Commit abce316f authored by Robert Speicher's avatar Robert Speicher

Merge branch 'summarize-only-current-vulnerabilities' into 'master'

Don't count fixed vulnerabilities

See merge request gitlab-org/gitlab!28495
parents 8254029c de94ecf2
...@@ -23,7 +23,9 @@ module EE ...@@ -23,7 +23,9 @@ module EE
description: 'Counts for each severity of vulnerability of the project', description: 'Counts for each severity of vulnerability of the project',
feature_flag: :first_class_vulnerabilities, feature_flag: :first_class_vulnerabilities,
resolve: -> (obj, _args, ctx) do resolve: -> (obj, _args, ctx) do
Hash.new(0).merge(obj.vulnerabilities.counts_by_severity) Hash.new(0).merge(
obj.vulnerabilities.with_states([:detected, :confirmed]).counts_by_severity
)
end end
field :requirement, ::Types::RequirementType, null: true, field :requirement, ::Types::RequirementType, null: true,
......
...@@ -5,7 +5,10 @@ require 'spec_helper' ...@@ -5,7 +5,10 @@ require 'spec_helper'
describe 'Query.project(fullPath).vulnerabilitySeveritiesCount' do describe 'Query.project(fullPath).vulnerabilitySeveritiesCount' do
let_it_be(:project) { create(:project) } let_it_be(:project) { create(:project) }
let_it_be(:user) { create(:user) } let_it_be(:user) { create(:user) }
let_it_be(:vulnerability) { create(:vulnerability, project: project, severity: :high) } let_it_be(:confirmed_vulnerability) { create(:vulnerability, :confirmed, :high, project: project) }
let_it_be(:detected_vulnerability) { create(:vulnerability, :detected, :high, project: project) }
let_it_be(:resolved_vulnerability) { create(:vulnerability, :resolved, :high, project: project) }
let_it_be(:dismissed_vulnerabilities) { create(:vulnerability, :dismissed, :high, project: project) }
let_it_be(:query) do let_it_be(:query) do
%( %(
...@@ -43,10 +46,10 @@ describe 'Query.project(fullPath).vulnerabilitySeveritiesCount' do ...@@ -43,10 +46,10 @@ describe 'Query.project(fullPath).vulnerabilitySeveritiesCount' do
stub_licensed_features(security_dashboard: true) stub_licensed_features(security_dashboard: true)
end end
it "returns counts for each severity of the project's vulnerabilities" do it "returns counts for each severity of the project's detected or confirmed vulnerabilities" do
high_count = subject.dig('data', 'project', 'vulnerabilitySeveritiesCount', 'high') high_count = subject.dig('data', 'project', 'vulnerabilitySeveritiesCount', 'high')
expect(high_count).to be(1) expect(high_count).to be(2)
end end
end end
end end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment