Skip to content

G
gitlab-ce
Commit 28b9c4cb authored by Nicole Schwartz's avatar Nicole Schwartz Committed by Nick Gaskill
Browse files
Options

Update interacting with vulns auto-remediation docs

parent 39290fed
Hide whitespace changes
Inline Side-by-side
Showing with 3 additions and 24 deletions
doc/user/application_security/vulnerabilities/index.md
View file @ 28b9c4cb
...@@ -23,7 +23,7 @@ several different ways: ...@@ -23,7 +23,7 @@ several different ways:
- [Create issue](#creating-an-issue-for-a-vulnerability) - Create a new issue with the - [Create issue](#creating-an-issue-for-a-vulnerability) - Create a new issue with the
title and description pre-populated with information from the vulnerability report. title and description pre-populated with information from the vulnerability report.
By default, such issues are [confidential](../../project/issues/confidential_issues.md). By default, such issues are [confidential](../../project/issues/confidential_issues.md).
- [Solution](#automatic-remediation-solutions-for-vulnerabilities) - For some vulnerabilities, - [Solution](#automatic-remediation-for-vulnerabilities) - For some vulnerabilities,
a solution is provided for how to fix the vulnerability. a solution is provided for how to fix the vulnerability.
## Changing vulnerability status ## Changing vulnerability status
...@@ -47,28 +47,7 @@ project the vulnerability came from, and pre-populates it with useful informatio ...@@ -47,28 +47,7 @@ project the vulnerability came from, and pre-populates it with useful informatio
the vulnerability report. After the issue is created, GitLab redirects you to the the vulnerability report. After the issue is created, GitLab redirects you to the
issue page so you can edit, assign, or comment on the issue. issue page so you can edit, assign, or comment on the issue.
## Automatic remediation solutions for vulnerabilities ## Automatic remediation for vulnerabilities
You can fix some vulnerabilities by applying the solution that GitLab automatically You can fix some vulnerabilities by applying the solution that GitLab automatically
generates for you. GitLab supports the following scanners: generates for you. [Read more about the automatic remediation for vulnerabilities feature](../index.md#solutions-for-vulnerabilities-auto-remediation).
- [Dependency Scanning](../dependency_scanning/index.md): Automatic Patch creation
is only available for Node.js projects managed with `yarn`.
- [Container Scanning](../container_scanning/index.md).
When an automatic solution is available, the button in the header will show "Resolve with merge request":
![Resolve with Merge Request button](img/vulnerability_page_merge_request_button_v13_1.png)
Selecting the button will create a merge request with the automatic solution.
### Manually applying a suggested patch
To manually apply the patch that was generated by GitLab for a vulnerability, select the dropdown arrow on the "Resolve
with merge request" button, then select the "Download patch to resolve" option:
![Resolve with Merge Request button dropdown](img/vulnerability_page_merge_request_button_dropdown_v13_1.png)
This will change the button text to "Download patch to resolve". Click on it to download the patch:
![Download patch button](img/vulnerability_page_download_patch_button_v13_1.png)
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7