Commit 75c06be4 authored by Vitali Tatarintev's avatar Vitali Tatarintev

Merge branch '320860_introduce_new_fields_for_vulnerability_type' into 'master'

Add `links` and `message` field to VulnerabilityType

See merge request gitlab-org/gitlab!71207
parents 82664385 3360a18c
...@@ -14731,8 +14731,10 @@ Represents a vulnerability. ...@@ -14731,8 +14731,10 @@ Represents a vulnerability.
| <a id="vulnerabilityhassolutions"></a>`hasSolutions` | [`Boolean`](#boolean) | Indicates whether there is a solution available for this vulnerability. | | <a id="vulnerabilityhassolutions"></a>`hasSolutions` | [`Boolean`](#boolean) | Indicates whether there is a solution available for this vulnerability. |
| <a id="vulnerabilityid"></a>`id` | [`ID!`](#id) | GraphQL ID of the vulnerability. | | <a id="vulnerabilityid"></a>`id` | [`ID!`](#id) | GraphQL ID of the vulnerability. |
| <a id="vulnerabilityidentifiers"></a>`identifiers` | [`[VulnerabilityIdentifier!]!`](#vulnerabilityidentifier) | Identifiers of the vulnerability. | | <a id="vulnerabilityidentifiers"></a>`identifiers` | [`[VulnerabilityIdentifier!]!`](#vulnerabilityidentifier) | Identifiers of the vulnerability. |
| <a id="vulnerabilitylinks"></a>`links` | [`[VulnerabilityLink!]!`](#vulnerabilitylink) | List of links associated with the vulnerability. |
| <a id="vulnerabilitylocation"></a>`location` | [`VulnerabilityLocation`](#vulnerabilitylocation) | Location metadata for the vulnerability. Its fields depend on the type of security scan that found the vulnerability. | | <a id="vulnerabilitylocation"></a>`location` | [`VulnerabilityLocation`](#vulnerabilitylocation) | Location metadata for the vulnerability. Its fields depend on the type of security scan that found the vulnerability. |
| <a id="vulnerabilitymergerequest"></a>`mergeRequest` | [`MergeRequest`](#mergerequest) | Merge request that fixes the vulnerability. | | <a id="vulnerabilitymergerequest"></a>`mergeRequest` | [`MergeRequest`](#mergerequest) | Merge request that fixes the vulnerability. |
| <a id="vulnerabilitymessage"></a>`message` | [`String`](#string) | Short text description of the vulnerability. This may include the finding's specific information. |
| <a id="vulnerabilitynotes"></a>`notes` | [`NoteConnection!`](#noteconnection) | All notes on this noteable. (see [Connections](#connections)) | | <a id="vulnerabilitynotes"></a>`notes` | [`NoteConnection!`](#noteconnection) | All notes on this noteable. (see [Connections](#connections)) |
| <a id="vulnerabilityprimaryidentifier"></a>`primaryIdentifier` | [`VulnerabilityIdentifier`](#vulnerabilityidentifier) | Primary identifier of the vulnerability. | | <a id="vulnerabilityprimaryidentifier"></a>`primaryIdentifier` | [`VulnerabilityIdentifier`](#vulnerabilityidentifier) | Primary identifier of the vulnerability. |
| <a id="vulnerabilityproject"></a>`project` | [`Project`](#project) | Project on which the vulnerability was found. | | <a id="vulnerabilityproject"></a>`project` | [`Project`](#project) | Project on which the vulnerability was found. |
...@@ -14978,6 +14980,17 @@ Represents an issue link of a vulnerability. ...@@ -14978,6 +14980,17 @@ Represents an issue link of a vulnerability.
| <a id="vulnerabilityissuelinkissue"></a>`issue` | [`Issue!`](#issue) | Issue attached to issue link. | | <a id="vulnerabilityissuelinkissue"></a>`issue` | [`Issue!`](#issue) | Issue attached to issue link. |
| <a id="vulnerabilityissuelinklinktype"></a>`linkType` | [`VulnerabilityIssueLinkType!`](#vulnerabilityissuelinktype) | Type of the issue link. | | <a id="vulnerabilityissuelinklinktype"></a>`linkType` | [`VulnerabilityIssueLinkType!`](#vulnerabilityissuelinktype) | Type of the issue link. |
### `VulnerabilityLink`
Represents a link related to a vulnerability.
#### Fields
| Name | Type | Description |
| ---- | ---- | ----------- |
| <a id="vulnerabilitylinkname"></a>`name` | [`String`](#string) | Name of the link. |
| <a id="vulnerabilitylinkurl"></a>`url` | [`String!`](#string) | URL of the link. |
### `VulnerabilityLocationContainerScanning` ### `VulnerabilityLocationContainerScanning`
Represents the location of a vulnerability found by a container security scan. Represents the location of a vulnerability found by a container security scan.
......
# frozen_string_literal: true
module Types
module Vulnerabilities
class LinkType < BaseObject # rubocop:disable Graphql/AuthorizeTypes(This can be only accessible through vulnerability type)
graphql_name 'VulnerabilityLink'
description 'Represents a link related to a vulnerability'
field :name, GraphQL::Types::String, null: true,
description: 'Name of the link.'
field :url, GraphQL::Types::String, null: false,
description: 'URL of the link.'
end
end
end
...@@ -20,6 +20,10 @@ module Types ...@@ -20,6 +20,10 @@ module Types
field :description, GraphQL::Types::String, null: true, field :description, GraphQL::Types::String, null: true,
description: 'Description of the vulnerability.' description: 'Description of the vulnerability.'
field :message, GraphQL::Types::String, null: true,
description: "Short text description of the vulnerability. This may include the finding's specific information.",
method: :finding_message
field :state, VulnerabilityStateEnum, null: true, field :state, VulnerabilityStateEnum, null: true,
description: "State of the vulnerability (#{::Vulnerability.states.keys.join(', ').upcase})" description: "State of the vulnerability (#{::Vulnerability.states.keys.join(', ').upcase})"
...@@ -45,6 +49,9 @@ module Types ...@@ -45,6 +49,9 @@ module Types
field :external_issue_links, ::Types::Vulnerability::ExternalIssueLinkType.connection_type, null: false, field :external_issue_links, ::Types::Vulnerability::ExternalIssueLinkType.connection_type, null: false,
description: 'List of external issue links related to the vulnerability.' description: 'List of external issue links related to the vulnerability.'
field :links, [::Types::Vulnerabilities::LinkType], null: false,
description: 'List of links associated with the vulnerability.'
field :location, VulnerabilityLocationType, null: true, field :location, VulnerabilityLocationType, null: true,
description: 'Location metadata for the vulnerability. Its fields depend on the type of security scan that found the vulnerability.' description: 'Location metadata for the vulnerability. Its fields depend on the type of security scan that found the vulnerability.'
......
# frozen_string_literal: true
require 'spec_helper'
RSpec.describe GitlabSchema.types['VulnerabilityLink'] do
let(:expected_fields) { %i[name url] }
subject { described_class }
it { is_expected.to have_graphql_fields(expected_fields) }
end
...@@ -11,6 +11,7 @@ RSpec.describe GitlabSchema.types['Vulnerability'] do ...@@ -11,6 +11,7 @@ RSpec.describe GitlabSchema.types['Vulnerability'] do
id id
title title
description description
message
user_notes_count user_notes_count
state state
severity severity
...@@ -29,6 +30,7 @@ RSpec.describe GitlabSchema.types['Vulnerability'] do ...@@ -29,6 +30,7 @@ RSpec.describe GitlabSchema.types['Vulnerability'] do
dismissed_at dismissed_at
notes notes
external_issue_links external_issue_links
links
has_solutions has_solutions
false_positive false_positive
merge_request merge_request
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment