Commit 635d09f3 authored by Paul Gascou-Vaillancourt's avatar Paul Gascou-Vaillancourt Committed by Paul Slaughter

Make sure that `vulnerabilities` is always defined in the Dependency List

https://gitlab.com/gitlab-org/gitlab/-/merge_requests/35171
parent 06f1abe5
...@@ -63,8 +63,13 @@ export default { ...@@ -63,8 +63,13 @@ export default {
// passed to it in order to track the visibilty of each row's `row-details` // passed to it in order to track the visibilty of each row's `row-details`
// slot. So, create a deep clone of them here to avoid mutating the // slot. So, create a deep clone of them here to avoid mutating the
// `dependencies` prop. // `dependencies` prop.
// We also make sure that `vulnerabilities` is always defined to prevent rendering
// errors when the user is allowe to see dependencies but not their vulnerabilities.
transformDependenciesForUI(dependencies) { transformDependenciesForUI(dependencies) {
return cloneDeep(dependencies); return dependencies.map(({ vulnerabilities, ...dep }) => ({
...cloneDeep(dep),
vulnerabilities: vulnerabilities ? cloneDeep(vulnerabilities) : [],
}));
}, },
}, },
fields: [ fields: [
......
---
title: Fixes a bug that would prevent the dependencies list from rendering for user that aren't authorized to see the vulnerabilities
merge_request: 35171
author:
type: fixed
...@@ -54,7 +54,7 @@ describe('DependenciesTable component', () => { ...@@ -54,7 +54,7 @@ describe('DependenciesTable component', () => {
}); });
const isVulnerableCellText = normalizeWhitespace(isVulnerableCell.text()); const isVulnerableCellText = normalizeWhitespace(isVulnerableCell.text());
if (dependency.vulnerabilities.length) { if (dependency?.vulnerabilities?.length) {
expect(isVulnerableCellText).toContain(`${dependency.vulnerabilities.length} vuln`); expect(isVulnerableCellText).toContain(`${dependency.vulnerabilities.length} vuln`);
} else { } else {
expect(isVulnerableCellText).toBe(''); expect(isVulnerableCellText).toBe('');
...@@ -105,13 +105,17 @@ describe('DependenciesTable component', () => { ...@@ -105,13 +105,17 @@ describe('DependenciesTable component', () => {
}); });
}); });
describe('given dependencies with no vulnerabilities', () => { describe.each`
description | vulnerabilitiesPayload
${'given dependencies with no vulnerabilities'} | ${{ vulnerabilities: [] }}
${'given dependencies when user is not allowed to see vulnerabilities'} | ${{}}
`('$description', ({ vulnerabilitiesPayload }) => {
let dependencies; let dependencies;
beforeEach(() => { beforeEach(() => {
dependencies = [ dependencies = [
makeDependency({ vulnerabilities: [] }), makeDependency({ ...vulnerabilitiesPayload }),
makeDependency({ name: 'foo', vulnerabilities: [] }), makeDependency({ name: 'foo', ...vulnerabilitiesPayload }),
]; ];
createComponent({ createComponent({
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment