Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
bd482380
Commit
bd482380
authored
Feb 09, 2021
by
GitLab Bot
Browse files
Options
Browse Files
Download
Plain Diff
Automatic merge of gitlab-org/gitlab master
parents
1f4e8e80
6d175094
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
26 additions
and
6 deletions
+26
-6
doc/user/markdown.md
doc/user/markdown.md
+0
-1
ee/spec/lib/ee/gitlab/background_migration/update_location_fingerprint_for_container_scanning_findings_spec.rb
...ation_fingerprint_for_container_scanning_findings_spec.rb
+26
-5
No files found.
doc/user/markdown.md
View file @
bd482380
...
...
@@ -444,7 +444,6 @@ GFM recognizes the following:
| snippet | `$123` | `namespace/project$123` | `project$123` |
| epic **(ULTIMATE)** | `&123` | `group1/subgroup&123` | |
| vulnerability **(ULTIMATE)** (1)| `[vulnerability:123]` | `[vulnerability:namespace/project/123]` | `[vulnerability:project/123]` |
| feature flag | `[feature_flag:123]` | `[feature_flag:namespace/project/123]` | `[feature_flag:project/123]` |
| label by ID | `~123` | `namespace/project~123` | `project~123` |
| one-word label by name | `~bug` | `namespace/project~bug` | `project~bug` |
| multi-word label by name | `~"feature request"` | `namespace/project~"feature request"` | `project~"feature request"` |
...
...
ee/spec/lib/ee/gitlab/background_migration/update_location_fingerprint_for_container_scanning_findings_spec.rb
View file @
bd482380
...
...
@@ -82,7 +82,8 @@ RSpec.describe Gitlab::BackgroundMigration::UpdateLocationFingerprintForContaine
end
def
finding_params
(
primary_identifier_id
)
attrs
=
attributes_for
(
:vulnerabilities_finding
)
# rubocop: disable RSpec/FactoriesInMigrationSpecs
uuid
=
SecureRandom
.
uuid
{
severity:
0
,
confidence:
5
,
...
...
@@ -90,12 +91,32 @@ RSpec.describe Gitlab::BackgroundMigration::UpdateLocationFingerprintForContaine
project_id:
123
,
scanner_id:
6
,
primary_identifier_id:
primary_identifier_id
,
project_fingerprint:
attrs
[
:project_fingerprint
]
,
project_fingerprint:
SecureRandom
.
hex
(
20
)
,
location_fingerprint:
Digest
::
SHA1
.
hexdigest
(
SecureRandom
.
hex
(
10
)),
uuid:
attrs
[
:uuid
]
,
name:
attrs
[
:name
]
,
uuid:
uuid
,
name:
"Vulnerability Finding
#{
uuid
}
"
,
metadata_version:
'1.3'
,
raw_metadata:
attrs
[
:raw_metadata
]
raw_metadata:
raw_metadata
}
end
def
raw_metadata
{
"description"
=>
"The cipher does not provide data integrity update 1"
,
"message"
=>
"The cipher does not provide data integrity"
,
"cve"
=>
"818bf5dacb291e15d9e6dc3c5ac32178:CIPHER"
,
"solution"
=>
"GCM mode introduces an HMAC into the resulting encrypted data, providing integrity of the result."
,
"location"
=>
{
"file"
=>
"maven/src/main/java/com/gitlab/security_products/tests/App.java"
,
"start_line"
=>
29
,
"end_line"
=>
29
,
"class"
=>
"com.gitlab.security_products.tests.App"
,
"method"
=>
"insecureCypher"
},
"links"
=>
[{
"name"
=>
"Cipher does not check for integrity first?"
,
"url"
=>
"https://crypto.stackexchange.com/questions/31428/pbewithmd5anddes-cipher-does-not-check-for-integrity-first"
}],
"assets"
=>
[{
"type"
=>
"postman"
,
"name"
=>
"Test Postman Collection"
,
"url"
=>
"http://localhost/test.collection"
}],
"evidence"
=>
{
"summary"
=>
"Credit card detected"
,
"request"
=>
{
"headers"
=>
[{
"name"
=>
"Accept"
,
"value"
=>
"*/*"
}],
"method"
=>
"GET"
,
"url"
=>
"http://goat:8080/WebGoat/logout"
,
"body"
=>
nil
},
"response"
=>
{
"headers"
=>
[{
"name"
=>
"Content-Length"
,
"value"
=>
"0"
}],
"reason_phrase"
=>
"OK"
,
"status_code"
=>
200
,
"body"
=>
nil
},
"source"
=>
{
"id"
=>
"assert:Response Body Analysis"
,
"name"
=>
"Response Body Analysis"
,
"url"
=>
"htpp://hostname/documentation"
},
"supporting_messages"
=>
[{
"name"
=>
"Origional"
,
"request"
=>
{
"headers"
=>
[{
"name"
=>
"Accept"
,
"value"
=>
"*/*"
}],
"method"
=>
"GET"
,
"url"
=>
"http://goat:8080/WebGoat/logout"
,
"body"
=>
""
}
},
{
"name"
=>
"Recorded"
,
"request"
=>
{
"headers"
=>
[{
"name"
=>
"Accept"
,
"value"
=>
"*/*"
}],
"method"
=>
"GET"
,
"url"
=>
"http://goat:8080/WebGoat/logout"
,
"body"
=>
""
},
"response"
=>
{
"headers"
=>
[{
"name"
=>
"Content-Length"
,
"value"
=>
"0"
}],
"reason_phrase"
=>
"OK"
,
"status_code"
=>
200
,
"body"
=>
""
}
}]
}
}
end
end
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment