Mend for GitLab

Supported GitLab Offerings

This integration only supports Self-Managed instances. It does not currently support GitLab.com instances.

Mend for GitLab integrates into your native GitLab environment, scanning your repositories, as part of your Mend account. It is an integrated product within GitLab that detects all of your open-source components and displays all vulnerabilities for these components.

Mend for GitLab provides you with information on vulnerable and outdated open-source components and generates comprehensive up-to-date reports in the Issues tab and the security dashboard of the scanned project. In addition, you will be able to view the scanned projects in the Mend portal.

Mend for GitLab is part of Mend Developer Integrations and includes automated fix Merge Requests as well as Automated Dependency Updates (as part of Mend Renovate) with Mend Remediate.

Mend for GitLab is a Docker-based integration, deployed on your local environment.

All open-source components are communicated using their sha1 hash value between your local environment and Mend.

Refer to the following sections: