Commit 7a91a936 authored by Zamir Martins Filho's avatar Zamir Martins Filho

Update Vulnerability-Check related documentation

to include vulnerability states.
parent edd23d67
...@@ -201,8 +201,7 @@ To prevent a merge request introducing a security vulnerability in a project, en ...@@ -201,8 +201,7 @@ To prevent a merge request introducing a security vulnerability in a project, en
Vulnerability-Check rule. While this rule is enabled, an additional merge request approval is Vulnerability-Check rule. While this rule is enabled, an additional merge request approval is
required when the latest security report in a merge request: required when the latest security report in a merge request:
- Contains vulnerabilities that are not present in the target branch. Note that approval is still - Contains vulnerabilities with states (for example, `previously detected`, `dismissed`) matching the rule's vulnerability states. Only `newly detected` will be considered if the target branch differs from the project default branch.
required for dismissed vulnerabilities.
- Contains vulnerabilities with severity levels (for example, `high`, `critical`, or `unknown`) - Contains vulnerabilities with severity levels (for example, `high`, `critical`, or `unknown`)
matching the rule's severity levels. matching the rule's severity levels.
- Contains a vulnerability count higher than the rule allows. - Contains a vulnerability count higher than the rule allows.
...@@ -210,7 +209,7 @@ required when the latest security report in a merge request: ...@@ -210,7 +209,7 @@ required when the latest security report in a merge request:
An approval is optional when the security report: An approval is optional when the security report:
- Contains no new vulnerabilities when compared to the target branch. - Contains only vulnerabilities with states (for example, `newly detected`, `resolved`) **NOT** matching the rule's vulnerability states.
- Contains only vulnerabilities with severity levels (for example, `low`, `medium`) **NOT** matching - Contains only vulnerabilities with severity levels (for example, `low`, `medium`) **NOT** matching
the rule's severity levels. the rule's severity levels.
- Contains a vulnerability count equal to or less than what the rule allows. - Contains a vulnerability count equal to or less than what the rule allows.
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment