Remove sort_dependency_vulnerabilities feature flag

Changelog: other EE: true

Remove sort_dependency_vulnerabilities feature flag
Changelog: other EE: true
b9e6510d · Adam Cohen · 9dce5fff · b9e6510d · 9dce5fff · b9e6510d
Commit b9e6510d authored Jul 02, 2021 by Adam Cohen
3 changed files
--- a/ee/app/services/security/dependency_list_service.rb
+++ b/ee/app/services/security/dependency_list_service.rb
@@ -55,7 +55,7 @@ module Security
      when 'packager'
        collection.sort_by! { |a| a[:packager] }
      when 'severity'
-        sort_dependency_vulnerabilities_by_severity!(collection) if Feature.enabled?(:sort_dependency_vulnerabilities, @pipeline.project, default_enabled: true)
+        sort_dependency_vulnerabilities_by_severity!(collection)
        sort_dependencies_by_severity!(collection)
      else
        collection.sort_by! { |a| a[:name] }

--- a/ee/config/feature_flags/development/sort_dependency_vulnerabilities.yml
+++ b/ee/config/feature_flags/development/sort_dependency_vulnerabilities.yml
---
-name: sort_dependency_vulnerabilities
-introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/62983
-rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/332852
-milestone: '14.0'
-type: development
-group: group::composition analysis
-default_enabled: true
--- a/ee/spec/services/security/dependency_list_service_spec.rb
+++ b/ee/spec/services/security/dependency_list_service_spec.rb
@@ -110,7 +110,6 @@ RSpec.describe Security::DependencyListService do
          }
        end
-        context('when the sort_dependency_vulnerabilities feature flag is true') do
        it 'returns array of data sorted by package severity level in ascending order' do
          dependencies = subject.last(2).map do |dependency|
            {
@@ -132,34 +131,6 @@ RSpec.describe Security::DependencyListService do
          expect(saml2js_severities).to eq(%w(critical medium unknown))
        end
      end
-        context('when the sort_dependency_vulnerabilities feature flag is false') do
-          # overwrite the existing findings so we can re-create the original test
-          let_it_be(:pipeline) { create(:ee_ci_pipeline, :with_dependency_list_report) }
-          let_it_be(:nokogiri_finding) { create(:vulnerabilities_finding, :detected, :with_dependency_scanning_metadata, :with_pipeline) }
-          let_it_be(:nokogiri_pipeline) { create(:vulnerabilities_finding_pipeline, finding: nokogiri_finding, pipeline: pipeline) }
-          let_it_be(:other_finding) { create(:vulnerabilities_finding, :detected, :with_dependency_scanning_metadata, package: 'saml2-js', file: 'yarn/yarn.lock', version: '1.5.0', raw_severity: 'Unknown') }
-          let_it_be(:other_pipeline) { create(:vulnerabilities_finding_pipeline, finding: other_finding, pipeline: pipeline) }
-          before do
-            stub_feature_flags(sort_dependency_vulnerabilities: false)
-          end
-          it 'returns array of data sorted by package severity level in descending order' do
-            dependencies = subject.last(2).map do |dependency|
-              {
-                name: dependency[:name],
-                vulnerabilities: dependency[:vulnerabilities].map do |vulnerability|
-                  vulnerability[:severity]
-                end
-              }
-            end
-            expect(dependencies).to eq([{ name: "saml2-js", vulnerabilities: ["unknown"] },
-                                        { name: "nokogiri", vulnerabilities: ["high"] }])
-          end
-        end
-      end
    end
  end
 end