Skip to content

G
gitlab-ce
Commit d64a5b53 authored by Alan (Maciej) Paruszewski's avatar Alan (Maciej) Paruszewski Committed by Peter Leitzen
Browse files
Options

Update details JSON Schema for Finding 

This change updates JSON Schema for details field in Vulnerability
Finding with newest version of the schema from Security Report Schemas
parent c5744b1a
Expand all Hide whitespace changes
Inline Side-by-side
Showing with 1086 additions and 313 deletions
app/validators/json_schemas/vulnerability_finding_details.json
View file @ d64a5b53
...@@ -6,60 +6,67 @@ ...@@ -6,60 +6,67 @@
"^.*$": { "^.*$": {
"allOf": [ "allOf": [
{ "$ref": "#/definitions/named_field" }, { "$ref": "#/definitions/named_field" },
{ "$ref": "#/definitions/type_list" } { "$ref": "#/definitions/detail_type" }
] ]
} }
}, },
"definitions": { "definitions": {
"type_list": { "detail_type": {
"oneOf": [ "oneOf": [
{ "$ref": "#/definitions/named_list" }, { "$ref": "#/definitions/named_list" },
{ "$ref": "#/definitions/list" }, { "$ref": "#/definitions/list" },
{ "$ref": "#/definitions/table" }, { "$ref": "#/definitions/table" },
{ "$ref": "#/definitions/text" }, { "$ref": "#/definitions/text" },
{ "$ref": "#/definitions/url" }, { "$ref": "#/definitions/url" },
{ "$ref": "#/definitions/code" }, { "$ref": "#/definitions/code" },
{ "$ref": "#/definitions/int" }, { "$ref": "#/definitions/value" },
{ "$ref": "#/definitions/diff" },
{ "$ref": "#/definitions/markdown" },
{ "$ref": "#/definitions/commit" }, { "$ref": "#/definitions/commit" },
{ "$ref": "#/definitions/file_location" }, { "$ref": "#/definitions/file_location" },
{ "$ref": "#/definitions/module_location" } { "$ref": "#/definitions/module_location" }
] ]
}, },
"lang_text": { "text_value": {
"type": "object", "type": "string"
"required": [ "value", "lang" ],
"properties": {
"lang": { "type": "string" },
"value": { "type": "string" }
}
},
"lang_text_list": {
"type": "array",
"items": { "$ref": "#/definitions/lang_text" }
}, },
"named_field": { "named_field": {
"type": "object", "type": "object",
"required": [ "name" ], "required": [
"name"
],
"properties": { "properties": {
"name": { "$ref": "#/definitions/lang_text_list" }, "name": {
"description": { "$ref": "#/definitions/lang_text_list" } "$ref": "#/definitions/text_value",
"minLength": 1
},
"description": {
"$ref": "#/definitions/text_value"
}
} }
}, },
"named_list": { "named_list": {
"type": "object", "type": "object",
"description": "An object with named and typed fields", "description": "An object with named and typed fields",
"required": [ "type", "items" ], "required": [
"type",
"items"
],
"properties": { "properties": {
"type": { "const": "named-list" }, "type": {
"const": "named-list"
},
"items": { "items": {
"type": "object", "type": "object",
"patternProperties": { "patternProperties": {
"^.*$": { "^.*$": {
"allOf": [ "allOf": [
{ "$ref": "#/definitions/named_field" }, {
{ "$ref": "#/definitions/type_list" } "$ref": "#/definitions/named_field"
},
{
"$ref": "#/definitions/detail_type"
}
] ]
} }
} }
...@@ -69,38 +76,45 @@ ...@@ -69,38 +76,45 @@
"list": { "list": {
"type": "object", "type": "object",
"description": "A list of typed fields", "description": "A list of typed fields",
"required": [ "type", "items" ], "required": [
"type",
"items"
],
"properties": { "properties": {
"type": { "const": "list" }, "type": {
"const": "list"
},
"items": { "items": {
"type": "array", "type": "array",
"items": { "$ref": "#/definitions/type_list" } "items": {
"$ref": "#/definitions/detail_type"
}
} }
} }
}, },
"table": { "table": {
"type": "object", "type": "object",
"description": "A table of typed fields", "description": "A table of typed fields",
"required": [], "required": [
"type",
"rows"
],
"properties": { "properties": {
"type": { "const": "table" }, "type": {
"items": { "const": "table"
"type": "object", },
"properties": { "header": {
"header": { "type": "array",
"type": "array", "items": {
"items": { "$ref": "#/definitions/detail_type"
"$ref": "#/definitions/type_list" }
} },
}, "rows": {
"rows": { "type": "array",
"type": "array", "items": {
"items": { "type": "array",
"type": "array", "items": {
"items": { "$ref": "#/definitions/detail_type"
"$ref": "#/definitions/type_list"
}
}
} }
} }
} }
...@@ -109,73 +123,171 @@ ...@@ -109,73 +123,171 @@
"text": { "text": {
"type": "object", "type": "object",
"description": "Raw text", "description": "Raw text",
"required": [ "type", "value" ], "required": [
"type",
"value"
],
"properties": { "properties": {
"type": { "const": "text" }, "type": {
"value": { "$ref": "#/definitions/lang_text_list" } "const": "text"
},
"value": {
"$ref": "#/definitions/text_value"
}
} }
}, },
"url": { "url": {
"type": "object", "type": "object",
"description": "A single URL", "description": "A single URL",
"required": [ "type", "href" ], "required": [
"type",
"href"
],
"properties": { "properties": {
"type": { "const": "url" }, "type": {
"text": { "$ref": "#/definitions/lang_text_list" }, "const": "url"
"href": { "type": "string" } },
"text": {
"$ref": "#/definitions/text_value"
},
"href": {
"type": "string",
"minLength": 1,
"examples": ["http://mysite.com"]
}
} }
}, },
"code": { "code": {
"type": "object", "type": "object",
"description": "A codeblock", "description": "A codeblock",
"required": [ "type", "value" ], "required": [
"type",
"value"
],
"properties": { "properties": {
"type": { "const": "code" }, "type": {
"value": { "type": "string" }, "const": "code"
"lang": { "type": "string" } },
"value": {
"type": "string"
},
"lang": {
"type": "string",
"description": "A programming language"
}
} }
}, },
"int": { "value": {
"type": "object", "type": "object",
"description": "An integer", "description": "A field that can store a range of types of value",
"required": [ "type", "value" ], "required": ["type", "value"],
"properties": { "properties": {
"type": { "const": "int" }, "type": { "const": "value" },
"value": { "type": "integer" }, "value": {
"format": { "type": ["number", "string", "boolean"]
"type": "string", }
"enum": [ "default", "hex" ] }
},
"diff": {
"type": "object",
"description": "A diff",
"required": [
"type",
"before",
"after"
],
"properties": {
"type": {
"const": "diff"
},
"before": {
"type": "string"
},
"after": {
"type": "string"
}
}
},
"markdown": {
"type": "object",
"description": "GitLab flavoured markdown, see https://docs.gitlab.com/ee/user/markdown.html",
"required": [
"type",
"value"
],
"properties": {
"type": {
"const": "markdown"
},
"value": {
"$ref": "#/definitions/text_value",
"examples": ["Here is markdown `inline code` #1 [test](gitlab.com)\n\n![GitLab Logo](https://about.gitlab.com/images/press/logo/preview/gitlab-logo-white-preview.png)"]
} }
} }
}, },
"commit": { "commit": {
"type": "object", "type": "object",
"description": "A specific commit within the project", "description": "A commit/tag/branch within the GitLab project",
"required": [ "type", "value" ], "required": [
"type",
"value"
],
"properties": { "properties": {
"type": { "const": "commit" }, "type": {
"value": { "type": "string", "description": "The commit SHA" } "const": "commit"
},
"value": {
"type": "string",
"description": "The commit SHA",
"minLength": 1
}
} }
}, },
"file_location": { "file_location": {
"type": "object", "type": "object",
"description": "A location within a file in the project", "description": "A location within a file in the project",
"required": [ "type", "file_name", "line_start" ], "required": [
"type",
"file_name",
"line_start"
],
"properties": { "properties": {
"type": { "const": "file-location" }, "type": {
"file_name": { "type": "string" }, "const": "file-location"
"line_start": { "type": "integer" }, },
"line_end": { "type": "integer" } "file_name": {
"type": "string",
"minLength": 1
},
"line_start": {
"type": "integer"
},
"line_end": {
"type": "integer"
}
} }
}, },
"module_location": { "module_location": {
"type": "object", "type": "object",
"description": "A location within a binary module of the form module+relative_offset", "description": "A location within a binary module of the form module+relative_offset",
"required": [ "type", "module_name", "offset" ], "required": [
"type",
"module_name",
"offset"
],
"properties": { "properties": {
"type": { "const": "module-location" }, "type": {
"module_name": { "type": "string" }, "const": "module-location"
"offset": { "type": "integer" } },
"module_name": {
"type": "string",
"minLength": 1,
"examples": ["compiled_binary"]
},
"offset": {
"type": "integer",
"examples": [100]
}
} }
} }
} }
......
doc/api/graphql/reference/gitlab_schema.graphql
View file @ d64a5b53
...@@ -28462,7 +28462,7 @@ type VulnerabilityDetailBase { ...@@ -28462,7 +28462,7 @@ type VulnerabilityDetailBase {
""" """
Description of the field. Description of the field.
""" """
description: String! description: String
""" """
Name of the field. Name of the field.
...@@ -28472,7 +28472,7 @@ type VulnerabilityDetailBase { ...@@ -28472,7 +28472,7 @@ type VulnerabilityDetailBase {
""" """
Name of the field. Name of the field.
""" """
name: String! name: String
} }
""" """
...@@ -28482,7 +28482,7 @@ type VulnerabilityDetailBoolean { ...@@ -28482,7 +28482,7 @@ type VulnerabilityDetailBoolean {
""" """
Description of the field. Description of the field.
""" """
description: String! description: String
""" """
Name of the field. Name of the field.
...@@ -28492,7 +28492,7 @@ type VulnerabilityDetailBoolean { ...@@ -28492,7 +28492,7 @@ type VulnerabilityDetailBoolean {
""" """
Name of the field. Name of the field.
""" """
name: String! name: String
""" """
Value of the field. Value of the field.
...@@ -28507,7 +28507,7 @@ type VulnerabilityDetailCode { ...@@ -28507,7 +28507,7 @@ type VulnerabilityDetailCode {
""" """
Description of the field. Description of the field.
""" """
description: String! description: String
""" """
Name of the field. Name of the field.
...@@ -28522,7 +28522,7 @@ type VulnerabilityDetailCode { ...@@ -28522,7 +28522,7 @@ type VulnerabilityDetailCode {
""" """
Name of the field. Name of the field.
""" """
name: String! name: String
""" """
Source code. Source code.
...@@ -28537,7 +28537,7 @@ type VulnerabilityDetailCommit { ...@@ -28537,7 +28537,7 @@ type VulnerabilityDetailCommit {
""" """
Description of the field. Description of the field.
""" """
description: String! description: String
""" """
Name of the field. Name of the field.
...@@ -28547,7 +28547,7 @@ type VulnerabilityDetailCommit { ...@@ -28547,7 +28547,7 @@ type VulnerabilityDetailCommit {
""" """
Name of the field. Name of the field.
""" """
name: String! name: String
""" """
The commit SHA value. The commit SHA value.
...@@ -28572,7 +28572,7 @@ type VulnerabilityDetailDiff { ...@@ -28572,7 +28572,7 @@ type VulnerabilityDetailDiff {
""" """
Description of the field. Description of the field.
""" """
description: String! description: String
""" """
Name of the field. Name of the field.
...@@ -28582,7 +28582,7 @@ type VulnerabilityDetailDiff { ...@@ -28582,7 +28582,7 @@ type VulnerabilityDetailDiff {
""" """
Name of the field. Name of the field.
""" """
name: String! name: String
} }
""" """
...@@ -28592,7 +28592,7 @@ type VulnerabilityDetailFileLocation { ...@@ -28592,7 +28592,7 @@ type VulnerabilityDetailFileLocation {
""" """
Description of the field. Description of the field.
""" """
description: String! description: String
""" """
Name of the field. Name of the field.
...@@ -28617,7 +28617,7 @@ type VulnerabilityDetailFileLocation { ...@@ -28617,7 +28617,7 @@ type VulnerabilityDetailFileLocation {
""" """
Name of the field. Name of the field.
""" """
name: String! name: String
} }
""" """
...@@ -28627,7 +28627,7 @@ type VulnerabilityDetailInt { ...@@ -28627,7 +28627,7 @@ type VulnerabilityDetailInt {
""" """
Description of the field. Description of the field.
""" """
description: String! description: String
""" """
Name of the field. Name of the field.
...@@ -28637,7 +28637,7 @@ type VulnerabilityDetailInt { ...@@ -28637,7 +28637,7 @@ type VulnerabilityDetailInt {
""" """
Name of the field. Name of the field.
""" """
name: String! name: String
""" """
Value of the field. Value of the field.
...@@ -28652,7 +28652,7 @@ type VulnerabilityDetailList { ...@@ -28652,7 +28652,7 @@ type VulnerabilityDetailList {
""" """
Description of the field. Description of the field.
""" """
description: String! description: String
""" """
Name of the field. Name of the field.
...@@ -28667,7 +28667,7 @@ type VulnerabilityDetailList { ...@@ -28667,7 +28667,7 @@ type VulnerabilityDetailList {
""" """
Name of the field. Name of the field.
""" """
name: String! name: String
} }
""" """
...@@ -28677,7 +28677,7 @@ type VulnerabilityDetailMarkdown { ...@@ -28677,7 +28677,7 @@ type VulnerabilityDetailMarkdown {
""" """
Description of the field. Description of the field.
""" """
description: String! description: String
""" """
Name of the field. Name of the field.
...@@ -28687,7 +28687,7 @@ type VulnerabilityDetailMarkdown { ...@@ -28687,7 +28687,7 @@ type VulnerabilityDetailMarkdown {
""" """
Name of the field. Name of the field.
""" """
name: String! name: String
""" """
Value of the Markdown field. Value of the Markdown field.
...@@ -28702,7 +28702,7 @@ type VulnerabilityDetailModuleLocation { ...@@ -28702,7 +28702,7 @@ type VulnerabilityDetailModuleLocation {
""" """
Description of the field. Description of the field.
""" """
description: String! description: String
""" """
Name of the field. Name of the field.
...@@ -28717,7 +28717,7 @@ type VulnerabilityDetailModuleLocation { ...@@ -28717,7 +28717,7 @@ type VulnerabilityDetailModuleLocation {
""" """
Name of the field. Name of the field.
""" """
name: String! name: String
""" """
Offset of the module location. Offset of the module location.
...@@ -28732,7 +28732,7 @@ type VulnerabilityDetailTable { ...@@ -28732,7 +28732,7 @@ type VulnerabilityDetailTable {
""" """
Description of the field. Description of the field.
""" """
description: String! description: String
""" """
Name of the field. Name of the field.
...@@ -28747,7 +28747,7 @@ type VulnerabilityDetailTable { ...@@ -28747,7 +28747,7 @@ type VulnerabilityDetailTable {
""" """
Name of the field. Name of the field.
""" """
name: String! name: String
""" """
Table rows. Table rows.
...@@ -28762,7 +28762,7 @@ type VulnerabilityDetailText { ...@@ -28762,7 +28762,7 @@ type VulnerabilityDetailText {
""" """
Description of the field. Description of the field.
""" """
description: String! description: String
""" """
Name of the field. Name of the field.
...@@ -28772,7 +28772,7 @@ type VulnerabilityDetailText { ...@@ -28772,7 +28772,7 @@ type VulnerabilityDetailText {
""" """
Name of the field. Name of the field.
""" """
name: String! name: String
""" """
Value of the text field. Value of the text field.
...@@ -28787,7 +28787,7 @@ type VulnerabilityDetailUrl { ...@@ -28787,7 +28787,7 @@ type VulnerabilityDetailUrl {
""" """
Description of the field. Description of the field.
""" """
description: String! description: String
""" """
Name of the field. Name of the field.
...@@ -28802,7 +28802,7 @@ type VulnerabilityDetailUrl { ...@@ -28802,7 +28802,7 @@ type VulnerabilityDetailUrl {
""" """
Name of the field. Name of the field.
""" """
name: String! name: String
""" """
Text of the URL. Text of the URL.
......
doc/api/graphql/reference/index.md
View file @ d64a5b53
...@@ -4335,9 +4335,9 @@ Represents the vulnerability details base. ...@@ -4335,9 +4335,9 @@ Represents the vulnerability details base.
| Field | Type | Description | | Field | Type | Description |
| ----- | ---- | ----------- | | ----- | ---- | ----------- |
| `description` | String! | Description of the field. | | `description` | String | Description of the field. |
| `fieldName` | String | Name of the field. | | `fieldName` | String | Name of the field. |
| `name` | String! | Name of the field. | | `name` | String | Name of the field. |
### VulnerabilityDetailBoolean ### VulnerabilityDetailBoolean
...@@ -4345,9 +4345,9 @@ Represents the vulnerability details boolean value. ...@@ -4345,9 +4345,9 @@ Represents the vulnerability details boolean value.
| Field | Type | Description | | Field | Type | Description |
| ----- | ---- | ----------- | | ----- | ---- | ----------- |
| `description` | String! | Description of the field. | | `description` | String | Description of the field. |
| `fieldName` | String | Name of the field. | | `fieldName` | String | Name of the field. |
| `name` | String! | Name of the field. | | `name` | String | Name of the field. |
| `value` | Boolean! | Value of the field. | | `value` | Boolean! | Value of the field. |
### VulnerabilityDetailCode ### VulnerabilityDetailCode
...@@ -4356,10 +4356,10 @@ Represents the vulnerability details code field. ...@@ -4356,10 +4356,10 @@ Represents the vulnerability details code field.
| Field | Type | Description | | Field | Type | Description |
| ----- | ---- | ----------- | | ----- | ---- | ----------- |
| `description` | String! | Description of the field. | | `description` | String | Description of the field. |
| `fieldName` | String | Name of the field. | | `fieldName` | String | Name of the field. |
| `lang` | String | Language of the code. | | `lang` | String | Language of the code. |
| `name` | String! | Name of the field. | | `name` | String | Name of the field. |
| `value` | String! | Source code. | | `value` | String! | Source code. |
### VulnerabilityDetailCommit ### VulnerabilityDetailCommit
...@@ -4368,9 +4368,9 @@ Represents the vulnerability details commit field. ...@@ -4368,9 +4368,9 @@ Represents the vulnerability details commit field.
| Field | Type | Description | | Field | Type | Description |
| ----- | ---- | ----------- | | ----- | ---- | ----------- |
| `description` | String! | Description of the field. | | `description` | String | Description of the field. |
| `fieldName` | String | Name of the field. | | `fieldName` | String | Name of the field. |
| `name` | String! | Name of the field. | | `name` | String | Name of the field. |
| `value` | String! | The commit SHA value. | | `value` | String! | The commit SHA value. |
### VulnerabilityDetailDiff ### VulnerabilityDetailDiff
...@@ -4381,9 +4381,9 @@ Represents the vulnerability details diff field. ...@@ -4381,9 +4381,9 @@ Represents the vulnerability details diff field.
| ----- | ---- | ----------- | | ----- | ---- | ----------- |
| `after` | String! | Value of the field after the change. | | `after` | String! | Value of the field after the change. |
| `before` | String! | Value of the field before the change. | | `before` | String! | Value of the field before the change. |
| `description` | String! | Description of the field. | | `description` | String | Description of the field. |
| `fieldName` | String | Name of the field. | | `fieldName` | String | Name of the field. |
| `name` | String! | Name of the field. | | `name` | String | Name of the field. |
### VulnerabilityDetailFileLocation ### VulnerabilityDetailFileLocation
...@@ -4391,12 +4391,12 @@ Represents the vulnerability details location within a file in the project. ...@@ -4391,12 +4391,12 @@ Represents the vulnerability details location within a file in the project.
| Field | Type | Description | | Field | Type | Description |
| ----- | ---- | ----------- | | ----- | ---- | ----------- |
| `description` | String! | Description of the field. | | `description` | String | Description of the field. |
| `fieldName` | String | Name of the field. | | `fieldName` | String | Name of the field. |
| `fileName` | String! | File name. | | `fileName` | String! | File name. |
| `lineEnd` | Int! | End line number of the file location. | | `lineEnd` | Int! | End line number of the file location. |
| `lineStart` | Int! | Start line number of the file location. | | `lineStart` | Int! | Start line number of the file location. |
| `name` | String! | Name of the field. | | `name` | String | Name of the field. |
### VulnerabilityDetailInt ### VulnerabilityDetailInt
...@@ -4404,9 +4404,9 @@ Represents the vulnerability details integer value. ...@@ -4404,9 +4404,9 @@ Represents the vulnerability details integer value.
| Field | Type | Description | | Field | Type | Description |
| ----- | ---- | ----------- | | ----- | ---- | ----------- |
| `description` | String! | Description of the field. | | `description` | String | Description of the field. |
| `fieldName` | String | Name of the field. | | `fieldName` | String | Name of the field. |
| `name` | String! | Name of the field. | | `name` | String | Name of the field. |
| `value` | Int! | Value of the field. | | `value` | Int! | Value of the field. |
### VulnerabilityDetailList ### VulnerabilityDetailList
...@@ -4415,10 +4415,10 @@ Represents the vulnerability details list value. ...@@ -4415,10 +4415,10 @@ Represents the vulnerability details list value.
| Field | Type | Description | | Field | Type | Description |
| ----- | ---- | ----------- | | ----- | ---- | ----------- |
| `description` | String! | Description of the field. | | `description` | String | Description of the field. |
| `fieldName` | String | Name of the field. | | `fieldName` | String | Name of the field. |
| `items` | VulnerabilityDetail! => Array | List of details. | | `items` | VulnerabilityDetail! => Array | List of details. |
| `name` | String! | Name of the field. | | `name` | String | Name of the field. |
### VulnerabilityDetailMarkdown ### VulnerabilityDetailMarkdown
...@@ -4426,9 +4426,9 @@ Represents the vulnerability details Markdown field. ...@@ -4426,9 +4426,9 @@ Represents the vulnerability details Markdown field.
| Field | Type | Description | | Field | Type | Description |
| ----- | ---- | ----------- | | ----- | ---- | ----------- |
| `description` | String! | Description of the field. | | `description` | String | Description of the field. |
| `fieldName` | String | Name of the field. | | `fieldName` | String | Name of the field. |
| `name` | String! | Name of the field. | | `name` | String | Name of the field. |
| `value` | String! | Value of the Markdown field. | | `value` | String! | Value of the Markdown field. |
### VulnerabilityDetailModuleLocation ### VulnerabilityDetailModuleLocation
...@@ -4437,10 +4437,10 @@ Represents the vulnerability details location within a file in the project. ...@@ -4437,10 +4437,10 @@ Represents the vulnerability details location within a file in the project.
| Field | Type | Description | | Field | Type | Description |
| ----- | ---- | ----------- | | ----- | ---- | ----------- |
| `description` | String! | Description of the field. | | `description` | String | Description of the field. |
| `fieldName` | String | Name of the field. | | `fieldName` | String | Name of the field. |
| `moduleName` | String! | Module name. | | `moduleName` | String! | Module name. |
| `name` | String! | Name of the field. | | `name` | String | Name of the field. |
| `offset` | Int! | Offset of the module location. | | `offset` | Int! | Offset of the module location. |
### VulnerabilityDetailTable ### VulnerabilityDetailTable
...@@ -4449,10 +4449,10 @@ Represents the vulnerability details table value. ...@@ -4449,10 +4449,10 @@ Represents the vulnerability details table value.
| Field | Type | Description | | Field | Type | Description |
| ----- | ---- | ----------- | | ----- | ---- | ----------- |
| `description` | String! | Description of the field. | | `description` | String | Description of the field. |
| `fieldName` | String | Name of the field. | | `fieldName` | String | Name of the field. |
| `headers` | VulnerabilityDetail! => Array | Table headers. | | `headers` | VulnerabilityDetail! => Array | Table headers. |
| `name` | String! | Name of the field. | | `name` | String | Name of the field. |
| `rows` | VulnerabilityDetail! => Array | Table rows. | | `rows` | VulnerabilityDetail! => Array | Table rows. |
### VulnerabilityDetailText ### VulnerabilityDetailText
...@@ -4461,9 +4461,9 @@ Represents the vulnerability details text field. ...@@ -4461,9 +4461,9 @@ Represents the vulnerability details text field.
| Field | Type | Description | | Field | Type | Description |
| ----- | ---- | ----------- | | ----- | ---- | ----------- |
| `description` | String! | Description of the field. | | `description` | String | Description of the field. |
| `fieldName` | String | Name of the field. | | `fieldName` | String | Name of the field. |
| `name` | String! | Name of the field. | | `name` | String | Name of the field. |
| `value` | String! | Value of the text field. | | `value` | String! | Value of the text field. |
### VulnerabilityDetailUrl ### VulnerabilityDetailUrl
...@@ -4472,10 +4472,10 @@ Represents the vulnerability details URL field. ...@@ -4472,10 +4472,10 @@ Represents the vulnerability details URL field.
| Field | Type | Description | | Field | Type | Description |
| ----- | ---- | ----------- | | ----- | ---- | ----------- |
| `description` | String! | Description of the field. | | `description` | String | Description of the field. |
| `fieldName` | String | Name of the field. | | `fieldName` | String | Name of the field. |
| `href` | String! | Href of the URL. | | `href` | String! | Href of the URL. |
| `name` | String! | Name of the field. | | `name` | String | Name of the field. |
| `text` | String | Text of the URL. | | `text` | String | Text of the URL. |
### VulnerabilityDismissPayload ### VulnerabilityDismissPayload
......
ee/app/graphql/types/vulnerability_details/base_type.rb
View file @ d64a5b53
...@@ -10,10 +10,10 @@ module Types ...@@ -10,10 +10,10 @@ module Types
field :field_name, GraphQL::STRING_TYPE, null: true, field :field_name, GraphQL::STRING_TYPE, null: true,
description: 'Name of the field.' description: 'Name of the field.'
field :name, GraphQL::STRING_TYPE, null: false, field :name, GraphQL::STRING_TYPE, null: true,
description: 'Name of the field.' description: 'Name of the field.'
field :description, GraphQL::STRING_TYPE, null: false, field :description, GraphQL::STRING_TYPE, null: true,
description: 'Description of the field.' description: 'Description of the field.'
end end
end end
......
ee/changelogs/unreleased/263497-update-details-schema-for-finding.yml 0 → 100644
View file @ d64a5b53
---
title: Update details JSON Schema and GraphQL Schema for Vulnerability Finding
merge_request: 54423
author:
type: fixed
ee/spec/factories/vulnerabilities/findings.rb
View file @ d64a5b53
...@@ -225,6 +225,228 @@ FactoryBot.define do ...@@ -225,6 +225,228 @@ FactoryBot.define do
end end
end end
trait :with_details do
details do
{
commit: {
name: 'The Commit',
description: 'Commit where the vulnerability was identified',
type: 'commit',
value: '41df7b7eb3be2b5be2c406c2f6d28cd6631eeb19'
},
marked_up: {
name: 'Marked Data',
description: 'GFM-flavored markdown',
type: 'markdown',
value: "Here is markdown `inline code` #1 [test](gitlab.com)\n\n![GitLab Logo](https://about.gitlab.com/images/press/logo/preview/gitlab-logo-white-preview.png)"
},
diff: {
name: 'Modified data',
description: 'How the data was modified',
type: 'diff',
before: "Hello there\nHello world\nhello again",
after: "Hello there\nHello Wooorld\nanew line\nhello again\nhello again"
},
table_data: {
name: 'Registers',
type: 'table',
header: [
{
type: 'text',
value: 'Register'
},
{
type: 'text',
value: 'Value'
},
{
type: 'text',
value: 'Note'
}
],
rows: [
[
{
type: 'text',
value: 'eax'
},
{
type: 'value',
value: 1336
},
{
type: 'text',
value: 'A note for eax'
}
],
[
{
type: 'value',
value: 'ebx'
},
{
type: 'value',
value: 1337
},
{
type: 'value',
value: true
}
],
[
{
type: 'text',
value: 'ecx'
},
{
type: 'value',
value: 1338
},
{
type: 'text',
value: 'A note for ecx'
}
],
[
{
type: 'text',
value: 'edx'
},
{
type: 'value',
value: 1339
},
{
type: 'text',
value: 'A note for edx'
}
]
]
},
urls: {
name: 'URLs',
description: 'The list of URLs in this report',
type: 'list',
items: [
{
type: 'url',
href: 'https://gitlab.com'
},
{
type: 'url',
href: 'https://gitlab.com'
},
{
type: 'url',
href: 'https://gitlab.com'
}
]
},
description: {
name: 'Description',
description: 'The actual description of the description',
type: 'text',
value: 'Text value'
},
code_block: {
name: 'Code Block',
type: 'code',
value: "Here\nis\ncode"
},
named_list: {
name: 'A Named List',
type: 'named-list',
items: {
field1: {
name: 'Field 1',
description: 'The description for field 1',
type: 'text',
value: 'Text'
},
field2: {
name: 'Field 2',
description: 'The description for field 2',
type: 'text',
value: 'Text'
},
nested_ints: {
name: 'Nested Ints',
type: 'list',
items: [
{
type: 'value',
value: 1337
},
{
type: 'value',
value: '0x1337'
}
]
}
}
},
stack_trace: {
name: 'Stack Trace',
type: 'list',
items: [
{
type: 'module-location',
module_name: 'compiled_binary',
offset: 100
},
{
type: 'module-location',
module_name: 'compiled_binary',
offset: 500
},
{
type: 'module-location',
module_name: 'compiled_binary',
offset: 700
},
{
type: 'module-location',
module_name: 'compiled_binary',
offset: 1000
}
]
},
location1: {
name: 'Location 1',
description: 'The first location',
type: 'file-location',
file_name: 'new_file.c',
line_start: 5,
line_end: 6
},
module_location1: {
name: 'Module Location 1',
description: 'The first location',
type: 'module-location',
module_name: 'gitlab.h',
offset: 100
},
code: {
type: 'code',
name: 'Truthy Code',
value: 'function isTrue(value) { value ? true : false }',
lang: 'javascript'
},
url: {
type: 'url',
name: 'GitLab URL',
text: 'URL to GitLab.com',
href: 'https://gitlab.com'
},
text: {
type: 'text',
name: 'Text with more info',
value: 'More info about this vulnerability'
}
}
end
end
trait :identifier do trait :identifier do
after(:build) do |finding| after(:build) do |finding|
identifier = build( identifier = build(
......
ee/spec/requests/api/graphql/vulnerabilities/details_spec.rb 0 → 100644
View file @ d64a5b53
This diff is collapsed.
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7