering researches.

GitKraken

4.4(14)

The GitKraken Browser Extension bridges your hosted git repositories to GitKraken Desktop and with GitLens in VS Code.

LeetCode Tracker

4.5(8)

Sync LeetCode's submissions with a GitHub repository

Le Git Graph - Commits Graph for GitHub

4.6(30)

A browser extension that displays the git graph for any GitHub repository.

PullApprove

0.0(0)

Integrates PullApprove into the GitHub interface

CAST Highlight SCA Chrome Extension

5.0(2)

Check health of Open Source components directly from forge websites (github, gitlab, npmjs...)

Plugin Vulnerabilities

5.0(1)

Adds warning message to WordPress Plugin Directory pages when plugins are from developer we have released security advisories for.

Github Code Counter

5.0(3)

A Chrome extension to count lines of code in a GitHub repository.

Review process enhancer

5.0(1)

Extension to enhance the user experience on the Gitlab merge request process

Google apps