Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
17f2fd67
Commit
17f2fd67
authored
Oct 11, 2021
by
Thong Kuah
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Allowlist security finding relation for cross-db query
parent
4fe41b1e
Changes
2
Show whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
1 addition
and
2 deletions
+1
-2
ee/app/models/security/finding.rb
ee/app/models/security/finding.rb
+1
-1
spec/support/database/cross-join-allowlist.yml
spec/support/database/cross-join-allowlist.yml
+0
-1
No files found.
ee/app/models/security/finding.rb
View file @
17f2fd67
...
...
@@ -34,7 +34,7 @@ module Security
.
where
(
'security_scans.id = security_findings.scan_id'
)
.
where
(
'vulnerability_feedback.project_fingerprint = security_findings.project_fingerprint'
))
end
scope
:latest
,
->
{
joins
(
:scan
).
merge
(
Security
::
Scan
.
latest_successful_by_build
)
}
scope
:latest
,
->
{
joins
(
:scan
).
merge
(
Security
::
Scan
.
latest_successful_by_build
)
.
allow_cross_joins_across_databases
(
url:
'https://gitlab.com/gitlab-org/gitlab/-/issues/341796'
)
}
scope
:ordered
,
->
{
order
(
severity: :desc
,
confidence: :desc
,
id: :asc
)
}
scope
:with_pipeline_entities
,
->
{
includes
(
build:
[
:job_artifacts
,
:pipeline
])
}
scope
:with_scan
,
->
{
includes
(
:scan
)
}
...
...
spec/support/database/cross-join-allowlist.yml
View file @
17f2fd67
...
...
@@ -7,7 +7,6 @@
-
"
./ee/spec/features/merge_trains/user_adds_to_merge_train_when_pipeline_succeeds_spec.rb"
-
"
./ee/spec/features/projects/pipelines/pipeline_spec.rb"
-
"
./ee/spec/finders/ee/namespaces/projects_finder_spec.rb"
-
"
./ee/spec/finders/security/findings_finder_spec.rb"
-
"
./ee/spec/graphql/ee/resolvers/namespace_projects_resolver_spec.rb"
-
"
./ee/spec/lib/ee/gitlab/background_migration/migrate_approver_to_approval_rules_spec.rb"
-
"
./ee/spec/lib/ee/gitlab/background_migration/migrate_security_scans_spec.rb"
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment