Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
c616bf70
Commit
c616bf70
authored
Mar 13, 2020
by
Can Eldem
Committed by
Achilleas Pipinellis
Mar 13, 2020
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Add deprecation note for Severity and Confidence levels
parent
197808d3
Changes
4
Hide whitespace changes
Inline
Side-by-side
Showing
4 changed files
with
13 additions
and
1 deletion
+13
-1
doc/api/vulnerability_findings.md
doc/api/vulnerability_findings.md
+4
-1
doc/user/application_security/container_scanning/index.md
doc/user/application_security/container_scanning/index.md
+3
-0
doc/user/application_security/dependency_scanning/index.md
doc/user/application_security/dependency_scanning/index.md
+3
-0
doc/user/application_security/sast/index.md
doc/user/application_security/sast/index.md
+3
-0
No files found.
doc/api/vulnerability_findings.md
View file @
c616bf70
...
...
@@ -6,7 +6,7 @@ NOTE: **Note:**
This API resource is renamed from Vulnerabilities to Vulnerability Findings because the Vulnerabilities are reserved
for serving the upcoming
[
Standalone Vulnerability objects
](
https://gitlab.com/gitlab-org/gitlab/issues/13561
)
.
To fix any broken integrations with the former Vulnerabilities API, change the
`vulnerabilities`
URL part to be
`vulnerability_findings`
.
`vulnerability_findings`
.
Every API call to vulnerability findings must be
[
authenticated
](
README.md#authentication
)
.
...
...
@@ -46,6 +46,9 @@ GET /projects/:id/vulnerability_findings?confidence=unknown,experimental
GET /projects/:id/vulnerability_findings?pipeline_id=42
```
CAUTION:
**Deprecation:**
Beginning with GitLab 12.9, the
`undefined`
severity level is deprecated and the
`undefined`
confidence level isn't reported for new vulnerabilities.
| Attribute | Type | Required | Description |
| ------------- | -------------- | -------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
|
`id`
| integer/string | yes | The ID or
[
URL-encoded path of the project
](
README.md#namespaced-path-encoding
)
which the authenticated user is a member of. |
...
...
doc/user/application_security/container_scanning/index.md
View file @
c616bf70
...
...
@@ -347,6 +347,9 @@ it highlighted:
}
```
CAUTION:
**Deprecation:**
Beginning with GitLab 12.9, container scanning no longer reports
`undefined`
severity and confidence levels.
Here is the description of the report file structure nodes and their meaning. All fields are mandatory to be present in
the report JSON unless stated otherwise. Presence of optional fields depends on the underlying analyzers being used.
...
...
doc/user/application_security/dependency_scanning/index.md
View file @
c616bf70
...
...
@@ -355,6 +355,9 @@ it highlighted:
}
```
CAUTION:
**Deprecation:**
Beginning with GitLab 12.9, dependency scanning no longer reports
`undefined`
severity and confidence levels.
Here is the description of the report file structure nodes and their meaning. All fields are mandatory to be present in
the report JSON unless stated otherwise. Presence of optional fields depends on the underlying analyzers being used.
...
...
doc/user/application_security/sast/index.md
View file @
c616bf70
...
...
@@ -413,6 +413,9 @@ it highlighted:
}
```
CAUTION:
**Deprecation:**
Beginning with GitLab 12.9, SAST no longer reports
`undefined`
severity and confidence levels.
Here is the description of the report file structure nodes and their meaning. All fields are mandatory in
the report JSON unless stated otherwise. Presence of optional fields depends on the underlying analyzers being used.
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment