Merge branch 'andysoiron/stip-markup-for-vulnerability-attachment-message' into 'master'

Sanitize link markup for vulnerability chat messages See merge request gitlab-org/gitlab!78669

Merge branch 'andysoiron/stip-markup-for-vulnerability-attachment-message' into 'master'
Sanitize link markup for vulnerability chat messages See merge request gitlab-org/gitlab!78669
2675857c · Markus Koller · dde4fad2 · 60913a4b · 2675857c · 2675857c
Commit 2675857c authored Jan 21, 2022 by Markus Koller
2 changed files
--- a/ee/app/models/integrations/chat_message/vulnerability_message.rb
+++ b/ee/app/models/integrations/chat_message/vulnerability_message.rb
@@ -19,7 +19,7 @@ module Integrations

      def attachments
        [{
-          title: title,
+          title: strip_markup(title),
          title_link: vulnerability_url,
          color: attachment_color,
          fields: attachment_fields

--- a/ee/spec/models/integrations/chat_message/vulnerability_message_spec.rb
+++ b/ee/spec/models/integrations/chat_message/vulnerability_message_spec.rb
@@ -31,6 +31,8 @@ RSpec.describe Integrations::ChatMessage::VulnerabilityMessage do
    }
  end

+  it_behaves_like Integrations::ChatMessage
+
  describe '#message' do
    it 'returns the correct message' do
      expect(subject.message).to eq("Vulnerability detected in [Foobar Project](https://git.example.com/random/foobar)")