Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
40c31a56
Commit
40c31a56
authored
Mar 01, 2021
by
Savas Vedova
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Make vulnerability file path linkable
- Update specs - Add changelog
parent
db66f1cf
Changes
6
Hide whitespace changes
Inline
Side-by-side
Showing
6 changed files
with
30 additions
and
10 deletions
+30
-10
ee/app/assets/javascripts/security_dashboard/components/vulnerability_list.vue
...ipts/security_dashboard/components/vulnerability_list.vue
+11
-4
ee/app/assets/javascripts/security_dashboard/graphql/fragments/vulnerability.fragment.graphql
...ashboard/graphql/fragments/vulnerability.fragment.graphql
+3
-0
ee/changelogs/unreleased/267509-make-file-path-link.yml
ee/changelogs/unreleased/267509-make-file-path-link.yml
+5
-0
ee/spec/frontend/security_dashboard/components/mock_data.js
ee/spec/frontend/security_dashboard/components/mock_data.js
+2
-0
ee/spec/frontend/security_dashboard/components/vulnerability_list_spec.js
.../security_dashboard/components/vulnerability_list_spec.js
+9
-3
locale/gitlab.pot
locale/gitlab.pot
+0
-3
No files found.
ee/app/assets/javascripts/security_dashboard/components/vulnerability_list.vue
View file @
40c31a56
...
...
@@ -20,7 +20,7 @@ import RemediatedBadge from 'ee/vulnerabilities/components/remediated_badge.vue'
import
{
VULNERABILITY_STATES
}
from
'
ee/vulnerabilities/constants
'
;
import
{
formatDate
}
from
'
~/lib/utils/datetime_utility
'
;
import
{
convertToSnakeCase
}
from
'
~/lib/utils/text_utility
'
;
import
{
s__
,
__
,
sprintf
}
from
'
~/locale
'
;
import
{
s__
,
__
}
from
'
~/locale
'
;
import
LocalStorageSync
from
'
~/vue_shared/components/local_storage_sync.vue
'
;
import
{
VULNERABILITIES_PER_PAGE
}
from
'
../store/constants
'
;
import
IssuesBadge
from
'
./issues_badge.vue
'
;
...
...
@@ -230,7 +230,7 @@ export default {
}
if
(
file
&&
startLine
)
{
return
`
${
file
}
${
sprintf
(
__
(
'
(line: %{startLine})
'
),
{
startLine
})
}
`
;
return
`
${
file
}
:
${
startLine
}
`
;
}
if
(
path
)
{
...
...
@@ -248,6 +248,11 @@ export default {
extraIdentifierCount
(
identifiers
)
{
return
identifiers
?.
length
-
1
;
},
fileUrl
(
vulnerability
)
{
const
{
startLine
:
start
,
endLine
:
end
}
=
vulnerability
.
location
;
const
lineNumber
=
end
>
start
?
`
${
start
}
-
${
end
}
`
:
start
;
return
(
vulnerability
.
location
.
blobPath
||
''
)
+
(
lineNumber
?
`#L
${
lineNumber
}
`
:
''
);
},
primaryIdentifier
(
identifiers
)
{
return
getPrimaryIdentifier
(
identifiers
,
'
externalType
'
);
},
...
...
@@ -421,8 +426,10 @@ export default {
<div
v-if=
"shouldShowProjectNamespace"
>
{{
item
.
project
.
nameWithNamespace
}}
</div>
<div
v-if=
"shouldShowVulnerabilityPath(item)"
class=
"monospace"
>
<gl-truncate
:text=
"createLocationString(item.location)"
position=
"middle"
/>
<div
v-if=
"shouldShowVulnerabilityPath(item)"
>
<gl-link
:href=
"fileUrl(item)"
>
<gl-truncate
:text=
"createLocationString(item.location)"
position=
"middle"
/>
</gl-link>
</div>
</div>
</
template
>
...
...
ee/app/assets/javascripts/security_dashboard/graphql/fragments/vulnerability.fragment.graphql
View file @
40c31a56
...
...
@@ -27,13 +27,16 @@ fragment Vulnerability on Vulnerability {
image
}
...
on
VulnerabilityLocationDependencyScanning
{
blobPath
file
}
...
on
VulnerabilityLocationSast
{
blobPath
file
startLine
}
...
on
VulnerabilityLocationSecretDetection
{
blobPath
file
startLine
}
...
...
ee/changelogs/unreleased/267509-make-file-path-link.yml
0 → 100644
View file @
40c31a56
---
title
:
Make vulnerability file path linkable in the vulnerability list
merge_request
:
55356
author
:
type
:
changed
ee/spec/frontend/security_dashboard/components/mock_data.js
View file @
40c31a56
...
...
@@ -58,6 +58,8 @@ export const generateVulnerabilities = () => [
location
:
{
file
:
'
src/main/java/com/gitlab/security_products/tests/App.java
'
,
startLine
:
'
1337
'
,
blobPath
:
'
/gitlab-org/security-reports2/-/blob/e5c61e4d5d0b8418011171def04ca0aa36532621/src/main/java/com/gitlab/security_products/tests/App.java
'
,
},
project
:
{
nameWithNamespace
:
'
Administrator / Vulnerability reports
'
,
...
...
ee/spec/frontend/security_dashboard/components/vulnerability_list_spec.js
View file @
40c31a56
...
...
@@ -245,7 +245,7 @@ describe('Vulnerability list component', () => {
const
cell
=
findDataCell
(
`location-
${
id
}
`
);
expect
(
cell
.
text
()).
toContain
(
project
.
nameWithNamespace
);
expect
(
findLocationTextWrapper
(
cell
).
props
()).
toEqual
({
text
:
`
${
location
.
file
}
(line:
${
location
.
startLine
}
)
`
,
text
:
`
${
location
.
file
}
:
${
location
.
startLine
}
`
,
position
:
'
middle
'
,
});
});
...
...
@@ -264,7 +264,7 @@ describe('Vulnerability list component', () => {
const
{
id
,
project
}
=
newVulnerabilities
[
4
];
const
cellText
=
findDataCell
(
`location-
${
id
}
`
).
text
();
expect
(
cellText
).
toEqual
(
project
.
nameWithNamespace
);
expect
(
cellText
).
not
.
toContain
(
'
(line:
'
);
expect
(
cellText
).
not
.
toContain
(
'
:
'
);
});
it
(
'
should display the vulnerability locations for path
'
,
()
=>
{
...
...
@@ -313,11 +313,17 @@ describe('Vulnerability list component', () => {
const
cell
=
findDataCell
(
`location-
${
id
}
`
);
expect
(
cell
.
text
()).
not
.
toContain
(
project
.
nameWithNamespace
);
expect
(
findLocationTextWrapper
(
cell
).
props
()).
toEqual
({
text
:
`
${
location
.
file
}
(line:
${
location
.
startLine
}
)
`
,
text
:
`
${
location
.
file
}
:
${
location
.
startLine
}
`
,
position
:
'
middle
'
,
});
});
it
(
'
should make the file path linkable
'
,
()
=>
{
const
{
id
,
location
}
=
newVulnerabilities
[
1
];
const
cell
=
findDataCell
(
`location-
${
id
}
`
);
expect
(
cell
.
find
(
'
a
'
).
attributes
(
'
href
'
)).
toBe
(
`
${
location
.
blobPath
}
#L
${
location
.
startLine
}
`
);
});
it
(
'
should not display the vulnerability group/project locations for code with no line data
'
,
()
=>
{
const
{
id
,
project
,
location
}
=
newVulnerabilities
[
2
];
const
cell
=
findDataCell
(
`location-
${
id
}
`
);
...
...
locale/gitlab.pot
View file @
40c31a56
...
...
@@ -1017,9 +1017,6 @@ msgstr ""
msgid "(deleted)"
msgstr ""
msgid "(line: %{startLine})"
msgstr ""
msgid "(max size 15 MB)"
msgstr ""
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment