Commit cd9876e5 authored by Etienne Baqué's avatar Etienne Baqué

Merge branch...

Merge branch '322803-vulnerability_findings-api-does-not-correctly-filter-on-scanner-parameter-2' into 'master'

Remove `scanner` parameter from vulnerability_findings REST endpoint

See merge request gitlab-org/gitlab!55453
parents fd2e3b0f a7d6e53c
...@@ -49,7 +49,6 @@ GET /projects/:id/vulnerability_findings?scope=all ...@@ -49,7 +49,6 @@ GET /projects/:id/vulnerability_findings?scope=all
GET /projects/:id/vulnerability_findings?scope=dismissed GET /projects/:id/vulnerability_findings?scope=dismissed
GET /projects/:id/vulnerability_findings?severity=high GET /projects/:id/vulnerability_findings?severity=high
GET /projects/:id/vulnerability_findings?confidence=unknown,experimental GET /projects/:id/vulnerability_findings?confidence=unknown,experimental
GET /projects/:id/vulnerability_findings?scanner=bandit,find_sec_bugs
GET /projects/:id/vulnerability_findings?pipeline_id=42 GET /projects/:id/vulnerability_findings?pipeline_id=42
``` ```
...@@ -63,7 +62,6 @@ Beginning with GitLab 12.9, the `undefined` severity and confidence level is no ...@@ -63,7 +62,6 @@ Beginning with GitLab 12.9, the `undefined` severity and confidence level is no
| `scope` | string | no | Returns vulnerability findings for the given scope: `all` or `dismissed`. Defaults to `dismissed`. | | `scope` | string | no | Returns vulnerability findings for the given scope: `all` or `dismissed`. Defaults to `dismissed`. |
| `severity` | string array | no | Returns vulnerability findings belonging to specified severity level: `info`, `unknown`, `low`, `medium`, `high`, or `critical`. Defaults to all. | | `severity` | string array | no | Returns vulnerability findings belonging to specified severity level: `info`, `unknown`, `low`, `medium`, `high`, or `critical`. Defaults to all. |
| `confidence` | string array | no | Returns vulnerability findings belonging to specified confidence level: `ignore`, `unknown`, `experimental`, `low`, `medium`, `high`, or `confirmed`. Defaults to all. | | `confidence` | string array | no | Returns vulnerability findings belonging to specified confidence level: `ignore`, `unknown`, `experimental`, `low`, `medium`, `high`, or `confirmed`. Defaults to all. |
| `scanner` | string array | no | Returns vulnerability findings detected by specified scanner.
| `pipeline_id` | integer/string | no | Returns vulnerability findings belonging to specified pipeline. | | `pipeline_id` | integer/string | no | Returns vulnerability findings belonging to specified pipeline. |
```shell ```shell
......
---
title: Remove scanner parameter from vulnerability_findings REST endpoint
merge_request: 55453
author: Thiago Figueiro @thiagocsf
type: changed
...@@ -76,10 +76,6 @@ module API ...@@ -76,10 +76,6 @@ module API
'Defaults to all', 'Defaults to all',
values: ::Vulnerabilities::Finding.confidences.keys, values: ::Vulnerabilities::Finding.confidences.keys,
default: ::Vulnerabilities::Finding.confidences.keys default: ::Vulnerabilities::Finding.confidences.keys
optional :scanner,
type: Array[String],
coerce_with: ::API::Validations::Types::CommaSeparatedToArray.coerce,
desc: 'Returns vulnerabilities detected by specified scanners'
optional :pipeline_id, type: String, desc: 'The ID of the pipeline' optional :pipeline_id, type: String, desc: 'The ID of the pipeline'
use :pagination use :pagination
......
...@@ -179,14 +179,6 @@ RSpec.describe API::VulnerabilityFindings do ...@@ -179,14 +179,6 @@ RSpec.describe API::VulnerabilityFindings do
expect(response).to have_gitlab_http_status(:bad_request) expect(response).to have_gitlab_http_status(:bad_request)
end end
it 'returns vulnerabilities detected by bandit and find_sec_bugs scanners' do
get api(project_vulnerability_findings_path, user), params: { scanner: 'bandit,find_sec_bugs' }.merge(pagination)
expect(response).to have_gitlab_http_status(:ok)
expect(json_response.map { |v| v.dig('scanner', 'external_id') }.uniq).to match_array %w[bandit find_sec_bugs]
end
context 'when pipeline_id is supplied' do context 'when pipeline_id is supplied' do
it 'returns vulnerabilities from supplied pipeline' do it 'returns vulnerabilities from supplied pipeline' do
finding_count = (sast_report.findings.count + ds_report.findings.count - 1).to_s finding_count = (sast_report.findings.count + ds_report.findings.count - 1).to_s
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment