Commit 2323fd01 authored by David O'Regan's avatar David O'Regan

Merge branch '331409-add-status-column' into 'master'

Expose the state field for findings

See merge request gitlab-org/gitlab!62147
parents 51b69c9f 29e8f53a
......@@ -10974,6 +10974,7 @@ Represents vulnerability finding of a security report on the pipeline.
| <a id="pipelinesecurityreportfindingscanner"></a>`scanner` | [`VulnerabilityScanner`](#vulnerabilityscanner) | Scanner metadata for the vulnerability. |
| <a id="pipelinesecurityreportfindingseverity"></a>`severity` | [`VulnerabilitySeverity`](#vulnerabilityseverity) | Severity of the vulnerability finding. |
| <a id="pipelinesecurityreportfindingsolution"></a>`solution` | [`String`](#string) | URL to the vulnerability's details page. |
| <a id="pipelinesecurityreportfindingstate"></a>`state` | [`VulnerabilityState`](#vulnerabilitystate) | The finding status. |
| <a id="pipelinesecurityreportfindinguuid"></a>`uuid` | [`String`](#string) | Name of the vulnerability finding. |
### `Project`
......
......@@ -31,6 +31,7 @@ query pipelineFindings(
scanner {
vendor
}
state
severity
location {
...VulnerabilityLocation
......
......@@ -70,6 +70,11 @@ module Types
null: true,
description: "URL to the vulnerability's details page."
field :state,
type: VulnerabilityStateEnum,
null: true,
description: "The finding status."
def location
object.location&.merge(report_type: object.report_type)
end
......
......@@ -264,6 +264,7 @@ export const mockPipelineFindingsResponse = ({ hasNextPage } = {}) => ({
],
scanner: null,
severity: 'HIGH',
state: 'DETECTED',
location: {
__typename: 'VulnerabilityLocationDependencyScanning',
blobPath: null,
......@@ -280,6 +281,7 @@ export const mockPipelineFindingsResponse = ({ hasNextPage } = {}) => ({
'A prototype pollution vulnerability in handlebars may lead to remote code execution if an attacker can control the template in handlebars',
description: null,
confidence: 'unknown',
state: 'RESOLVED',
identifiers: [
{
externalType: 'retire.js',
......
......@@ -15,7 +15,8 @@ RSpec.describe GitlabSchema.types['PipelineSecurityReportFinding'] do
project
description
location
solution]
solution
state]
end
specify { expect(described_class.graphql_name).to eq('PipelineSecurityReportFinding') }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment