An error occurred fetching the project authors.
- 07 Oct, 2019 4 commits
-
-
Tetiana Chupryna authored
-
Tetiana Chupryna authored
-
Tetiana Chupryna authored
Rename report and its components with tests Fix usage of License Scanning report Replace name in all found places Update usage of the report Fix usage of the report
-
Victor Zagorodny authored
This is the DB layout for first-class vulnerabilities backend MVC. Added vulnerabilities table, FK to it from vulnerability_occurrences table, add all required foreign keys for associations between Vulnerability and other models
-
- 03 Sep, 2019 1 commit
-
-
Matija Čupić authored
Mirrors the pipeline status to the source bridge when pipeline completes.
-
- 02 Sep, 2019 1 commit
-
-
Tetiana Chupryna authored
Since dependency_list report and license_management_report are different jobs, we need to collect this info separately
-
- 03 Aug, 2019 1 commit
-
-
Matija Čupić authored
Mirrors blocked pipeline statuses (manual and scheduled) to bridge jobs.
-
- 18 Jul, 2019 1 commit
-
-
Victor Zagorodny authored
MergeReportsService merges several security report POROs into one. This involves deduplicating vulnerability occurrences that share the same location, and at least one (identifier type, identifier value) pair, not including CWEs since CWE is not a identifier but rather a class of vulnerabilities. First found occurrence wins. Then, occurrences are sorted by severity (desc) and then by compare key (asc).
-
- 21 Jun, 2019 1 commit
-
-
Stan Hu authored
The checking of the existence of the legacy security reports was using a significant number of SQL queries in the merge request widget. This commit removes support for them so that they will no longer be accessible from the widget, but the data remains intact. Part of https://gitlab.com/gitlab-org/gitlab-ce/issues/63228
-
- 06 Jun, 2019 1 commit
-
-
Tetiana Chupryna authored
Add needed parser, formatter for this report as well as needed changes for `build` and `pipeline` models. Now it's possible to get `dependency_list` report from pipeline: ``` pipeline.dependency_list_report ``` Note: current report is basically `dependency_scanning` report with additional key `dependency_files`.
-
- 01 May, 2019 3 commits
-
-
Matija Čupić authored
Renames the relation between the Pipeline and Bridge job to be more descriptive of the intent. This includes renaming the model relations, database columns as well as service / worker class names.
-
Matija Čupić authored
-
Matija Čupić authored
-
- 19 Apr, 2019 1 commit
-
-
Olivier Gonzalez authored
Compare two reports to get added, existing, and fixed occurrences. Use git diff to improve matching for SAST reports.
-
- 16 Apr, 2019 1 commit
-
-
Matija Čupić authored
Add metrics report type to JobArtifact constants Add sample metrics fixture Add factories for artifacts with metrics reports Adds EE spec factories for CI models that can have metrics reports. Add scopes for CI models with metrics reports Adds scopes with metrics reports for Pipeline, Builds and JobArtifacts. Add metrics_reports Premium feature Implement has_metrics_reports in Pipelines and MRs Implements EE::Ci::Pipeline#has_metrics_reports? and EE::MergeRequest#has_metrics_reports?. Implement metrics CI Report and Parser Implements Parser and Report types for metrics reports. Expose metrics reports to the Merge Request Implements EE::Ci::Build#collect_metrics_reports! and EE::Ci::Pipeline#metrics_report and exposes metrics report for consumption by the Merge Request. Implement metrics reports comparer Implements a class that compares two metrics reports and selects new, existing and removed metrics. Implement Metric report serializer Implements a serializer for metrics reports to be used in the metrics reports comparison service. Implement metrics reports comparison service Implements Ci::CompareMetricsReportsService that compares two metrics reports and serializes the result for frontend consumption. Expose metrics reports comparison in Merge Request Add Merge Requests controller endpoint for metrics Implements a Merge Request controller endpoint for querying metrics reports.
-
- 08 Apr, 2019 1 commit
-
-
Shinya Maeda authored
Merge request pipeline is meant for ensuring target branch's pipeline green. We should not let maintainers merge a merge request if the head pipeline of the merge request doesn't fulfill the criteria.
-
- 02 Apr, 2019 1 commit
-
-
Rémy Coutable authored
Signed-off-by: Rémy Coutable <remy@rymai.me>
-
- 18 Feb, 2019 1 commit
-
-
James Fargher authored
ChatOps used to be in the Ultimate tier.
-
- 15 Feb, 2019 1 commit
-
-
Gilbert Roulot authored
Match API responses with schemas in the spec files.
-
- 07 Jan, 2019 1 commit
-
-
Gilbert Roulot authored
-
- 04 Jan, 2019 1 commit
-
-
Kamil Trzciński authored
The new reports are always a top-level Hash with explicit `version:` field. Old reports that are Arrays are converted to Hash representation with indication what version is being used. This MR also removes other reports and uses one common set of fixtures for all test types.
-
- 02 Jan, 2019 1 commit
-
-
Grzegorz Bizon authored
-
- 18 Dec, 2018 1 commit
-
-
Grzegorz Bizon authored
-
- 12 Dec, 2018 2 commits
-
-
Yorick Peterse authored
This test would expect pipelines to be returned in a particular order, without actually ordering the rows. This could lead to the test sometimes failing. To solve this, we use `to include` instead of `to eq`.
-
Gilbert Roulot authored
This adds a backend parsing of license management reports. The reports are parsed async with ReactiveCache, compared and returned via API for Frontend.
-
- 03 Dec, 2018 1 commit
-
-
Olivier Gonzalez authored
-
- 07 Nov, 2018 1 commit
-
-
Olivier Gonzalez authored
Ensure we only filter pipeline that effectively have vulnerabilties.
-
- 06 Nov, 2018 7 commits
-
-
Kamil Trzciński authored
-
Kamil Trzciński authored
-
Kamil Trzciński authored
-
Kamil Trzciński authored
-
Kamil Trzciński authored
-
Kamil Trzciński authored
-
Kamil Trzciński authored
-
- 29 Oct, 2018 1 commit
-
-
Olivier Gonzalez authored
-
- 23 Oct, 2018 2 commits
-
-
Olivier Gonzalez authored
Extend models to provide necessary logic for security reports. Add Secuirity Reports ruby classes Add SAST parser Add logic to store report in database
-
Olivier Gonzalez authored
-
- 16 Oct, 2018 1 commit
-
-
Matija Čupić authored
-
- 05 Oct, 2018 2 commits
-
-
Matija Čupić authored
This refactors the codequality MR widget specs to test with real data.
-
Matija Čupić authored
This introduces proper architecture for generalizing exposing artifacts to frontend.
-