Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
4324cffc
Commit
4324cffc
authored
Dec 01, 2020
by
Mehmet Emin INAC
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Extend the test cases for deduplication logic
Also made some cosmetic changes.
parent
3be15804
Changes
4
Show whitespace changes
Inline
Side-by-side
Showing
4 changed files
with
31 additions
and
28 deletions
+31
-28
ee/app/services/security/merge_reports_service.rb
ee/app/services/security/merge_reports_service.rb
+1
-1
ee/app/services/security/store_scan_service.rb
ee/app/services/security/store_scan_service.rb
+1
-1
ee/spec/lib/gitlab/ci/reports/security/finding_key_spec.rb
ee/spec/lib/gitlab/ci/reports/security/finding_key_spec.rb
+3
-0
ee/spec/lib/gitlab/ci/reports/security/identifier_spec.rb
ee/spec/lib/gitlab/ci/reports/security/identifier_spec.rb
+26
-26
No files found.
ee/app/services/security/merge_reports_service.rb
View file @
4324cffc
...
...
@@ -58,7 +58,7 @@ module Security
def
deduplicate_findings!
@findings
,
*
=
@findings
.
each_with_object
([[],
Set
.
new
])
do
|
finding
,
(
deduplicated
,
seen_identifiers
)
|
next
if
finding
.
keys
.
any?
{
|
key
|
seen_identifiers
.
member?
(
key
)
}
next
if
seen_identifiers
.
intersect?
(
finding
.
keys
.
to_set
)
seen_identifiers
.
merge
(
finding
.
keys
)
deduplicated
<<
finding
...
...
ee/app/services/security/store_scan_service.rb
View file @
4324cffc
...
...
@@ -57,7 +57,7 @@ module Security
end
def
register_keys
(
keys
)
return
false
if
k
eys
.
any?
{
|
key
|
known_keys
.
member?
(
key
)
}
return
false
if
k
nown_keys
.
intersect?
(
keys
.
to_set
)
known_keys
.
merge
(
keys
)
end
...
...
ee/spec/lib/gitlab/ci/reports/security/finding_key_spec.rb
View file @
4324cffc
...
...
@@ -11,6 +11,9 @@ RSpec.describe Gitlab::Ci::Reports::Security::FindingKey do
'location fp'
|
nil
|
'identifier fp'
|
'different identifier fp'
|
false
'location fp'
|
'different location fp'
|
nil
|
'different identifier fp'
|
false
'location fp'
|
'different location fp'
|
'identifier fp'
|
nil
|
false
nil
|
nil
|
'identifier fp'
|
'identifier fp'
|
false
'location fp'
|
'location fp'
|
nil
|
nil
|
false
nil
|
nil
|
nil
|
nil
|
false
'location fp'
|
'different location fp'
|
'identifier fp'
|
'different identifier fp'
|
false
'location fp'
|
'different location fp'
|
'identifier fp'
|
'identifier fp'
|
false
'location fp'
|
'location fp'
|
'identifier fp'
|
'different identifier fp'
|
false
...
...
ee/spec/lib/gitlab/ci/reports/security/identifier_spec.rb
View file @
4324cffc
...
...
@@ -3,6 +3,8 @@
require
'spec_helper'
RSpec
.
describe
Gitlab
::
Ci
::
Reports
::
Security
::
Identifier
do
using
RSpec
::
Parameterized
::
TableSyntax
describe
'#initialize'
do
subject
{
described_class
.
new
(
**
params
)
}
...
...
@@ -52,39 +54,39 @@ RSpec.describe Gitlab::Ci::Reports::Security::Identifier do
end
end
describe
'#cve?'
do
let
(
:identifier
)
{
create
(
:ci_reports_security_identifier
,
external_type:
external_type
)
}
describe
'#type_identifier?'
do
where
(
:external_type
,
:expected_result
)
do
'cve'
|
false
'foo'
|
false
'cwe'
|
true
'wasc'
|
true
end
subject
{
identifier
.
cve?
}
with_them
do
let
(
:identifier
)
{
create
(
:ci_reports_security_identifier
,
external_type:
external_type
)
}
context
'when has cve as external type'
do
let
(
:external_type
)
{
'Cve'
}
subject
{
identifier
.
type_identifier?
}
it
{
is_expected
.
to
eq
(
true
)
}
it
{
is_expected
.
to
be
(
expected_result
)
}
end
context
'when does not have cve as external type'
do
let
(
:external_type
)
{
'Cwe'
}
it
{
is_expected
.
to
eq
(
false
)
}
end
describe
'external type check methods'
do
where
(
:external_type
,
:is_cve?
,
:is_cwe?
,
:is_wasc?
)
do
'Foo'
|
false
|
false
|
false
'Cve'
|
true
|
false
|
false
'Cwe'
|
false
|
true
|
false
'Wasc'
|
false
|
false
|
true
end
describe
'#cwe?'
do
with_them
do
let
(
:identifier
)
{
create
(
:ci_reports_security_identifier
,
external_type:
external_type
)
}
subject
{
identifier
.
cwe?
}
context
'when has cwe as external type'
do
let
(
:external_type
)
{
'Cwe'
}
it
{
is_expected
.
to
eq
(
true
)
}
it
'returns correct result for the type check method'
do
expect
(
identifier
.
cve?
).
to
be
(
is_cve?
)
expect
(
identifier
.
cwe?
).
to
be
(
is_cwe?
)
expect
(
identifier
.
wasc?
).
to
be
(
is_wasc?
)
end
context
'when does not have cwe as external type'
do
let
(
:external_type
)
{
'Cve'
}
it
{
is_expected
.
to
eq
(
false
)
}
end
end
...
...
@@ -105,8 +107,6 @@ RSpec.describe Gitlab::Ci::Reports::Security::Identifier do
end
describe
'#=='
do
using
RSpec
::
Parameterized
::
TableSyntax
where
(
:type_1
,
:id_1
,
:type_2
,
:id_2
,
:equal
,
:case_name
)
do
'CVE'
|
'2018-1234'
|
'CVE'
|
'2018-1234'
|
true
|
'when external_type and external_id are equal'
'CVE'
|
'2018-1234'
|
'brakeman_code'
|
'2018-1234'
|
false
|
'when external_type is different'
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment