Hi all, we are currently using the open-source version of GitLab. My question about the analyzers is, are they free to use in this OSS version? What are the differences between the free and the ultimate version in terms of integration with the analyzers and the security package? If you think that this question has no place here, I am also happy about contact from the sales support - then this question can of course be deleted. Thank you!
Sales would be able to go in much more detail but ultimately the sast analyzer and some others in the free tier are free to use in the ci/cd but the will require runners. The ultimate opens up more types of scans, DAST, SCA, etc. The ultimate tier also handles the results and consolidates them into a dashboard. Free tier just artifacts the JSON findings so storing and handling them is left to you which can be a bit of a burden. You could probably programmatically pull them and parse into a tracking software, but the benefit of ultimate is no up front work to get that visibility and unlock more of the different AST tools offered.