Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
144d35eb
Commit
144d35eb
authored
Aug 17, 2021
by
Jonathan Schafer
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Disable Vulnerability Finding Link creation
Changelog: changed EE: true
parent
ae3ce141
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
12 additions
and
2 deletions
+12
-2
ee/app/services/security/store_report_service.rb
ee/app/services/security/store_report_service.rb
+1
-1
ee/spec/services/security/store_report_service_spec.rb
ee/spec/services/security/store_report_service_spec.rb
+11
-1
No files found.
ee/app/services/security/store_report_service.rb
View file @
144d35eb
...
...
@@ -48,7 +48,7 @@ module Security
create_vulnerability_finding
(
vulnerability_findings_by_uuid
,
finding
)
&
.
id
end
.
compact
.
uniq
update_vulnerability_links_info
update_vulnerability_links_info
if
Feature
.
enabled?
(
:vulnerability_finding_replace_metadata
)
create_vulnerability_pipeline_objects
update_vulnerabilities_identifiers
update_vulnerabilities_finding_identifiers
...
...
ee/spec/services/security/store_report_service_spec.rb
View file @
144d35eb
...
...
@@ -67,6 +67,16 @@ RSpec.describe Security::StoreReportService, '#execute' do
expect
{
subject
}.
to
change
{
Vulnerabilities
::
FindingLink
.
count
}.
by
(
finding_links
)
end
context
'when finding links creation is disabled'
do
before
do
stub_feature_flags
(
vulnerability_finding_replace_metadata:
false
)
end
it
'does not insert finding links'
do
expect
{
subject
}.
not_to
change
{
Vulnerabilities
::
FindingLink
.
count
}
end
end
it
'inserts all finding identifiers (join model)'
do
expect
{
subject
}.
to
change
{
Vulnerabilities
::
FindingIdentifier
.
count
}.
by
(
finding_identifiers
)
end
...
...
@@ -550,7 +560,7 @@ RSpec.describe Security::StoreReportService, '#execute' do
let!
(
:issue_link
)
{
create
(
:vulnerabilities_issue_link
,
issue:
issue
,
vulnerability_id:
vulnerability
.
id
)
}
it
'will not raise an error'
do
expect
{
subject
}.
not_to
raise_error
(
ActiveRecord
::
RecordInvalid
)
expect
{
subject
}.
not_to
raise_error
end
it
'does not insert issue link from the new pipeline'
do
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment