Skip to content

G
gitlab-ce
Commit d6ae61dc authored by Mike Lewis's avatar Mike Lewis
Browse files
Options

Merge branch 'docs-remediation-modal' into 'master' 

Add documentation for Remediation Modal

See merge request gitlab-org/gitlab-ee!9056
parents acad50ce f86f8303
Hide whitespace changes
Inline Side-by-side
Showing with 19 additions and 3 deletions
doc/user/project/merge_requests/index.md
View file @ d6ae61dc
...@@ -333,16 +333,32 @@ This feature is currently [Alpha](https://about.gitlab.com/handbook/product/#alp ...@@ -333,16 +333,32 @@ This feature is currently [Alpha](https://about.gitlab.com/handbook/product/#alp
Each security vulnerability in the report is actionable. Clicking on an entry, Each security vulnerability in the report is actionable. Clicking on an entry,
a detailed information will pop up with two different possible options: a detailed information will pop up with two different possible options:
- **Dismiss vulnerability** - Dismissing a vulnerability will place a - **Dismiss vulnerability** - Dismissing a vulnerability will place a <s>strikethrough</s> styling on it.
<s>strikethrough</s> styling on it.
- **Create issue** - The new issue will have the title and description - **Create issue** - The new issue will have the title and description
pre-populated with the information of the vulnerability report. pre-populated with the information from the vulnerability report.
- **Solution** - For some vulnerabilities ([Dependency Scanning](dependency_scanning.md) and [Container Scanning](container_scanning.md))
a solution is provided for how to fix the vulnerability.
![Interacting with security reports](img/interactive_reports.png) ![Interacting with security reports](img/interactive_reports.png)
You can also revert your dismissal or see the linked issue after the action has You can also revert your dismissal or see the linked issue after the action has
been taken. been taken.
### Solutions for Dependency Scanning **[ULTIMATE]**
> Introduced in [GitLab Ultimate][products] 11.7.
CAUTION: **Warning:** Automatic Patch creation is only available for a subset of [Dependency Scanning](dependency_scanning.md). At the moment only Node.JS projects managed with yarn are supported.
Some Vulnerabilities can be fixed by applying a patch that is automatically generated by GitLab. To apply the fix:
1. Download and review the patch file `remediation.patch`.
2. Ensure your local project has the same commit checked out that was used to generate the patch.
3. Run `git apply remediation.patch`.
4. Verify and commit the changes to your branch.
![Solutions for dependency scanning](img/vulnerability_solution.png)
## Live preview with Review Apps ## Live preview with Review Apps
If you configured [Review Apps](https://about.gitlab.com/features/review-apps/) for your project, If you configured [Review Apps](https://about.gitlab.com/features/review-apps/) for your project,
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7