fix(common-pipeline): pin secret detector image version (!172) · Merge requests · Information Services / DevOps / Continuous Delivery / CI Templates

GitLab's secret detector has started generating two spurious Critial severity leak detections due to scanning the .git directory of the cloned project which, as part of the clone process, contains the temporary GitLab CI token.

In the upstream issue, customers are being advised to pin the version to 7.9.0 to work around the issue.

Issue #136 (closed) has been opened to track removal of this workaround.

Closes #135 (closed)

Edited Aug 06, 2025 by Dr Rich Wareham

Admin message

fix(common-pipeline): pin secret detector image version

Merge request reports