Merge branch 'remove-ff-path_to_vulnerable_dependency' into 'master'

Remove flag path_to_vulnerable_dependency

See merge request gitlab-org/gitlab!52576

ee/app/assets/javascripts/dependencies/components/dependencies_table.vue

@@ -10,7 +10,6 @@ import {
   GlLink,
 } from '@gitlab/ui';
 import { s__ } from '~/locale';
-import glFeatureFlagsMixin from '~/vue_shared/mixins/gl_feature_flags_mixin';
 import DependencyLicenseLinks from './dependency_license_links.vue';
 import DependencyVulnerabilities from './dependency_vulnerabilities.vue';
 import DependencyLocation from './dependency_location.vue';
@@ -45,7 +44,6 @@ export default {
     GlPopover,
     GlLink,
   },
-  mixins: [glFeatureFlagsMixin()],
   props: {
     dependencies: {
       type: Array,
@@ -115,25 +113,23 @@ export default {
   >
     <template #head(location)="data">
       {{ data.label }}
-      <template v-if="glFeatures.pathToVulnerableDependency">
-        <gl-icon id="location-info" name="information" class="gl-text-blue-600" />
-        <gl-popover
-          target="location-info"
-          triggers="hover focus"
-          placement="top"
-          :title="s__('Dependencies|Location and dependency path')"
-        >
-          {{ $options.i18n.tooltipText }}
-          <div class="gl-mt-4">
-            <gl-link
-              :href="$options.DEPENDENCY_PATH_LINK"
-              target="_blank"
-              class="font-size-inherit"
-              >{{ $options.i18n.tooltipMoreText }}</gl-link
-            >
-          </div>
-        </gl-popover>
-      </template>
+      <gl-icon id="location-info" name="information" class="gl-text-blue-600" />
+      <gl-popover
+        target="location-info"
+        triggers="hover focus"
+        placement="top"
+        :title="s__('Dependencies|Location and dependency path')"
+      >
+        {{ $options.i18n.tooltipText }}
+        <div class="gl-mt-4">
+          <gl-link
+            :href="$options.DEPENDENCY_PATH_LINK"
+            target="_blank"
+            class="font-size-inherit"
+            >{{ $options.i18n.tooltipMoreText }}</gl-link
+          >
+        </div>
+      </gl-popover>
     </template>
 
     <!-- toggleDetails and detailsShowing are scoped slot props provided by

ee/app/assets/javascripts/dependencies/components/dependency_location.vue

@@ -2,7 +2,6 @@
 import { GlIcon, GlLink, GlPopover, GlIntersperse } from '@gitlab/ui';
 import { n__ } from '~/locale';
 import DependencyPathViewer from './dependency_path_viewer.vue';
-import glFeatureFlagsMixin from '~/vue_shared/mixins/gl_feature_flags_mixin';
 
 export const VISIBLE_DEPENDENCY_COUNT = 2;
 
@@ -15,7 +14,6 @@ export default {
     GlPopover,
     GlIntersperse,
   },
-  mixins: [glFeatureFlagsMixin()],
   props: {
     location: {
       type: Object,
@@ -27,10 +25,10 @@ export default {
       return this.location.ancestors || [];
     },
     hasAncestors() {
-      return this.glFeatures.pathToVulnerableDependency && this.ancestors.length > 0;
+      return this.ancestors.length > 0;
     },
     isTopLevelDependency() {
-      return this.glFeatures.pathToVulnerableDependency && this.location.top_level;
+      return this.location.top_level;
     },
     visibleDependencies() {
       return this.ancestors.slice(0, VISIBLE_DEPENDENCY_COUNT);
@@ -39,7 +37,7 @@ export default {
       return Math.max(0, this.ancestors.length - VISIBLE_DEPENDENCY_COUNT);
     },
     showMoreLink() {
-      return this.glFeatures.pathToVulnerableDependency && this.remainingDependenciesCount > 0;
+      return this.remainingDependenciesCount > 0;
     },
     nMoreMessage() {
       return n__('Dependencies|%d more', 'Dependencies|%d more', this.remainingDependenciesCount);

ee/app/controllers/projects/dependencies_controller.rb

@@ -4,10 +4,6 @@ module Projects
   class DependenciesController < Projects::ApplicationController
     before_action :authorize_read_dependency_list!
 
-    before_action do
-      push_frontend_feature_flag(:path_to_vulnerable_dependency, project, default_enabled: true)
-    end
-
     feature_category :dependency_scanning
 
     def index

ee/config/feature_flags/development/path_to_vulnerable_dependency.yml

----
-name: path_to_vulnerable_dependency
-introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/40627
-rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/241739
-milestone: '13.4'
-type: development
-group: group::composition analysis
-default_enabled: true

ee/lib/gitlab/ci/parsers/security/formatters/dependency_list.rb

@@ -59,7 +59,6 @@ module Gitlab
                 path:      file_path
               }
 
-              return base_location if Feature.disabled?(:path_to_vulnerable_dependency, project, default_enabled: true)
               return base_location unless dependency['iid']
 
               base_location.merge({

ee/spec/frontend/dependencies/components/dependencies_table_spec.js

@@ -95,9 +95,11 @@ describe('DependenciesTable component', () => {
 
     it('renders the table header', () => {
       const expectedLabels = DependenciesTable.fields.map(({ label }) => label);
-      const headerCells = wrapper.findAll('thead th').wrappers;
+      const headerCells = wrapper.findAll('thead th');
 
-      expect(headerCells.map((cell) => cell.text())).toEqual(expectedLabels);
+      expectedLabels.forEach((expectedLabel, i) => {
+        expect(headerCells.at(i).text()).toContain(expectedLabel);
+      });
     });
 
     it('does not render any rows', () => {

ee/spec/frontend/dependencies/components/dependency_location_spec.js

@@ -12,11 +12,6 @@ describe('Dependency Location component', () => {
     wrapper = shallowMount(DependencyLocation, {
       propsData: { ...propsData },
       stubs: { GlLink, DependencyPathViewer, GlIntersperse },
-      provide: {
-        glFeatures: {
-          pathToVulnerableDependency: true,
-        },
-      },
       ...options,
     });
   };
@@ -87,23 +82,4 @@ describe('Dependency Location component', () => {
       expect(findPopover().exists()).toBe(false);
     });
   });
-
-  describe('with feature flag off', () => {
-    it.each`
-      name                | location              | path
-      ${'no path'}        | ${Paths.noPath}       | ${'package.json'}
-      ${'top level path'} | ${Paths.topLevelPath} | ${'package.json'}
-      ${'short path'}     | ${Paths.shortPath}    | ${'package.json'}
-      ${'long path'}      | ${Paths.longPath}     | ${'package.json'}
-    `('do not show dependency path for $name', ({ location, path }) => {
-      createComponent({
-        propsData: {
-          location,
-        },
-        provide: { glFeatures: { pathToVulnerableDependency: false } },
-      });
-
-      expect(wrapper.text()).toBe(path);
-    });
-  });
 });

ee/spec/lib/gitlab/ci/parsers/security/formatters/dependency_list_spec.rb

@@ -67,19 +67,6 @@ RSpec.describe Gitlab::Ci::Parsers::Security::Formatters::DependencyList do
       end
     end
 
-    context 'when feature flag for dependency path is off' do
-      let(:dependency) { parsed_report['dependency_files'][0]['dependencies'][0] }
-      let(:location) { data[:location] }
-
-      before do
-        stub_feature_flags(path_to_vulnerable_dependency: false)
-      end
-
-      it { expect(location[:top_level]).to be_nil }
-      it { expect(location[:ancestors]).to be_nil }
-      it { expect(location[:path]).to eq('file.path') }
-    end
-
     context 'with vulnerable dependency' do
       let(:data) { formatter.format(dependency, package_manager, file_path, parsed_report['vulnerabilities'].first) }
       let(:dependency) { parsed_report['dependency_files'][0]['dependencies'][1] }