[{"data":1,"prerenderedAt":1079},["ShallowReactive",2],{"/ja-jp/blog/sbom-based-dependency-scanning":3,"navigation-ja-jp":302,"banner-ja-jp":720,"footer-ja-jp":729,"blog-post-authors-ja-jp-Mark Settle|Joel Patterson":970,"blog-related-posts-ja-jp-sbom-based-dependency-scanning":996,"blog-promotions-ja-jp":1018,"next-steps-ja-jp":1070},{"id":4,"title":5,"authors":6,"body":9,"category":283,"date":284,"description":285,"extension":286,"externalUrl":287,"featured":288,"heroImage":289,"meta":290,"navigation":291,"path":292,"seo":293,"slug":295,"stem":296,"tags":297,"template":300,"updatedDate":287,"__hash__":301},"blogPosts/ja-jp/blog/sbom-based-dependency-scanning.md","SBOMベースの依存関係スキャンでサプライチェーンリスクを軽減",[7,8],"Mark Settle","Joel Patterson",{"type":10,"value":11,"toc":272},"minimark",[12,29,32,41,46,55,58,65,74,78,81,104,110,116,120,134,137,146,157,161,164,173,191,194,197,206,220,229,233],[13,14,15,16,22,23,28],"p",{},"現代のコードベースの大部分はサードパーティのコードで構成されており、",[17,18,21],"a",{"href":19,"rel":20},"https://about.gitlab.com/ja-jp/blog/pipeline-security-lessons-from-march-supply-chain-incidents/",[],"最近発生した4件のサプライチェーンインシデント","は、侵害された1つのパッケージがそれに依存するすべてのプロジェクトに波及する危険性を示しています。そして、AIの普及がこの問題をさらに深刻化させています。AIが生成するコードの約半数に脆弱性が含まれているという",[17,24,27],{"href":25,"rel":26},"https://cset.georgetown.edu/publication/cybersecurity-risks-of-ai-generated-code/",[],"調査結果","も報告されています。",[13,30,31],{},"GitLabのGemnasiumアナライザーを含む従来の依存関係スキャナーは、「宣言済みのパッケージに既知のCVEはあるか」という1つの問いに答えることを目的として設計されていました。依存関係ツリーがそれほど深くなく、リリースサイクルも現在ほど速くなかった時代には、このアプローチで十分でした。",[13,33,34,35,40],{},"現在のアプリケーションセキュリティチームはより困難な問いに向き合っています。脆弱なパッケージはどのようにしてプロジェクトに混入したのか。それと一緒に何が持ち込まれたのか。そして、コードが実際に使用している依存関係はどれなのか。GitLab 19.0では、これらの問いに答えるために、",[17,36,39],{"href":37,"rel":38},"https://docs.gitlab.com/ja-jp/user/application_security/dependency_scanning/dependency_scanning_sbom/",[],"ソフトウェア部品表（SBOM）を使用した依存関係スキャン","が一般提供（GA）となります。この機能はプロジェクト内のすべての直接的・推移的依存関係を一覧化し、アプリケーションが実際に使用している脆弱なパッケージを特定します。",[42,43,45],"h2",{"id":44},"gitlabによる脆弱な依存関係の検出","GitLabによる脆弱な依存関係の検出",[13,47,48,49,54],{},"SBOMベースの依存関係スキャンは、プロジェクト内のサードパーティライブラリやパッケージの脆弱性を検出する軽量なアナライザーです。依存関係をSBOMとしてカタログ化し、各コンポーネントを",[17,50,53],{"href":51,"rel":52},"https://advisories.gitlab.com/",[],"GitLab Advisory Database","と照合して既知の問題を検出します。",[13,56,57],{},"GitLabは、実際に作業が行われる場所に検出結果を表示します。変更によって生じた脆弱性はマージリクエスト上に表示されるため、デベロッパーはリリース前に修正できます。また、脆弱性ダッシュボードやレポートにも検出結果が表示されるので、セキュリティチームはすべてのプロジェクトの状況を一元的に把握できます。",[13,59,60],{},[61,62],"img",{"alt":63,"src":64,"title":63},"ソフトウェア部品表を表示する依存関係スキャンレポート","https://res.cloudinary.com/about-gitlab-com/image/upload/v1779470339/hqqacbegzzompikjkcij.png",[13,66,67,68,73],{},"このアナライザーは、",[17,69,72],{"href":70,"rel":71},"https://cyclonedx.org/",[],"CycloneDX","形式のSBOMと依存関係スキャンレポートの両方を生成します。これらは機械可読な出力形式で、GitLab内での活用はもちろん、コンプライアンスレポーティングやサプライチェーン管理ツールとの連携にも使用できます。",[42,75,77],{"id":76},"sbomベースの依存関係スキャンでできること","SBOMベースの依存関係スキャンでできること",[13,79,80],{},"SBOMベースの依存関係スキャンは、Gemnasiumベースのアナライザーを超える機能を提供します。",[13,82,83,87,88,92,93,96,97,99,100,103],{},[84,85,86],"strong",{},"推移的依存関係をソースまで追跡"," — アナライザーは、どれほど深くネストされていても推移的依存関係を追跡します。脆弱なパッケージが検出された場合、そのパッケージがプロジェクトに持ち込まれた経路が表示されます。",[89,90,91],"code",{},"library-a","が",[89,94,95],{},"library-b","に依存し、",[89,98,95],{},"が脆弱な",[89,101,102],{},"library-c","に依存している場合、その依存チェーンをたどって対処すべき箇所を特定できます。",[13,105,106,109],{},[84,107,108],{},"コードが実際に影響を受ける脆弱性に集中"," — マニフェストやビルドファイルに含まれるすべての依存関係が、アプリケーション内で実行されているわけではありません。Java、JavaScript／TypeScript、Pythonプロジェクトでは、アナライザーがコードによる脆弱なパッケージの直接インポートや参照の有無を確認し、到達可能な依存関係と推移的に取り込まれているだけで実際には参照されていない依存関係を区別します。各検出結果には到達可能性のステータスが表示されるため、コードが一度もインポートしないパッケージの脆弱性への対応を後回しにし、実際にリスクが生じる箇所への対処に集中できます。",[13,111,112,115],{},[84,113,114],{},"継続的脆弱性スキャン"," — 新しいセキュリティアドバイザリが公開されるたびに、またMRやパイプラインの実行ごとにアナライザーを呼び出せます。アクティブな開発が落ち着いても、コードが本番環境で稼働し続けているプロジェクトでこそ、この機能が特に重要になります。",[42,117,119],{"id":118},"sbomベースの依存関係スキャンの動作を確認する","SBOMベースの依存関係スキャンの動作を確認する",[121,122,125,126],"figure",{"className":123},[124],"video_container","\n  ",[127,128,133],"iframe",{"src":129,"frameBorder":130,"allowFullScreen":131,"title":132},"https://www.youtube.com/embed/r_QjbNUqJT0?si=378NdrSve1GoFklm","0","true","\nDependency Scanning with SBOM GA - GitLab 19"," ",[42,135,136],{"id":136},"対応言語とファイル形式",[13,138,139,140,145],{},"このリリースでは",[17,141,144],{"href":142,"rel":143},"https://docs.gitlab.com/ja-jp/user/application_security/dependency_scanning/dependency_scanning_sbom/#supported-languages-and-files",[],"24以上のパッケージエコシステムに対応","しており、今後のリリースでさらに拡充される予定です。アナライザーがロックファイルや依存関係グラフを直接解析するようになったため、各パッケージマネージャーのビルドツールチェーンを再現する必要がなくなり、新しい言語やファイル形式のサポート追加がこれまでより簡単になりました。",[13,147,148,149,152,153,156],{},"対応するロックファイルや依存関係グラフが利用できない場合、アナライザーは",[89,150,151],{},"pom.xml","、",[89,154,155],{},"requirements.txt","、Gradleビルドファイルなどのマニフェストファイルの解析にフォールバックします。この場合は直接的な依存関係のみが検出され、推移的依存関係は検出されないため、ロックファイルベースのスキャンと比べてカバレッジが低くなります。ロックファイルの使用が推奨されますが、ロックファイルがないプロジェクトの出発点としてマニフェスト解析も活用できます。",[42,158,160],{"id":159},"依存関係スキャンを一度設定して全体に適用する","依存関係スキャンを一度設定して、全体に適用する",[13,162,163],{},"プロジェクト数が増えるにつれて、すべてのプロジェクトに手動でスキャナーを設定することは大きな運用負担となります。設定が漏れるプロジェクトが生まれ、構成内容にばらつきが生じ、誰も把握していなかったギャップが監査で発覚するといった事態につながります。",[13,165,166,167,172],{},"GitLab 19.0には、依存関係スキャン用の",[17,168,171],{"href":169,"rel":170},"https://docs.gitlab.com/ja-jp/user/application_security/configuration/security_configuration_profiles/",[],"セキュリティ設定プロファイル","が搭載されています。セキュリティチームやプラットフォームチームは、各パイプラインを個別に編集する代わりに、スキャンを一度設定して数百のプロジェクトに適用できます。",[13,174,175,180,181,186,187,190],{},[17,176,179],{"href":177,"rel":178},"https://docs.gitlab.com/ja-jp/user/application_security/policies/scan_execution_policies/",[],"スキャン実行ポリシー","と",[17,182,185],{"href":183,"rel":184},"https://docs.gitlab.com/ja-jp/user/application_security/policies/pipeline_execution_policies/",[],"パイプライン実行ポリシー","を使用して、これらのセキュリティ標準を組織全体に強制適用できます。",[89,188,189],{},".gitlab-ci.yml","ファイルを一切変更することなく、複数のプロジェクトにまたがって依存関係スキャンを適用できます。グループまたはインスタンスレベルで要件を一度定義するだけで、ポリシーが自動的にすべての場所に適用されます。",[42,192,193],{"id":193},"今すぐ始める",[13,195,196],{},"SBOMベースの依存関係スキャンはGitLab Ultimateをご契約いただいているお客様にご利用いただけます。GitLab.comではすでに利用可能で、GitLab DedicatedおよびSelf-Managed版のお客様には通常のリリーススケジュールで順次提供されます。",[13,198,199,200,205],{},"Gemnasiumの依存関係スキャナーからの移行を検討しているお客様は、移行期間中に両方のアナライザーを並行して実行できます。",[17,201,204],{"href":202,"rel":203},"https://docs.gitlab.com/ja-jp/user/application_security/dependency_scanning/migration_guide_to_sbom_based_scans/",[],"移行ガイド","では、2つのアナライザーの結果を比較する方法が確認でき、移行手順を追って説明しています。",[13,207,208,209,214,215,219],{},"新規に始める場合は、",[17,210,213],{"href":211,"rel":212},"https://docs.gitlab.com/ja-jp/tutorials/dependency_scanning_by_sbom/",[],"セットアップチュートリアル","の手順に従ってください。設定、対応言語、詳細オプションについては、",[17,216,218],{"href":37,"rel":217},[],"GitLabドキュメント","をご覧ください。",[13,221,222,223,228],{},"依存関係スキャンに関するご要望やアイデアは、",[17,224,227],{"href":225,"rel":226},"https://gitlab.com/gitlab-org/gitlab/-/work_items/523458",[],"フィードバックエピック","よりお寄せください。",[42,230,232],{"id":231},"gitlab-190のその他の内容","GitLab 19.0のその他の内容",[234,235,236,244,251,258,265],"ul",{},[237,238,239],"li",{},[17,240,243],{"href":241,"rel":242},"https://about.gitlab.com/ja-jp/blog/secrets-manager-in-public-beta/",[],"GitLab Secrets ManagerによるCI/CDクレデンシャルの管理",[237,245,246],{},[17,247,250],{"href":248,"rel":249},"https://about.gitlab.com/ja-jp/blog/transform-mrs-to-automated-workflow/",[],"MRを手動タスクから自動化されたワークフローへ",[237,252,253],{},[17,254,257],{"href":255,"rel":256},"https://about.gitlab.com/ja-jp/blog/track-ci-component-usage/",[],"組織全体のCIコンポーネント使用状況を追跡する",[237,259,260],{},[17,261,264],{"href":262,"rel":263},"https://about.gitlab.com/ja-jp/blog/more-ai-models-for-duo-agent-platform-self-hosted/",[],"GitLab Duo Agent Platform Self-Hosted向けに追加されたAIモデル",[237,266,267],{},[17,268,271],{"href":269,"rel":270},"https://about.gitlab.com/blog/security-configuration-profiles/",[],"数分でコードベース全体のセキュリティスキャナーカバレッジを実現",{"title":273,"searchDepth":274,"depth":274,"links":275},"",2,[276,277,278,279,280,281,282],{"id":44,"depth":274,"text":45},{"id":76,"depth":274,"text":77},{"id":118,"depth":274,"text":119},{"id":136,"depth":274,"text":136},{"id":159,"depth":274,"text":160},{"id":193,"depth":274,"text":193},{"id":231,"depth":274,"text":232},"security","2026-05-26","GitLab 19.0でSBOMベースの依存関係スキャンが一般提供開始。プロジェクト内の直接・推移的依存関係を網羅的に一覧化し、脆弱なパッケージがプロジェクトに混入した経路を追跡します。コードが実際に使用している脆弱性を優先的に特定・修正できます。","md",null,false,"https://res.cloudinary.com/about-gitlab-com/image/upload/v1779189265/iqzyhhiwagxzwywvjzow.png",{},true,"/ja-jp/blog/sbom-based-dependency-scanning",{"config":294,"title":5,"description":285},{"noIndex":288},"sbom-based-dependency-scanning","ja-jp/blog/sbom-based-dependency-scanning",[283,298,299],"features","product","BlogPost","h8ygOUaAqJF6OdMkUA1LPKnuF3wH_jX5BPmoQ1BEoVs",{"logo":303,"freeTrial":308,"sales":313,"login":318,"items":323,"search":640,"minimal":673,"duo":690,"switchNav":699,"pricingDeployment":710},{"config":304},{"href":305,"dataGaName":306,"dataGaLocation":307},"/ja-jp/","gitlab logo","header",{"text":309,"config":310},"無料トライアルを開始",{"href":311,"dataGaName":312,"dataGaLocation":307},"https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com/ja-jp&glm_content=default-saas-trial/","free trial",{"text":314,"config":315},"お問い合わせはこちら",{"href":316,"dataGaName":317,"dataGaLocation":307},"/ja-jp/sales/","sales",{"text":319,"config":320},"サインイン",{"href":321,"dataGaName":322,"dataGaLocation":307},"https://gitlab.com/users/sign_in/","sign in",[324,353,455,460,564,620],{"text":325,"config":326,"menu":328},"プラットフォーム",{"dataNavLevelOne":327},"platform",{"type":329,"columns":330},"cards",[331,337,345],{"title":325,"description":332,"link":333},"DevSecOpsに特化したインテリジェントオーケストレーションプラットフォーム",{"text":334,"config":335},"プラットフォームの詳細はこちら",{"href":336,"dataGaName":327,"dataGaLocation":307},"/ja-jp/platform/",{"title":338,"description":339,"link":340},"GitLab Duo Agent Platform","ソフトウェアライフサイクル全体を支えるエージェント型AI",{"text":341,"config":342},"GitLab Duoのご紹介",{"href":343,"dataGaName":344,"dataGaLocation":307},"/ja-jp/gitlab-duo-agent-platform/","gitlab duo agent platform",{"title":346,"description":347,"link":348},"GitLabが選ばれる理由","エンタープライズがGitLabを選ぶ主な理由をご覧ください",{"text":349,"config":350},"詳細はこちら",{"href":351,"dataGaName":352,"dataGaLocation":307},"/ja-jp/why-gitlab/","why gitlab",{"text":354,"left":291,"config":355,"menu":357},"製品",{"dataNavLevelOne":356},"solutions",{"type":358,"link":359,"columns":363,"feature":434},"lists",{"text":360,"config":361},"すべてのソリューションを表示",{"href":362,"dataGaName":356,"dataGaLocation":307},"/ja-jp/solutions/",[364,389,412],{"title":365,"description":366,"link":367,"items":372},"自動化","CI/CDと自動化でデプロイを加速",{"config":368},{"icon":369,"href":370,"dataGaName":371,"dataGaLocation":307},"AutomatedCodeAlt","/ja-jp/solutions/delivery-automation/","automated software delivery",[373,377,380,385],{"text":374,"config":375},"CI/CD",{"href":376,"dataGaLocation":307,"dataGaName":374},"/ja-jp/solutions/continuous-integration/",{"text":338,"config":378},{"href":343,"dataGaLocation":307,"dataGaName":379},"gitlab duo agent platform - product menu",{"text":381,"config":382},"ソースコード管理",{"href":383,"dataGaLocation":307,"dataGaName":384},"/ja-jp/solutions/source-code-management/","Source Code Management",{"text":386,"config":387},"自動化されたソフトウェアデリバリー",{"href":370,"dataGaLocation":307,"dataGaName":388},"Automated software delivery",{"title":390,"description":391,"link":392,"items":397},"セキュリティ","セキュリティを犠牲にすることなくコード作成を高速化",{"config":393},{"href":394,"dataGaName":395,"dataGaLocation":307,"icon":396},"/ja-jp/solutions/application-security-testing/","security and compliance","ShieldCheckLight",[398,402,407],{"text":399,"config":400},"アプリケーションセキュリティテスト",{"href":394,"dataGaName":401,"dataGaLocation":307},"Application security testing",{"text":403,"config":404},"ソフトウェアサプライチェーンセキュリティ",{"href":405,"dataGaLocation":307,"dataGaName":406},"/ja-jp/solutions/supply-chain/","Software supply chain security",{"text":408,"config":409},"ソフトウェアコンプライアンス",{"href":410,"dataGaName":411,"dataGaLocation":307},"/ja-jp/solutions/software-compliance/","software compliance",{"title":413,"link":414,"items":419},"測定",{"config":415},{"icon":416,"href":417,"dataGaName":418,"dataGaLocation":307},"DigitalTransformation","/ja-jp/solutions/visibility-measurement/","visibility and measurement",[420,424,429],{"text":421,"config":422},"可視性と測定",{"href":417,"dataGaLocation":307,"dataGaName":423},"Visibility and Measurement",{"text":425,"config":426},"バリューストリーム管理",{"href":427,"dataGaLocation":307,"dataGaName":428},"/ja-jp/solutions/value-stream-management/","Value Stream Management",{"text":430,"config":431},"分析とインサイト",{"href":432,"dataGaLocation":307,"dataGaName":433},"/ja-jp/solutions/analytics-and-insights/","Analytics and insights",{"title":435,"type":358,"items":436},"GitLabが活躍する場所",[437,443,449],{"text":438,"config":439},"大企業",{"icon":440,"href":441,"dataGaLocation":307,"dataGaName":442},"Building","/ja-jp/enterprise/","enterprise",{"text":444,"config":445},"スモールビジネス",{"icon":446,"href":447,"dataGaLocation":307,"dataGaName":448},"Work","/ja-jp/small-business/","small business",{"text":450,"config":451},"公共部門",{"icon":452,"href":453,"dataGaLocation":307,"dataGaName":454},"Organization","/ja-jp/solutions/public-sector/","public sector",{"text":456,"config":457},"価格",{"href":458,"dataGaName":459,"dataGaLocation":307,"dataNavLevelOne":459},"/ja-jp/pricing/","pricing",{"text":461,"config":462,"menu":464},"関連リソース",{"dataNavLevelOne":463},"resources",{"type":358,"link":465,"columns":469,"feature":553},{"text":466,"config":467},"すべてのリソースを表示",{"href":468,"dataGaName":463,"dataGaLocation":307},"/ja-jp/resources/",[470,503,525],{"title":471,"items":472},"はじめに",[473,478,483,488,493,498],{"text":474,"config":475},"インストール",{"href":476,"dataGaName":477,"dataGaLocation":307},"/ja-jp/install/","install",{"text":479,"config":480},"クイックスタートガイド",{"href":481,"dataGaName":482,"dataGaLocation":307},"/ja-jp/get-started/","quick setup checklists",{"text":484,"config":485},"学ぶ",{"href":486,"dataGaLocation":307,"dataGaName":487},"https://university.gitlab.com/","learn",{"text":489,"config":490},"製品ドキュメント",{"href":491,"dataGaName":492,"dataGaLocation":307},"https://docs.gitlab.com/","product documentation",{"text":494,"config":495},"ベストプラクティスビデオ",{"href":496,"dataGaName":497,"dataGaLocation":307},"/ja-jp/getting-started-videos/","best practice videos",{"text":499,"config":500},"インテグレーション",{"href":501,"dataGaName":502,"dataGaLocation":307},"/ja-jp/integrations/","integrations",{"title":504,"items":505},"検索する",[506,511,516,520],{"text":507,"config":508},"お客様成功事例",{"href":509,"dataGaName":510,"dataGaLocation":307},"/ja-jp/customers/","customer success stories",{"text":512,"config":513},"ブログ",{"href":514,"dataGaName":515,"dataGaLocation":307},"/ja-jp/blog/","blog",{"text":517,"config":518},"The Source",{"href":519,"dataGaName":515,"dataGaLocation":307},"/ja-jp/the-source/",{"text":521,"config":522},"リモート",{"href":523,"dataGaName":524,"dataGaLocation":307},"https://handbook.gitlab.com/handbook/company/culture/all-remote/","remote",{"title":526,"items":527},"つなげる",[528,533,538,543,548],{"text":529,"config":530},"GitLabサービス",{"href":531,"dataGaName":532,"dataGaLocation":307},"/ja-jp/services/","services",{"text":534,"config":535},"コミュニティ",{"href":536,"dataGaName":537,"dataGaLocation":307},"/community/","community",{"text":539,"config":540},"フォーラム",{"href":541,"dataGaName":542,"dataGaLocation":307},"https://forum.gitlab.com/","forum",{"text":544,"config":545},"イベント",{"href":546,"dataGaName":547,"dataGaLocation":307},"/events/","events",{"text":549,"config":550},"パートナー",{"href":551,"dataGaName":552,"dataGaLocation":307},"/ja-jp/partners/","partners",{"config":554,"title":557,"text":558,"link":559},{"background":555,"textColor":556},"url('https://res.cloudinary.com/about-gitlab-com/image/upload/v1777322348/qpq8yrgn8knii57omj0c.png')","#000","GitLabの最新情報","最新の機能と改善点に関する情報をお届けします。",{"text":560,"config":561},"最新情報を読む",{"href":562,"dataGaName":563,"dataGaLocation":307},"/ja-jp/whats-new/","whats new",{"text":565,"config":566,"menu":568},"企業情報",{"dataNavLevelOne":567},"company",{"type":358,"columns":569},[570],{"items":571},[572,577,583,585,590,595,600,605,610,615],{"text":573,"config":574},"GitLabについて",{"href":575,"dataGaName":576,"dataGaLocation":307},"/ja-jp/company/","about",{"text":578,"config":579,"footerGa":582},"採用情報",{"href":580,"dataGaName":581,"dataGaLocation":307},"/jobs/","jobs",{"dataGaName":581},{"text":544,"config":584},{"href":546,"dataGaName":547,"dataGaLocation":307},{"text":586,"config":587},"経営陣",{"href":588,"dataGaName":589,"dataGaLocation":307},"/company/team/e-group/","leadership",{"text":591,"config":592},"ハンドブック",{"href":593,"dataGaName":594,"dataGaLocation":307},"https://handbook.gitlab.com/","handbook",{"text":596,"config":597},"投資家向け情報",{"href":598,"dataGaName":599,"dataGaLocation":307},"https://ir.gitlab.com/","investor relations",{"text":601,"config":602},"トラストセンター",{"href":603,"dataGaName":604,"dataGaLocation":307},"/ja-jp/security/","trust center",{"text":606,"config":607},"AI Transparency Center",{"href":608,"dataGaName":609,"dataGaLocation":307},"/ja-jp/ai-transparency-center/","ai transparency center",{"text":611,"config":612},"ニュースレター",{"href":613,"dataGaName":614,"dataGaLocation":307},"/company/contact/#contact-forms","newsletter",{"text":616,"config":617},"プレス",{"href":618,"dataGaName":619,"dataGaLocation":307},"/press/","press",{"text":621,"config":622,"menu":623},"お問い合わせ",{"dataNavLevelOne":567},{"type":358,"columns":624},[625],{"items":626},[627,630,635],{"text":314,"config":628},{"href":316,"dataGaName":629,"dataGaLocation":307},"talk to sales",{"text":631,"config":632},"サポートを受ける",{"href":633,"dataGaName":634,"dataGaLocation":307},"https://support.gitlab.com","support portal",{"text":636,"config":637},"カスタマーポータル",{"href":638,"dataGaName":639,"dataGaLocation":307},"https://customers.gitlab.com/customers/sign_in/","customer portal",{"close":641,"login":642,"suggestions":649},"閉じる",{"text":643,"link":644},"リポジトリとプロジェクトを検索するには、次にログインします",{"text":645,"config":646},"GitLab.com",{"href":321,"dataGaName":647,"dataGaLocation":648},"search login","search",{"text":650,"default":651},"提案",[652,654,659,661,665,669],{"text":338,"config":653},{"href":343,"dataGaName":338,"dataGaLocation":648},{"text":655,"config":656},"コード提案（AI）",{"href":657,"dataGaName":658,"dataGaLocation":648},"/ja-jp/solutions/code-suggestions/","Code Suggestions (AI)",{"text":374,"config":660},{"href":376,"dataGaName":374,"dataGaLocation":648},{"text":662,"config":663},"GitLab on AWS",{"href":664,"dataGaName":662,"dataGaLocation":648},"/ja-jp/partners/technology-partners/aws/",{"text":666,"config":667},"GitLab on Google Cloud",{"href":668,"dataGaName":666,"dataGaLocation":648},"/ja-jp/partners/technology-partners/google-cloud-platform/",{"text":670,"config":671},"GitLabを選ぶ理由",{"href":351,"dataGaName":672,"dataGaLocation":648},"Why GitLab?",{"freeTrial":674,"mobileIcon":678,"desktopIcon":683,"secondaryButton":686},{"text":309,"config":675},{"href":676,"dataGaName":312,"dataGaLocation":677},"https://gitlab.com/-/trials/new/","nav",{"altText":679,"config":680},"GitLabアイコン",{"src":681,"dataGaName":682,"dataGaLocation":677},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1758203874/jypbw1jx72aexsoohd7x.svg","gitlab icon",{"altText":679,"config":684},{"src":685,"dataGaName":682,"dataGaLocation":677},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1758203875/gs4c8p8opsgvflgkswz9.svg",{"text":471,"config":687},{"href":688,"dataGaName":689,"dataGaLocation":677},"https://gitlab.com/-/trial_registrations/new?glm_source=about.gitlab.com/ja-jp/get-started/","get started",{"freeTrial":691,"mobileIcon":695,"desktopIcon":697},{"text":692,"config":693},"GitLab Duoの詳細について",{"href":343,"dataGaName":694,"dataGaLocation":677},"gitlab duo",{"altText":679,"config":696},{"src":681,"dataGaName":682,"dataGaLocation":677},{"altText":679,"config":698},{"src":685,"dataGaName":682,"dataGaLocation":677},{"button":700,"mobileIcon":705,"desktopIcon":707},{"text":701,"config":702},"/switch",{"href":703,"dataGaName":704,"dataGaLocation":677},"#contact","switch",{"altText":679,"config":706},{"src":681,"dataGaName":682,"dataGaLocation":677},{"altText":679,"config":708},{"src":709,"dataGaName":682,"dataGaLocation":677},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1773335277/ohhpiuoxoldryzrnhfrh.png",{"freeTrial":711,"mobileIcon":716,"desktopIcon":718},{"text":712,"config":713},"料金ページに戻る",{"href":458,"dataGaName":714,"dataGaLocation":677,"icon":715},"back to pricing","GoBack",{"altText":679,"config":717},{"src":681,"dataGaName":682,"dataGaLocation":677},{"altText":679,"config":719},{"src":685,"dataGaName":682,"dataGaLocation":677},{"title":721,"button":722,"config":727},"エージェント型AIがソフトウェアデリバリーをどのように変革するかをご覧ください",{"text":723,"config":724},"6月18日のGitLab Transcend日本開催版に申し込む",{"href":725,"dataGaName":726,"dataGaLocation":307},"/ja-jp/events/transcend/virtual/","transcend event",{"layout":728,"disabled":288},"release",{"data":730},{"text":731,"source":732,"edit":738,"contribute":743,"config":748,"items":753,"minimal":961},"GitはSoftware Freedom Conservancyの商標です。当社は「GitLab」をライセンスに基づいて使用しています",{"text":733,"config":734},"ページのソースを表示",{"href":735,"dataGaName":736,"dataGaLocation":737},"https://gitlab.com/gitlab-com/marketing/digital-experience/about-gitlab-com/","page source","footer",{"text":739,"config":740},"このページを編集",{"href":741,"dataGaName":742,"dataGaLocation":737},"https://gitlab.com/gitlab-com/marketing/digital-experience/about-gitlab-com/-/blob/main/content/","web ide",{"text":744,"config":745},"ご協力をお願いします",{"href":746,"dataGaName":747,"dataGaLocation":737},"https://gitlab.com/gitlab-com/marketing/digital-experience/about-gitlab-com/-/blob/main/CONTRIBUTING.md/","please contribute",{"twitter":749,"facebook":750,"youtube":751,"linkedin":752},"https://twitter.com/gitlab","https://www.facebook.com/gitlab","https://www.youtube.com/channel/UCnMGQ8QHMAnVIsI3xJrihhg","https://www.linkedin.com/company/gitlab-com",[754,799,852,896,928],{"title":456,"links":755,"subMenu":770},[756,760,765],{"text":757,"config":758},"プランの表示",{"href":458,"dataGaName":759,"dataGaLocation":737},"view plans",{"text":761,"config":762},"Premiumを選ぶ理由",{"href":763,"dataGaName":764,"dataGaLocation":737},"/ja-jp/pricing/premium/","why premium",{"text":766,"config":767},"Ultimateを選ぶ理由",{"href":768,"dataGaName":769,"dataGaLocation":737},"/ja-jp/pricing/ultimate/","why ultimate",[771],{"title":621,"links":772},[773,775,777,779,784,789,794],{"text":621,"config":774},{"href":316,"dataGaName":317,"dataGaLocation":737},{"text":631,"config":776},{"href":633,"dataGaName":634,"dataGaLocation":737},{"text":636,"config":778},{"href":638,"dataGaName":639,"dataGaLocation":737},{"text":780,"config":781},"ステータス",{"href":782,"dataGaName":783,"dataGaLocation":737},"https://status.gitlab.com/","status",{"text":785,"config":786},"利用規約",{"href":787,"dataGaName":788,"dataGaLocation":737},"/terms/","terms of use",{"text":790,"config":791},"プライバシーに関する声明",{"href":792,"dataGaName":793,"dataGaLocation":737},"/ja-jp/privacy/","privacy statement",{"text":795,"config":796},"Cookie 優先設定",{"dataGaName":797,"dataGaLocation":737,"id":798,"isOneTrustButton":291},"cookie preferences","ot-sdk-btn",{"title":354,"links":800,"subMenu":809},[801,805],{"text":802,"config":803},"DevSecOpsプラットフォーム",{"href":336,"dataGaName":804,"dataGaLocation":737},"devsecops platform",{"text":806,"config":807},"AI支援開発",{"href":343,"dataGaName":808,"dataGaLocation":737},"ai-assisted development",[810],{"title":811,"links":812},"トピック",[813,817,822,827,832,837,842,847],{"text":374,"config":814},{"href":815,"dataGaName":816,"dataGaLocation":737},"/ja-jp/topics/ci-cd/","cicd",{"text":818,"config":819},"GitOps",{"href":820,"dataGaName":821,"dataGaLocation":737},"/ja-jp/topics/gitops/","gitops",{"text":823,"config":824},"DevOps",{"href":825,"dataGaName":826,"dataGaLocation":737},"/ja-jp/topics/devops/","devops",{"text":828,"config":829},"バージョン管理",{"href":830,"dataGaName":831,"dataGaLocation":737},"/ja-jp/topics/version-control/","version control",{"text":833,"config":834},"DevSecOps",{"href":835,"dataGaName":836,"dataGaLocation":737},"/ja-jp/topics/devsecops/","devsecops",{"text":838,"config":839},"クラウドネイティブ",{"href":840,"dataGaName":841,"dataGaLocation":737},"/ja-jp/topics/cloud-native/","cloud native",{"text":843,"config":844},"コーディングのためのAI",{"href":845,"dataGaName":846,"dataGaLocation":737},"/ja-jp/topics/devops/ai-for-coding/","ai for coding",{"text":848,"config":849},"エージェント型AI",{"href":850,"dataGaName":851,"dataGaLocation":737},"/ja-jp/topics/agentic-ai/","agentic ai",{"title":853,"links":854},"ソリューション",[855,858,860,865,869,872,875,878,881,883,886,891],{"text":399,"config":856},{"href":394,"dataGaName":857,"dataGaLocation":737},"Application Security Testing",{"text":386,"config":859},{"href":370,"dataGaName":371,"dataGaLocation":737},{"text":861,"config":862},"アジャイル開発",{"href":863,"dataGaName":864,"dataGaLocation":737},"/ja-jp/solutions/agile-delivery/","agile delivery",{"text":866,"config":867},"SCM",{"href":383,"dataGaName":868,"dataGaLocation":737},"source code management",{"text":374,"config":870},{"href":376,"dataGaName":871,"dataGaLocation":737},"continuous integration & delivery",{"text":425,"config":873},{"href":427,"dataGaName":874,"dataGaLocation":737},"value stream management",{"text":818,"config":876},{"href":877,"dataGaName":821,"dataGaLocation":737},"/ja-jp/solutions/gitops/",{"text":879,"config":880},"エンタープライズ",{"href":441,"dataGaName":442,"dataGaLocation":737},{"text":444,"config":882},{"href":447,"dataGaName":448,"dataGaLocation":737},{"text":884,"config":885},"公共機関",{"href":453,"dataGaName":454,"dataGaLocation":737},{"text":887,"config":888},"教育",{"href":889,"dataGaName":890,"dataGaLocation":737},"/ja-jp/solutions/education/","education",{"text":892,"config":893},"金融サービス",{"href":894,"dataGaName":895,"dataGaLocation":737},"/ja-jp/solutions/finance/","financial services",{"title":897,"links":898},"リソース",[899,901,903,905,909,911,914,916,918,920,922,924,926],{"text":474,"config":900},{"href":476,"dataGaName":477,"dataGaLocation":737},{"text":479,"config":902},{"href":481,"dataGaName":482,"dataGaLocation":737},{"text":484,"config":904},{"href":486,"dataGaName":487,"dataGaLocation":737},{"text":489,"config":906},{"href":907,"dataGaName":908,"dataGaLocation":737},"https://docs.gitlab.com/ja-jp/","docs",{"text":512,"config":910},{"href":514,"dataGaName":515,"dataGaLocation":737},{"text":912,"config":913},"新着情報",{"href":562,"dataGaName":563,"dataGaLocation":737},{"text":507,"config":915},{"href":509,"dataGaName":510,"dataGaLocation":737},{"text":521,"config":917},{"href":523,"dataGaName":524,"dataGaLocation":737},{"text":529,"config":919},{"href":531,"dataGaName":532,"dataGaLocation":737},{"text":534,"config":921},{"href":536,"dataGaName":537,"dataGaLocation":737},{"text":539,"config":923},{"href":541,"dataGaName":542,"dataGaLocation":737},{"text":544,"config":925},{"href":546,"dataGaName":547,"dataGaLocation":737},{"text":549,"config":927},{"href":551,"dataGaName":552,"dataGaLocation":737},{"title":929,"links":930},"会社情報",[931,933,935,937,939,941,945,950,952,954,956],{"text":573,"config":932},{"href":575,"dataGaName":567,"dataGaLocation":737},{"text":578,"config":934},{"href":580,"dataGaName":581,"dataGaLocation":737},{"text":586,"config":936},{"href":588,"dataGaName":589,"dataGaLocation":737},{"text":591,"config":938},{"href":593,"dataGaName":594,"dataGaLocation":737},{"text":596,"config":940},{"href":598,"dataGaName":599,"dataGaLocation":737},{"text":942,"config":943},"Sustainability",{"href":944,"dataGaName":942,"dataGaLocation":737},"/sustainability/",{"text":946,"config":947},"ダイバーシティ、インクルージョン、ビロンギング（DIB）",{"href":948,"dataGaName":949,"dataGaLocation":737},"/ja-jp/diversity-inclusion-belonging/","Diversity, inclusion and belonging",{"text":601,"config":951},{"href":603,"dataGaName":604,"dataGaLocation":737},{"text":611,"config":953},{"href":613,"dataGaName":614,"dataGaLocation":737},{"text":616,"config":955},{"href":618,"dataGaName":619,"dataGaLocation":737},{"text":957,"config":958},"現代奴隷制の透明性に関する声明",{"href":959,"dataGaName":960,"dataGaLocation":737},"https://handbook.gitlab.com/handbook/legal/modern-slavery-act-transparency-statement/","modern slavery transparency statement",{"items":962},[963,965,968],{"text":785,"config":964},{"href":787,"dataGaName":788,"dataGaLocation":737},{"text":966,"config":967},"Cookieの設定",{"dataGaName":797,"dataGaLocation":737,"id":798,"isOneTrustButton":291},{"text":790,"config":969},{"href":792,"dataGaName":793,"dataGaLocation":737},[971,985],{"id":972,"title":7,"body":287,"config":973,"content":975,"description":287,"extension":979,"meta":980,"navigation":291,"path":981,"seo":982,"stem":983,"__hash__":984},"blogAuthors/en-us/blog/authors/mark-settle.yml",{"template":974},"BlogAuthor",{"name":7,"config":976},{"headshot":977,"ctfId":978},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1779215794/fw131xublkzdvjdadd4q.png","marksettle","yml",{},"/en-us/blog/authors/mark-settle",{},"en-us/blog/authors/mark-settle","aur3jcqDyhashUtyXhd1W7N3ZrN09waCQv135AABEt4",{"id":986,"title":8,"body":287,"config":987,"content":988,"description":287,"extension":979,"meta":991,"navigation":291,"path":992,"seo":993,"stem":994,"__hash__":995},"blogAuthors/en-us/blog/authors/joel-patterson.yml",{"template":974},{"name":8,"config":989},{"headshot":990},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1779470299/ogjvh6vwl4jv6g69mjzl.jpg",{},"/en-us/blog/authors/joel-patterson",{},"en-us/blog/authors/joel-patterson","d20r_vnYvJS-Lm4joe8-19EJbQDBUfE59dcCRokaeA4",[997,1003,1010],{"title":998,"description":999,"heroImage":289,"category":283,"date":284,"authors":1000,"slug":1002,"externalUrl":287},"数分でコードベース全体のセキュリティスキャンを完全カバー","GitLab 19.0のセキュリティ設定プロファイルを活用すると、SAST・依存関係スキャン・シークレット検出を数千のプロジェクトに一括適用できます。YAMLファイルを編集せずにスキャナーカバレッジを迅速に確立し、セキュリティの抜け漏れをなくします。",[1001],"Michael Omokoh","security-configuration-profiles",{"title":1004,"description":1005,"heroImage":289,"category":283,"date":1006,"authors":1007,"slug":1009,"externalUrl":287},"GitLab Secrets ManagerでCI/CD認証情報を管理","CI/CD変数への認証情報の保存をやめましょう。GitLab Secrets Managerでは、各シークレットを環境またはブランチにスコープし、コードと同じアクセス制御で管理できます。GitLab 19.0でパブリックベータ版を提供開始。","2026-05-21",[1008,7],"Joe Randazzo","secrets-manager-in-public-beta",{"title":1011,"description":1012,"heroImage":1013,"category":283,"date":1014,"authors":1015,"slug":1017,"externalUrl":287},"誤解を招く脆弱性の重大度を、ポリシーで修正する5つの方法","デフォルトのCVSSスコアは実際のリスクを反映していません。GitLabの重大度オーバーライドポリシーを使用すると、CVE、CWE、ファイルパス、ディレクトリを条件として重大度を自動調整し、実際のリスクに即した脆弱性レポートを実現できます。","https://res.cloudinary.com/about-gitlab-com/image/upload/v1772630163/akp8ly2mrsfrhsb0liyb.png","2026-05-13",[1016],"Grant Hickman","severity-override-vulnerability-management-policy",{"promotions":1019},[1020,1034,1045,1056],{"id":1021,"categories":1022,"header":1024,"text":1025,"button":1026,"image":1031},"ai-modernization",[1023],"ai","AIの真価、組織全体で発揮できていますか？","所要時間は5分以内です",{"text":1027,"config":1028},"AI成熟度スコアを確認する",{"href":1029,"dataGaName":1030,"dataGaLocation":515},"/ja-jp/assessments/ai-modernization-assessment/","modernization assessment",{"config":1032},{"src":1033},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1772138786/qix0m7kwnd8x2fh1zq49.png",{"id":1035,"categories":1036,"header":1037,"text":1025,"button":1038,"image":1042},"devops-modernization",[299,836],"単にツールを管理するだけでなく、イノベーションを提供していますか？",{"text":1039,"config":1040},"DevOps成熟度スコアを確認しましょう",{"href":1041,"dataGaName":1030,"dataGaLocation":515},"/ja-jp/assessments/devops-modernization-assessment/",{"config":1043},{"src":1044},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1772138785/eg818fmakweyuznttgid.png",{"id":1046,"categories":1047,"header":1048,"text":1025,"button":1049,"image":1053},"security-modernization",[283],"スピードのためにセキュリティを犠牲にしていませんか？",{"text":1050,"config":1051},"セキュリティ成熟度スコアを確認しましょう",{"href":1052,"dataGaName":1030,"dataGaLocation":515},"/ja-jp/assessments/security-modernization-assessment/",{"config":1054},{"src":1055},"https://res.cloudinary.com/about-gitlab-com/image/upload/v1772138786/p4pbqd9nnjejg5ds6mdk.png",{"id":1057,"paths":1058,"header":1061,"text":1062,"button":1063,"image":1068},"github-azure-migration",[1059,1060],"migration-from-azure-devops-to-gitlab","integrating-azure-devops-scm-and-gitlab","チームはGitHubのAzure移行に対応できていますか？","GitHubはすでにAzureを基盤として再構築を進めています。それがあなたのチームにとって何を意味するのか、ご確認ください。",{"text":1064,"config":1065},"GitLabとGitHubの比較を見る",{"href":1066,"dataGaName":1067,"dataGaLocation":515},"/ja-jp/compare/gitlab-vs-github/github-azure-migration/","github azure migration",{"config":1069},{"src":1044},{"header":1071,"blurb":1072,"button":1073,"secondaryButton":1077},"今すぐ開発をスピードアップ","DevSecOpsに特化したインテリジェントオーケストレーションプラットフォームで実現できることをご確認ください。\n",{"text":309,"config":1074},{"href":1075,"dataGaName":312,"dataGaLocation":1076},"https://gitlab.com/-/trial_registrations/new?glm_content=default-saas-trial&glm_source=about.gitlab.com/ja-jp/","feature",{"text":621,"config":1078},{"href":316,"dataGaName":317,"dataGaLocation":1076},1781392785859]