Hi I’m new to gitlab…
I am running CI/CD on a java webapp (spring, jsf) that is built using apache ant in docker. The build works great!.
The issue that I’m having is when I run the sast scanner all of the severities are unknown. Is this normal? This doesn’t seem right to me.
At this point I’m pretty lost. This is a legacy webapp that is being refactored… I know for sure there are security issues with it.
If any could help I would appreciate it!