Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
75602aba
Commit
75602aba
authored
Oct 16, 2019
by
mo khan
Committed by
Lin Jen-Shin
Oct 18, 2019
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Apply maintainer feedback
parent
b024b782
Changes
5
Show whitespace changes
Inline
Side-by-side
Showing
5 changed files
with
6 additions
and
9 deletions
+6
-9
ee/lib/gitlab/ci/reports/security/report.rb
ee/lib/gitlab/ci/reports/security/report.rb
+1
-1
ee/lib/gitlab/ci/reports/security/reports.rb
ee/lib/gitlab/ci/reports/security/reports.rb
+1
-1
ee/spec/lib/gitlab/ci/parsers/security/sast_spec.rb
ee/spec/lib/gitlab/ci/parsers/security/sast_spec.rb
+1
-1
ee/spec/lib/gitlab/ci/reports/security/report_spec.rb
ee/spec/lib/gitlab/ci/reports/security/report_spec.rb
+3
-5
ee/spec/lib/gitlab/ci/reports/security/reports_spec.rb
ee/spec/lib/gitlab/ci/reports/security/reports_spec.rb
+0
-1
No files found.
ee/lib/gitlab/ci/reports/security/report.rb
View file @
75602aba
...
...
@@ -59,7 +59,7 @@ module Gitlab
def
safe?
severities
=
occurrences
.
map
(
&
:severity
).
compact
.
map
(
&
:downcase
)
(
severities
&
UNSAFE_SEVERITIES
).
size
.
zero
?
(
severities
&
UNSAFE_SEVERITIES
).
empty
?
end
end
end
...
...
ee/lib/gitlab/ci/reports/security/reports.rb
View file @
75602aba
...
...
@@ -19,7 +19,7 @@ module Gitlab
end
def
violates_default_policy?
reports
.
values
.
any?
{
|
report
|
!
report
.
safe
?
}
reports
.
values
.
any?
{
|
report
|
report
.
unsafe_severity
?
}
end
end
end
...
...
ee/spec/lib/gitlab/ci/parsers/security/sast_spec.rb
View file @
75602aba
...
...
@@ -6,7 +6,7 @@ describe Gitlab::Ci::Parsers::Security::Sast do
describe
'#parse!'
do
subject
(
:parser
)
{
described_class
.
new
}
let
(
:commit_sha
)
{
Digest
::
SHA1
.
hexdigest
(
SecureRandom
.
uuid
)
}
let
(
:commit_sha
)
{
"d8978e74745e18ce44d88814004d4255ac6a65bb"
}
context
"when parsing valid reports"
do
where
(
report_format:
%i(sast sast_deprecated)
)
...
...
ee/spec/lib/gitlab/ci/reports/security/report_spec.rb
View file @
75602aba
...
...
@@ -3,8 +3,8 @@
require
'spec_helper'
describe
Gitlab
::
Ci
::
Reports
::
Security
::
Report
do
let
(
:
pipeline
)
{
create
(
:ci_pipeline
)
}
let
(
:
report
)
{
described_class
.
new
(
'sast'
,
pipeline
.
sha
)
}
let
(
:
report
)
{
described_class
.
new
(
'sast'
,
commit_sha
)
}
let
(
:
commit_sha
)
{
"d8978e74745e18ce44d88814004d4255ac6a65bb"
}
it
{
expect
(
report
.
type
).
to
eq
(
'sast'
)
}
...
...
@@ -111,7 +111,7 @@ describe Gitlab::Ci::Reports::Security::Report do
allow
(
report
).
to
receive
(
:replace_with!
)
end
subject
{
report
.
merge!
(
described_class
.
new
(
'sast'
,
pipeline
.
sha
))
}
subject
{
report
.
merge!
(
described_class
.
new
(
'sast'
,
commit_
sha
))
}
it
'invokes the merge with other report and then replaces this report contents by merge result'
do
subject
...
...
@@ -123,8 +123,6 @@ describe Gitlab::Ci::Reports::Security::Report do
describe
"#safe?"
do
subject
{
described_class
.
new
(
'sast'
,
commit_sha
)
}
let
(
:commit_sha
)
{
Digest
::
SHA1
.
hexdigest
(
SecureRandom
.
uuid
)
}
context
"when the sast report has an unsafe vulnerability"
do
where
(
severity:
%w[unknown Unknown high High critical Critical]
)
with_them
do
...
...
ee/spec/lib/gitlab/ci/reports/security/reports_spec.rb
View file @
75602aba
...
...
@@ -39,7 +39,6 @@ describe Gitlab::Ci::Reports::Security::Reports do
describe
"#violates_default_policy?"
do
subject
{
described_class
.
new
(
commit_sha
)
}
let
(
:commit_sha
)
{
Digest
::
SHA1
.
hexdigest
(
SecureRandom
.
uuid
)
}
let
(
:low_severity
)
{
build
(
:ci_reports_security_occurrence
,
severity:
'low'
)
}
let
(
:high_severity
)
{
build
(
:ci_reports_security_occurrence
,
severity:
'high'
)
}
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment