Commit 7d30aeb0 authored by Suzanne Selhorn's avatar Suzanne Selhorn Committed by Russell Dickenson

Edits for CTRT and style

Related to: https://gitlab.com/gitlab-org/gitlab/-/issues/300312
parent 956d657b
......@@ -548,7 +548,7 @@ of the available SAST Analyzers and what data is currently available.
The `remediations` field of the report is an array of remediation objects.
Each remediation describes a patch that can be applied to
[automatically fix](../../user/application_security/#automatic-remediation-for-vulnerabilities)
[automatically fix](../../user/application_security/#apply-an-automatic-remediation-for-a-vulnerability)
a set of vulnerabilities.
Here is an example of a report that contains remediations.
......
......@@ -101,7 +101,7 @@ and complete an integration with the Secure stage.
- Users can interact with the findings from your artifact within their workflow. They can dismiss the findings or accept them and create a backlog issue.
- To automatically create issues without user interaction, use the [issue API](../../api/issues.md).
1. Optional: Provide auto-remediation steps:
- If you specified `remediations` in your artifact, it is proposed through our [automatic remediation](../../user/application_security/index.md#automatic-remediation-for-vulnerabilities)
- If you specified `remediations` in your artifact, it is proposed through our [automatic remediation](../../user/application_security/index.md#apply-an-automatic-remediation-for-a-vulnerability)
interface.
1. Demo the integration to GitLab:
- After you have tested and are ready to demo your integration please
......
......@@ -944,7 +944,7 @@ pipelines. For more information, see the [Security Dashboard documentation](../s
Fuzzing faults show up as vulnerabilities with a severity of Unknown.
Once a fault is found, you can interact with it. Read more on how to
[interact with the vulnerabilities](../index.md#interacting-with-the-vulnerabilities).
[address the vulnerabilities](../index.md#addressing-vulnerabilities).
## Handling False Positives
......
......@@ -455,7 +455,7 @@ For more information about the vulnerabilities database update, check the
## Interacting with the vulnerabilities
After a vulnerability is found, you can [interact with it](../index.md#interacting-with-the-vulnerabilities).
After a vulnerability is found, you can [address it](../index.md#addressing-vulnerabilities).
## Solutions for vulnerabilities (auto-remediation)
......@@ -469,7 +469,7 @@ file, it's necessary to set [`GIT_STRATEGY: fetch`](../../../ci/runners/README.m
your `.gitlab-ci.yml` file by following the instructions described in this document's
[overriding the container scanning template](#overriding-the-container-scanning-template) section.
Read more about the [solutions for vulnerabilities](../index.md#automatic-remediation-for-vulnerabilities).
Read more about the [solutions for vulnerabilities](../index.md#apply-an-automatic-remediation-for-a-vulnerability).
## Troubleshooting
......
......@@ -237,7 +237,7 @@ The `covfuzz-ci.yml` is the same as that in the [original synchronous example](h
## Interacting with the vulnerabilities
After a vulnerability is found, you can [interact with it](../index.md#interacting-with-the-vulnerabilities).
After a vulnerability is found, you can [address it](../index.md#addressing-vulnerabilities).
The merge request widget lists the vulnerability and contains a button for downloading the fuzzing
artifacts. By clicking one of the detected vulnerabilities, you can see its details.
......
......@@ -1170,7 +1170,7 @@ variables:
## Interacting with the vulnerabilities
Once a vulnerability is found, you can interact with it. Read more on how to
[interact with the vulnerabilities](../index.md#interacting-with-the-vulnerabilities).
[address the vulnerabilities](../index.md#addressing-vulnerabilities).
## Vulnerabilities database update
......
......@@ -226,13 +226,13 @@ Read more on [how to use private Maven repositories](../index.md#using-private-m
## Interacting with the vulnerabilities
Once a vulnerability is found, you can interact with it. Read more on how to
[interact with the vulnerabilities](../index.md#interacting-with-the-vulnerabilities).
[address the vulnerabilities](../index.md#addressing-vulnerabilities).
## Solutions for vulnerabilities (auto-remediation)
Some vulnerabilities can be fixed by applying the solution that GitLab
automatically generates. Read more about the
[solutions for vulnerabilities](../index.md#automatic-remediation-for-vulnerabilities).
[solutions for vulnerabilities](../index.md#apply-an-automatic-remediation-for-a-vulnerability).
## Security Dashboard
......
This diff is collapsed.
......@@ -59,14 +59,14 @@ mirroring the packages inside your own offline network.
### Interacting with the vulnerabilities
Once a vulnerability is found, you can interact with it. Read more on how to
[interact with the vulnerabilities](../index.md#interacting-with-the-vulnerabilities).
[address the vulnerabilities](../index.md#addressing-vulnerabilities).
Please note that in some cases the reported vulnerabilities provide metadata that can contain
external links exposed in the UI. These links might not be accessible within an offline environment.
### Automatic remediation for vulnerabilities
The [automatic remediation for vulnerabilities](../index.md#automatic-remediation-for-vulnerabilities) feature is available for offline Dependency Scanning and Container Scanning, but may not work
The [automatic remediation for vulnerabilities](../index.md#apply-an-automatic-remediation-for-a-vulnerability) feature is available for offline Dependency Scanning and Container Scanning, but may not work
depending on your instance's configuration. We can only suggest solutions, which are generally more
current versions that have been patched, when we are able to access up-to-date registry services
hosting the latest versions of that dependency or image.
......
......@@ -137,7 +137,7 @@ as shown in the following table:
| [Customize SAST Settings](#customizing-the-sast-settings) | **{check-circle}** | **{check-circle}** |
| View [JSON Report](#reports-json-format) | **{check-circle}** | **{check-circle}** |
| Presentation of JSON Report in Merge Request | **{dotted-circle}** | **{check-circle}** |
| [Interaction with Vulnerabilities](../../application_security/index.md#interacting-with-the-vulnerabilities) | **{dotted-circle}** | **{check-circle}** |
| [Address vulnerabilities](../../application_security/index.md#addressing-vulnerabilities) | **{dotted-circle}** | **{check-circle}** |
| [Access to Security Dashboard](../../application_security/security_dashboard/index.md) | **{dotted-circle}** | **{check-circle}** |
| [Configure SAST in the UI](#configure-sast-in-the-ui) | **{dotted-circle}** | **{check-circle}** |
| [Customize SAST Rulesets](#customize-rulesets) | **{dotted-circle}** | **{check-circle}** |
......
......@@ -196,4 +196,4 @@ Each scenario can be a third-level heading, e.g. `### Getting error message X`.
If you have none to add when creating a doc, leave this section in place
but commented out to help encourage others to add to it in the future. -->
Read more on how to [interact with the vulnerabilities](../index.md#interacting-with-the-vulnerabilities).
Read more on how to [address the vulnerabilities](../index.md#addressing-vulnerabilities).
......@@ -123,4 +123,4 @@ Linked issues are shown in the Vulnerability Report and the vulnerability's page
## Automatically remediate the vulnerability
You can fix some vulnerabilities by applying the solution that GitLab automatically
generates for you. [Read more about the automatic remediation for vulnerabilities feature](../index.md#automatic-remediation-for-vulnerabilities).
generates for you. [Read more about the automatic remediation for vulnerabilities feature](../index.md#apply-an-automatic-remediation-for-a-vulnerability).
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment