Skip to content

G
gitlab-ce
Commit d64a5b53 authored by Alan (Maciej) Paruszewski's avatar Alan (Maciej) Paruszewski Committed by Peter Leitzen
Browse files
Options

Update details JSON Schema for Finding 

This change updates JSON Schema for details field in Vulnerability
Finding with newest version of the schema from Security Report Schemas
parent c5744b1a
Expand all Hide whitespace changes
Inline Side-by-side
Showing with 1086 additions and 313 deletions
app/validators/json_schemas/vulnerability_finding_details.json
View file @ d64a5b53
......@@ -6,60 +6,67 @@
"^.*$": {
"allOf": [
{ "$ref": "#/definitions/named_field" },
{ "$ref": "#/definitions/type_list" }
{ "$ref": "#/definitions/detail_type" }
]
}
},
"definitions": {
"type_list": {
"detail_type": {
"oneOf": [
{ "$ref": "#/definitions/named_list" },
{ "$ref": "#/definitions/list" },
{ "$ref": "#/definitions/table" },
{ "$ref": "#/definitions/text" },
{ "$ref": "#/definitions/url" },
{ "$ref": "#/definitions/code" },
{ "$ref": "#/definitions/int" },
{ "$ref": "#/definitions/value" },
{ "$ref": "#/definitions/diff" },
{ "$ref": "#/definitions/markdown" },
{ "$ref": "#/definitions/commit" },
{ "$ref": "#/definitions/file_location" },
{ "$ref": "#/definitions/module_location" }
]
},
"lang_text": {
"type": "object",
"required": [ "value", "lang" ],
"properties": {
"lang": { "type": "string" },
"value": { "type": "string" }
}
},
"lang_text_list": {
"type": "array",
"items": { "$ref": "#/definitions/lang_text" }
"text_value": {
"type": "string"
},
"named_field": {
"type": "object",
"required": [ "name" ],
"required": [
"name"
],
"properties": {
"name": { "$ref": "#/definitions/lang_text_list" },
"description": { "$ref": "#/definitions/lang_text_list" }
"name": {
"$ref": "#/definitions/text_value",
"minLength": 1
},
"description": {
"$ref": "#/definitions/text_value"
}
}
},
"named_list": {
"type": "object",
"description": "An object with named and typed fields",
"required": [ "type", "items" ],
"required": [
"type",
"items"
],
"properties": {
"type": { "const": "named-list" },
"type": {
"const": "named-list"
},
"items": {
"type": "object",
"patternProperties": {
"^.*$": {
"allOf": [
{ "$ref": "#/definitions/named_field" },
{ "$ref": "#/definitions/type_list" }
{
"$ref": "#/definitions/named_field"
},
{
"$ref": "#/definitions/detail_type"
}
]
}
}
......@@ -69,38 +76,45 @@
"list": {
"type": "object",
"description": "A list of typed fields",
"required": [ "type", "items" ],
"required": [
"type",
"items"
],
"properties": {
"type": { "const": "list" },
"type": {
"const": "list"
},
"items": {
"type": "array",
"items": { "$ref": "#/definitions/type_list" }
"items": {
"$ref": "#/definitions/detail_type"
}
}
}
},
"table": {
"type": "object",
"description": "A table of typed fields",
"required": [],
"required": [
"type",
"rows"
],
"properties": {
"type": { "const": "table" },
"items": {
"type": "object",
"properties": {
"header": {
"type": "array",
"items": {
"$ref": "#/definitions/type_list"
}
},
"rows": {
"type": "array",
"items": {
"type": "array",
"items": {
"$ref": "#/definitions/type_list"
}
}
"type": {
"const": "table"
},
"header": {
"type": "array",
"items": {
"$ref": "#/definitions/detail_type"
}
},
"rows": {
"type": "array",
"items": {
"type": "array",
"items": {
"$ref": "#/definitions/detail_type"
}
}
}
......@@ -109,73 +123,171 @@
"text": {
"type": "object",
"description": "Raw text",
"required": [ "type", "value" ],
"required": [
"type",
"value"
],
"properties": {
"type": { "const": "text" },
"value": { "$ref": "#/definitions/lang_text_list" }
"type": {
"const": "text"
},
"value": {
"$ref": "#/definitions/text_value"
}
}
},
"url": {
"type": "object",
"description": "A single URL",
"required": [ "type", "href" ],
"required": [
"type",
"href"
],
"properties": {
"type": { "const": "url" },
"text": { "$ref": "#/definitions/lang_text_list" },
"href": { "type": "string" }
"type": {
"const": "url"
},
"text": {
"$ref": "#/definitions/text_value"
},
"href": {
"type": "string",
"minLength": 1,
"examples": ["http://mysite.com"]
}
}
},
"code": {
"type": "object",
"description": "A codeblock",
"required": [ "type", "value" ],
"required": [
"type",
"value"
],
"properties": {
"type": { "const": "code" },
"value": { "type": "string" },
"lang": { "type": "string" }
"type": {
"const": "code"
},
"value": {
"type": "string"
},
"lang": {
"type": "string",
"description": "A programming language"
}
}
},
"int": {
"value": {
"type": "object",
"description": "An integer",
"required": [ "type", "value" ],
"description": "A field that can store a range of types of value",
"required": ["type", "value"],
"properties": {
"type": { "const": "int" },
"value": { "type": "integer" },
"format": {
"type": "string",
"enum": [ "default", "hex" ]
"type": { "const": "value" },
"value": {
"type": ["number", "string", "boolean"]
}
}
},
"diff": {
"type": "object",
"description": "A diff",
"required": [
"type",
"before",
"after"
],
"properties": {
"type": {
"const": "diff"
},
"before": {
"type": "string"
},
"after": {
"type": "string"
}
}
},
"markdown": {
"type": "object",
"description": "GitLab flavoured markdown, see https://docs.gitlab.com/ee/user/markdown.html",
"required": [
"type",
"value"
],
"properties": {
"type": {
"const": "markdown"
},
"value": {
"$ref": "#/definitions/text_value",
"examples": ["Here is markdown `inline code` #1 [test](gitlab.com)\n\n![GitLab Logo](https://about.gitlab.com/images/press/logo/preview/gitlab-logo-white-preview.png)"]
}
}
},
"commit": {
"type": "object",
"description": "A specific commit within the project",
"required": [ "type", "value" ],
"description": "A commit/tag/branch within the GitLab project",
"required": [
"type",
"value"
],
"properties": {
"type": { "const": "commit" },
"value": { "type": "string", "description": "The commit SHA" }
"type": {
"const": "commit"
},
"value": {
"type": "string",
"description": "The commit SHA",
"minLength": 1
}
}
},
"file_location": {
"type": "object",
"description": "A location within a file in the project",
"required": [ "type", "file_name", "line_start" ],
"required": [
"type",
"file_name",
"line_start"
],
"properties": {
"type": { "const": "file-location" },
"file_name": { "type": "string" },
"line_start": { "type": "integer" },
"line_end": { "type": "integer" }
"type": {
"const": "file-location"
},
"file_name": {
"type": "string",
"minLength": 1
},
"line_start": {
"type": "integer"
},
"line_end": {
"type": "integer"
}
}
},
"module_location": {
"type": "object",
"description": "A location within a binary module of the form module+relative_offset",
"required": [ "type", "module_name", "offset" ],
"required": [
"type",
"module_name",
"offset"
],
"properties": {
"type": { "const": "module-location" },
"module_name": { "type": "string" },
"offset": { "type": "integer" }
"type": {
"const": "module-location"
},
"module_name": {
"type": "string",
"minLength": 1,
"examples": ["compiled_binary"]
},
"offset": {
"type": "integer",
"examples": [100]
}
}
}
}
......
doc/api/graphql/reference/gitlab_schema.graphql
View file @ d64a5b53
......@@ -28462,7 +28462,7 @@ type VulnerabilityDetailBase {
"""
Description of the field.
"""
description: String!
description: String
"""
Name of the field.
......@@ -28472,7 +28472,7 @@ type VulnerabilityDetailBase {
"""
Name of the field.
"""
name: String!
name: String
}
"""
......@@ -28482,7 +28482,7 @@ type VulnerabilityDetailBoolean {
"""
Description of the field.
"""
description: String!
description: String
"""
Name of the field.
......@@ -28492,7 +28492,7 @@ type VulnerabilityDetailBoolean {
"""
Name of the field.
"""
name: String!
name: String
"""
Value of the field.
......@@ -28507,7 +28507,7 @@ type VulnerabilityDetailCode {
"""
Description of the field.
"""
description: String!
description: String
"""
Name of the field.
......@@ -28522,7 +28522,7 @@ type VulnerabilityDetailCode {
"""
Name of the field.
"""
name: String!
name: String
"""
Source code.
......@@ -28537,7 +28537,7 @@ type VulnerabilityDetailCommit {
"""
Description of the field.
"""
description: String!
description: String
"""
Name of the field.
......@@ -28547,7 +28547,7 @@ type VulnerabilityDetailCommit {
"""
Name of the field.
"""
name: String!
name: String
"""
The commit SHA value.
......@@ -28572,7 +28572,7 @@ type VulnerabilityDetailDiff {
"""
Description of the field.
"""
description: String!
description: String
"""
Name of the field.
......@@ -28582,7 +28582,7 @@ type VulnerabilityDetailDiff {
"""
Name of the field.
"""
name: String!
name: String
}
"""
......@@ -28592,7 +28592,7 @@ type VulnerabilityDetailFileLocation {
"""
Description of the field.
"""
description: String!
description: String
"""
Name of the field.
......@@ -28617,7 +28617,7 @@ type VulnerabilityDetailFileLocation {
"""
Name of the field.
"""
name: String!
name: String
}
"""
......@@ -28627,7 +28627,7 @@ type VulnerabilityDetailInt {
"""
Description of the field.
"""
description: String!
description: String
"""
Name of the field.
......@@ -28637,7 +28637,7 @@ type VulnerabilityDetailInt {
"""
Name of the field.
"""
name: String!
name: String
"""
Value of the field.
......@@ -28652,7 +28652,7 @@ type VulnerabilityDetailList {
"""
Description of the field.
"""
description: String!
description: String
"""
Name of the field.
......@@ -28667,7 +28667,7 @@ type VulnerabilityDetailList {
"""
Name of the field.
"""
name: String!
name: String
}
"""
......@@ -28677,7 +28677,7 @@ type VulnerabilityDetailMarkdown {
"""
Description of the field.
"""
description: String!
description: String
"""
Name of the field.
......@@ -28687,7 +28687,7 @@ type VulnerabilityDetailMarkdown {
"""
Name of the field.
"""
name: String!
name: String
"""
Value of the Markdown field.
......@@ -28702,7 +28702,7 @@ type VulnerabilityDetailModuleLocation {
"""
Description of the field.
"""
description: String!
description: String
"""
Name of the field.
......@@ -28717,7 +28717,7 @@ type VulnerabilityDetailModuleLocation {
"""
Name of the field.
"""
name: String!
name: String
"""
Offset of the module location.
......@@ -28732,7 +28732,7 @@ type VulnerabilityDetailTable {
"""
Description of the field.
"""
description: String!
description: String
"""
Name of the field.
......@@ -28747,7 +28747,7 @@ type VulnerabilityDetailTable {
"""
Name of the field.
"""
name: String!
name: String
"""
Table rows.
......@@ -28762,7 +28762,7 @@ type VulnerabilityDetailText {
"""
Description of the field.
"""
description: String!
description: String
"""
Name of the field.
......@@ -28772,7 +28772,7 @@ type VulnerabilityDetailText {
"""
Name of the field.
"""
name: String!
name: String
"""
Value of the text field.
......@@ -28787,7 +28787,7 @@ type VulnerabilityDetailUrl {
"""
Description of the field.
"""
description: String!
description: String
"""
Name of the field.
......@@ -28802,7 +28802,7 @@ type VulnerabilityDetailUrl {
"""
Name of the field.
"""
name: String!
name: String
"""
Text of the URL.
......
doc/api/graphql/reference/index.md
View file @ d64a5b53
......@@ -4335,9 +4335,9 @@ Represents the vulnerability details base.
| Field | Type | Description |
| ----- | ---- | ----------- |
| `description` | String! | Description of the field. |
| `description` | String | Description of the field. |
| `fieldName` | String | Name of the field. |
| `name` | String! | Name of the field. |
| `name` | String | Name of the field. |
### VulnerabilityDetailBoolean
......@@ -4345,9 +4345,9 @@ Represents the vulnerability details boolean value.
| Field | Type | Description |
| ----- | ---- | ----------- |
| `description` | String! | Description of the field. |
| `description` | String | Description of the field. |
| `fieldName` | String | Name of the field. |
| `name` | String! | Name of the field. |
| `name` | String | Name of the field. |
| `value` | Boolean! | Value of the field. |
### VulnerabilityDetailCode
......@@ -4356,10 +4356,10 @@ Represents the vulnerability details code field.
| Field | Type | Description |
| ----- | ---- | ----------- |
| `description` | String! | Description of the field. |
| `description` | String | Description of the field. |
| `fieldName` | String | Name of the field. |
| `lang` | String | Language of the code. |
| `name` | String! | Name of the field. |
| `name` | String | Name of the field. |
| `value` | String! | Source code. |
### VulnerabilityDetailCommit
......@@ -4368,9 +4368,9 @@ Represents the vulnerability details commit field.
| Field | Type | Description |
| ----- | ---- | ----------- |
| `description` | String! | Description of the field. |
| `description` | String | Description of the field. |
| `fieldName` | String | Name of the field. |
| `name` | String! | Name of the field. |
| `name` | String | Name of the field. |
| `value` | String! | The commit SHA value. |
### VulnerabilityDetailDiff
......@@ -4381,9 +4381,9 @@ Represents the vulnerability details diff field.
| ----- | ---- | ----------- |
| `after` | String! | Value of the field after the change. |
| `before` | String! | Value of the field before the change. |
| `description` | String! | Description of the field. |
| `description` | String | Description of the field. |
| `fieldName` | String | Name of the field. |
| `name` | String! | Name of the field. |
| `name` | String | Name of the field. |
### VulnerabilityDetailFileLocation
......@@ -4391,12 +4391,12 @@ Represents the vulnerability details location within a file in the project.
| Field | Type | Description |
| ----- | ---- | ----------- |
| `description` | String! | Description of the field. |
| `description` | String | Description of the field. |
| `fieldName` | String | Name of the field. |
| `fileName` | String! | File name. |
| `lineEnd` | Int! | End line number of the file location. |
| `lineStart` | Int! | Start line number of the file location. |
| `name` | String! | Name of the field. |
| `name` | String | Name of the field. |
### VulnerabilityDetailInt
......@@ -4404,9 +4404,9 @@ Represents the vulnerability details integer value.
| Field | Type | Description |
| ----- | ---- | ----------- |
| `description` | String! | Description of the field. |
| `description` | String | Description of the field. |
| `fieldName` | String | Name of the field. |
| `name` | String! | Name of the field. |
| `name` | String | Name of the field. |
| `value` | Int! | Value of the field. |
### VulnerabilityDetailList
......@@ -4415,10 +4415,10 @@ Represents the vulnerability details list value.
| Field | Type | Description |
| ----- | ---- | ----------- |
| `description` | String! | Description of the field. |
| `description` | String | Description of the field. |
| `fieldName` | String | Name of the field. |
| `items` | VulnerabilityDetail! => Array | List of details. |
| `name` | String! | Name of the field. |
| `name` | String | Name of the field. |
### VulnerabilityDetailMarkdown
......@@ -4426,9 +4426,9 @@ Represents the vulnerability details Markdown field.
| Field | Type | Description |
| ----- | ---- | ----------- |
| `description` | String! | Description of the field. |
| `description` | String | Description of the field. |
| `fieldName` | String | Name of the field. |
| `name` | String! | Name of the field. |
| `name` | String | Name of the field. |
| `value` | String! | Value of the Markdown field. |
### VulnerabilityDetailModuleLocation
......@@ -4437,10 +4437,10 @@ Represents the vulnerability details location within a file in the project.
| Field | Type | Description |
| ----- | ---- | ----------- |
| `description` | String! | Description of the field. |
| `description` | String | Description of the field. |
| `fieldName` | String | Name of the field. |
| `moduleName` | String! | Module name. |
| `name` | String! | Name of the field. |
| `name` | String | Name of the field. |
| `offset` | Int! | Offset of the module location. |
### VulnerabilityDetailTable
......@@ -4449,10 +4449,10 @@ Represents the vulnerability details table value.
| Field | Type | Description |
| ----- | ---- | ----------- |
| `description` | String! | Description of the field. |
| `description` | String | Description of the field. |
| `fieldName` | String | Name of the field. |
| `headers` | VulnerabilityDetail! => Array | Table headers. |
| `name` | String! | Name of the field. |
| `name` | String | Name of the field. |
| `rows` | VulnerabilityDetail! => Array | Table rows. |
### VulnerabilityDetailText
......@@ -4461,9 +4461,9 @@ Represents the vulnerability details text field.
| Field | Type | Description |
| ----- | ---- | ----------- |
| `description` | String! | Description of the field. |
| `description` | String | Description of the field. |
| `fieldName` | String | Name of the field. |
| `name` | String! | Name of the field. |
| `name` | String | Name of the field. |
| `value` | String! | Value of the text field. |
### VulnerabilityDetailUrl
......@@ -4472,10 +4472,10 @@ Represents the vulnerability details URL field.
| Field | Type | Description |
| ----- | ---- | ----------- |
| `description` | String! | Description of the field. |
| `description` | String | Description of the field. |
| `fieldName` | String | Name of the field. |
| `href` | String! | Href of the URL. |
| `name` | String! | Name of the field. |
| `name` | String | Name of the field. |
| `text` | String | Text of the URL. |
### VulnerabilityDismissPayload
......
ee/app/graphql/types/vulnerability_details/base_type.rb
View file @ d64a5b53
......@@ -10,10 +10,10 @@ module Types
field :field_name, GraphQL::STRING_TYPE, null: true,
description: 'Name of the field.'
field :name, GraphQL::STRING_TYPE, null: false,
field :name, GraphQL::STRING_TYPE, null: true,
description: 'Name of the field.'
field :description, GraphQL::STRING_TYPE, null: false,
field :description, GraphQL::STRING_TYPE, null: true,
description: 'Description of the field.'
end
end
......
ee/changelogs/unreleased/263497-update-details-schema-for-finding.yml 0 → 100644
View file @ d64a5b53
---
title: Update details JSON Schema and GraphQL Schema for Vulnerability Finding
merge_request: 54423
author:
type: fixed
ee/spec/factories/vulnerabilities/findings.rb
View file @ d64a5b53
......@@ -225,6 +225,228 @@ FactoryBot.define do
end
end
trait :with_details do
details do
{
commit: {
name: 'The Commit',
description: 'Commit where the vulnerability was identified',
type: 'commit',
value: '41df7b7eb3be2b5be2c406c2f6d28cd6631eeb19'
},
marked_up: {
name: 'Marked Data',
description: 'GFM-flavored markdown',
type: 'markdown',
value: "Here is markdown `inline code` #1 [test](gitlab.com)\n\n![GitLab Logo](https://about.gitlab.com/images/press/logo/preview/gitlab-logo-white-preview.png)"
},
diff: {
name: 'Modified data',
description: 'How the data was modified',
type: 'diff',
before: "Hello there\nHello world\nhello again",
after: "Hello there\nHello Wooorld\nanew line\nhello again\nhello again"
},
table_data: {
name: 'Registers',
type: 'table',
header: [
{
type: 'text',
value: 'Register'
},
{
type: 'text',
value: 'Value'
},
{
type: 'text',
value: 'Note'
}
],
rows: [
[
{
type: 'text',
value: 'eax'
},
{
type: 'value',
value: 1336
},
{
type: 'text',
value: 'A note for eax'
}
],
[
{
type: 'value',
value: 'ebx'
},
{
type: 'value',
value: 1337
},
{
type: 'value',
value: true
}
],
[
{
type: 'text',
value: 'ecx'
},
{
type: 'value',
value: 1338
},
{
type: 'text',
value: 'A note for ecx'
}
],
[
{
type: 'text',
value: 'edx'
},
{
type: 'value',
value: 1339
},
{
type: 'text',
value: 'A note for edx'
}
]
]
},
urls: {
name: 'URLs',
description: 'The list of URLs in this report',
type: 'list',
items: [
{
type: 'url',
href: 'https://gitlab.com'
},
{
type: 'url',
href: 'https://gitlab.com'
},
{
type: 'url',
href: 'https://gitlab.com'
}
]
},
description: {
name: 'Description',
description: 'The actual description of the description',
type: 'text',
value: 'Text value'
},
code_block: {
name: 'Code Block',
type: 'code',
value: "Here\nis\ncode"
},
named_list: {
name: 'A Named List',
type: 'named-list',
items: {
field1: {
name: 'Field 1',
description: 'The description for field 1',
type: 'text',
value: 'Text'
},
field2: {
name: 'Field 2',
description: 'The description for field 2',
type: 'text',
value: 'Text'
},
nested_ints: {
name: 'Nested Ints',
type: 'list',
items: [
{
type: 'value',
value: 1337
},
{
type: 'value',
value: '0x1337'
}
]
}
}
},
stack_trace: {
name: 'Stack Trace',
type: 'list',
items: [
{
type: 'module-location',
module_name: 'compiled_binary',
offset: 100
},
{
type: 'module-location',
module_name: 'compiled_binary',
offset: 500
},
{
type: 'module-location',
module_name: 'compiled_binary',
offset: 700
},
{
type: 'module-location',
module_name: 'compiled_binary',
offset: 1000
}
]
},
location1: {
name: 'Location 1',
description: 'The first location',
type: 'file-location',
file_name: 'new_file.c',
line_start: 5,
line_end: 6
},
module_location1: {
name: 'Module Location 1',
description: 'The first location',
type: 'module-location',
module_name: 'gitlab.h',
offset: 100
},
code: {
type: 'code',
name: 'Truthy Code',
value: 'function isTrue(value) { value ? true : false }',
lang: 'javascript'
},
url: {
type: 'url',
name: 'GitLab URL',
text: 'URL to GitLab.com',
href: 'https://gitlab.com'
},
text: {
type: 'text',
name: 'Text with more info',
value: 'More info about this vulnerability'
}
}
end
end
trait :identifier do
after(:build) do |finding|
identifier = build(
......
ee/spec/requests/api/graphql/vulnerabilities/details_spec.rb 0 → 100644
View file @ d64a5b53
This diff is collapsed.
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7