Merge branch '10077-change-vulnerability-name' into 'master'

Change vulnerability name to message See merge request gitlab-org/gitlab-ee!15125

Merge branch '10077-change-vulnerability-name' into 'master'
Change vulnerability name to message See merge request gitlab-org/gitlab-ee!15125
796624ed · Douwe Maan · e47f6a2b · ff193ff1 · 796624ed · 796624ed
Commit 796624ed authored Aug 13, 2019 by Douwe Maan
4 changed files
--- a/ee/changelogs/unreleased/10077-change-vulnerability-name.yml
+++ b/ee/changelogs/unreleased/10077-change-vulnerability-name.yml
+---
+title: Use vulnerability message on Dependency list
+merge_request: 15125
+author:
+type: changed
--- a/ee/lib/gitlab/ci/parsers/security/formatters/dependency_list.rb
+++ b/ee/lib/gitlab/ci/parsers/security/formatters/dependency_list.rb
@@ -76,7 +76,7 @@ module Gitlab

            def formatted_vulnerability(vulnerability)
              {
-                name: vulnerability['name'],
+                name: vulnerability['message'],
                severity: vulnerability['severity'].downcase
              }
            end

--- a/ee/spec/lib/gitlab/ci/parsers/security/dependency_list_spec.rb
+++ b/ee/spec/lib/gitlab/ci/parsers/security/dependency_list_spec.rb
@@ -37,10 +37,10 @@ describe Gitlab::Ci::Parsers::Security::DependencyList do
        vuln_async = report.dependencies[3][:vulnerabilities]

        expect(vuln_nokogiri.size).to eq(4)
-        expect(vuln_nokogiri[0][:name]).to eq('Vulnerabilities in libxml2')
+        expect(vuln_nokogiri[0][:name]).to eq('Vulnerabilities in libxml2 in nokogiri')
        expect(vuln_nokogiri[0][:severity]).to eq('high')
        expect(vuln_debug.size).to eq(1)
-        expect(vuln_debug[0][:name]).to eq('Regular Expression Denial of Service')
+        expect(vuln_debug[0][:name]).to eq('Regular Expression Denial of Service in debug')
        expect(vuln_async.size).to eq(0)
      end
    end

--- a/ee/spec/lib/gitlab/ci/parsers/security/formatters/dependency_list_spec.rb
+++ b/ee/spec/lib/gitlab/ci/parsers/security/formatters/dependency_list_spec.rb
@@ -43,8 +43,8 @@ describe Gitlab::Ci::Parsers::Security::Formatters::DependencyList do
        vulnerabilities = data[:vulnerabilities]

        expect(vulnerabilities.size).to eq(4)
-        expect(vulnerabilities[0][:name]).to eq('Vulnerabilities in libxml2')
-        expect(vulnerabilities[3][:name]).to eq('Bypass of a protection mechanism in libxslt')
+        expect(vulnerabilities[0][:name]).to eq('Vulnerabilities in libxml2 in nokogiri')
+        expect(vulnerabilities[3][:name]).to eq('Bypass of a protection mechanism in libxslt in nokogiri')
        expect(vulnerabilities[0][:severity]).to eq('high')
      end
    end