Commit d88b3b5d authored by Lukas 'Eipi' Eipert's avatar Lukas 'Eipi' Eipert Committed by Mark Florian

Removed deprecated Dependency Scanning from MR widget

Removed old code paths related to Frontend parsing of security scanning
results, see: https://gitlab.com/groups/gitlab-org/-/epics/1425
parent bcf1d813
...@@ -72,10 +72,8 @@ export default { ...@@ -72,10 +72,8 @@ export default {
}, },
shouldRenderSecurityReport() { shouldRenderSecurityReport() {
return ( return (
(this.mr.sast && this.mr.sast.head_path) || this.mr.enabledSecurityReports &&
(this.mr.sastContainer && this.mr.sastContainer.head_path) || Object.values(this.mr.enabledSecurityReports).some(isReportEnabled => isReportEnabled)
(this.mr.dast && this.mr.dast.head_path) ||
(this.mr.dependencyScanning && this.mr.dependencyScanning.head_path)
); );
}, },
codequalityText() { codequalityText() {
...@@ -304,17 +302,9 @@ export default { ...@@ -304,17 +302,9 @@ export default {
:target-branch="mr.targetBranch" :target-branch="mr.targetBranch"
:base-blob-path="mr.baseBlobPath" :base-blob-path="mr.baseBlobPath"
:enabled-reports="mr.enabledSecurityReports" :enabled-reports="mr.enabledSecurityReports"
:sast-head-path="mr.sast.head_path"
:sast-base-path="mr.sast.base_path"
:sast-help-path="mr.sastHelp" :sast-help-path="mr.sastHelp"
:dast-head-path="mr.dast.head_path"
:dast-base-path="mr.dast.base_path"
:dast-help-path="mr.dastHelp" :dast-help-path="mr.dastHelp"
:sast-container-head-path="mr.sastContainer.head_path"
:sast-container-base-path="mr.sastContainer.base_path"
:sast-container-help-path="mr.sastContainerHelp" :sast-container-help-path="mr.sastContainerHelp"
:dependency-scanning-head-path="mr.dependencyScanning.head_path"
:dependency-scanning-base-path="mr.dependencyScanning.base_path"
:dependency-scanning-help-path="mr.dependencyScanningHelp" :dependency-scanning-help-path="mr.dependencyScanningHelp"
:vulnerability-feedback-path="mr.vulnerabilityFeedbackPath" :vulnerability-feedback-path="mr.vulnerabilityFeedbackPath"
:vulnerability-feedback-help-path="mr.vulnerabilityFeedbackHelpPath" :vulnerability-feedback-help-path="mr.vulnerabilityFeedbackHelpPath"
......
...@@ -10,10 +10,6 @@ export default class MergeRequestStore extends CEMergeRequestStore { ...@@ -10,10 +10,6 @@ export default class MergeRequestStore extends CEMergeRequestStore {
const blobPath = data.blob_path || {}; const blobPath = data.blob_path || {};
this.headBlobPath = blobPath.head_path || ''; this.headBlobPath = blobPath.head_path || '';
this.baseBlobPath = blobPath.base_path || ''; this.baseBlobPath = blobPath.base_path || '';
this.sast = data.sast || {};
this.sastContainer = data.sast_container || {};
this.dast = data.dast || {};
this.dependencyScanning = data.dependency_scanning || {};
this.sastHelp = data.sast_help_path; this.sastHelp = data.sast_help_path;
this.sastContainerHelp = data.sast_container_help_path; this.sastContainerHelp = data.sast_container_help_path;
this.dastHelp = data.dast_help_path; this.dastHelp = data.dast_help_path;
......
...@@ -46,46 +46,6 @@ export default { ...@@ -46,46 +46,6 @@ export default {
required: false, required: false,
default: null, default: null,
}, },
sastHeadPath: {
type: String,
required: false,
default: null,
},
sastBasePath: {
type: String,
required: false,
default: null,
},
dastHeadPath: {
type: String,
required: false,
default: null,
},
dastBasePath: {
type: String,
required: false,
default: null,
},
sastContainerHeadPath: {
type: String,
required: false,
default: null,
},
sastContainerBasePath: {
type: String,
required: false,
default: null,
},
dependencyScanningHeadPath: {
type: String,
required: false,
default: null,
},
dependencyScanningBasePath: {
type: String,
required: false,
default: null,
},
sastHelpPath: { sastHelpPath: {
type: String, type: String,
required: false, required: false,
...@@ -182,21 +142,16 @@ export default { ...@@ -182,21 +142,16 @@ export default {
return `${this.pipelinePath}/security`; return `${this.pipelinePath}/security`;
}, },
hasContainerScanningReports() { hasContainerScanningReports() {
const type = 'containerScanning'; return this.enabledReports.containerScanning;
if (this.isMergeRequestReportApiEnabled(type)) {
return this.enabledReports[type];
}
const { head, diffEndpoint } = this.sastContainer.paths;
return Boolean(head || diffEndpoint);
}, },
hasDependencyScanningReports() { hasDependencyScanningReports() {
return this.hasReportsType('dependencyScanning'); return this.enabledReports.dependencyScanning;
}, },
hasDastReports() { hasDastReports() {
return this.hasReportsType('dast'); return this.enabledReports.dast;
}, },
hasSastReports() { hasSastReports() {
return this.hasReportsType('sast'); return this.enabledReports.sast;
}, },
subHeadingText() { subHeadingText() {
const mrDivergedCommitsCount = const mrDivergedCommitsCount =
...@@ -236,70 +191,36 @@ export default { ...@@ -236,70 +191,36 @@ export default {
this.setCanCreateIssuePermission(this.canCreateIssue); this.setCanCreateIssuePermission(this.canCreateIssue);
this.setCanCreateFeedbackPermission(this.canCreateFeedback); this.setCanCreateFeedbackPermission(this.canCreateFeedback);
const sastDiffEndpoint = gl && gl.mrWidgetData && gl.mrWidgetData.sast_comparison_path; // eslint-disable-next-line camelcase
const sastDiffEndpoint = gl?.mrWidgetData?.sast_comparison_path;
if (this.isMergeRequestReportApiEnabled('sast') && sastDiffEndpoint && this.hasSastReports) { if (sastDiffEndpoint && this.hasSastReports) {
this.setSastDiffEndpoint(sastDiffEndpoint); this.setSastDiffEndpoint(sastDiffEndpoint);
this.fetchSastDiff(); this.fetchSastDiff();
} else if (this.sastHeadPath) {
this.setSastHeadPath(this.sastHeadPath);
if (this.sastBasePath) {
this.setSastBasePath(this.sastBasePath);
}
this.fetchSastReports();
} }
const sastContainerDiffEndpoint = // eslint-disable-next-line camelcase
gl && gl.mrWidgetData && gl.mrWidgetData.container_scanning_comparison_path; const containerScanningDiffEndpoint = gl?.mrWidgetData?.container_scanning_comparison_path;
if ( if (containerScanningDiffEndpoint && this.hasContainerScanningReports) {
this.isMergeRequestReportApiEnabled('containerScanning') && this.setSastContainerDiffEndpoint(containerScanningDiffEndpoint);
sastContainerDiffEndpoint &&
this.hasContainerScanningReports
) {
this.setSastContainerDiffEndpoint(sastContainerDiffEndpoint);
this.fetchSastContainerDiff(); this.fetchSastContainerDiff();
} else if (this.sastContainerHeadPath) {
this.setSastContainerHeadPath(this.sastContainerHeadPath);
if (this.sastContainerBasePath) {
this.setSastContainerBasePath(this.sastContainerBasePath);
}
this.fetchSastContainerReports();
} }
const dastDiffEndpoint = gl && gl.mrWidgetData && gl.mrWidgetData.dast_comparison_path; // eslint-disable-next-line camelcase
const dastDiffEndpoint = gl?.mrWidgetData?.dast_comparison_path;
if (this.isMergeRequestReportApiEnabled('dast') && dastDiffEndpoint && this.hasDastReports) { if (dastDiffEndpoint && this.hasDastReports) {
this.setDastDiffEndpoint(dastDiffEndpoint); this.setDastDiffEndpoint(dastDiffEndpoint);
this.fetchDastDiff(); this.fetchDastDiff();
} else if (this.dastHeadPath) {
this.setDastHeadPath(this.dastHeadPath);
if (this.dastBasePath) {
this.setDastBasePath(this.dastBasePath);
}
this.fetchDastReports();
} }
const dependencyScanningDiffEndpoint = // eslint-disable-next-line camelcase
gl && gl.mrWidgetData && gl.mrWidgetData.dependency_scanning_comparison_path; const dependencyScanningDiffEndpoint = gl?.mrWidgetData?.dependency_scanning_comparison_path;
if ( if (dependencyScanningDiffEndpoint && this.hasDependencyScanningReports) {
this.isMergeRequestReportApiEnabled('dependencyScanning') &&
dependencyScanningDiffEndpoint &&
this.hasDependencyScanningReports
) {
this.setDependencyScanningDiffEndpoint(dependencyScanningDiffEndpoint); this.setDependencyScanningDiffEndpoint(dependencyScanningDiffEndpoint);
this.fetchDependencyScanningDiff(); this.fetchDependencyScanningDiff();
} else if (this.dependencyScanningHeadPath) {
this.setDependencyScanningHeadPath(this.dependencyScanningHeadPath);
if (this.dependencyScanningBasePath) {
this.setDependencyScanningBasePath(this.dependencyScanningBasePath);
}
this.fetchDependencyScanningReports();
} }
}, },
methods: { methods: {
...@@ -308,15 +229,6 @@ export default { ...@@ -308,15 +229,6 @@ export default {
'setHeadBlobPath', 'setHeadBlobPath',
'setBaseBlobPath', 'setBaseBlobPath',
'setSourceBranch', 'setSourceBranch',
'setSastContainerHeadPath',
'setSastContainerBasePath',
'setDastHeadPath',
'setDastBasePath',
'setDependencyScanningHeadPath',
'setDependencyScanningBasePath',
'fetchSastContainerReports',
'fetchDastReports',
'fetchDependencyScanningReports',
'setVulnerabilityFeedbackPath', 'setVulnerabilityFeedbackPath',
'setVulnerabilityFeedbackHelpPath', 'setVulnerabilityFeedbackHelpPath',
'setCreateVulnerabilityFeedbackIssuePath', 'setCreateVulnerabilityFeedbackIssuePath',
...@@ -344,22 +256,9 @@ export default { ...@@ -344,22 +256,9 @@ export default {
'setDastDiffEndpoint', 'setDastDiffEndpoint',
]), ]),
...mapActions('sast', { ...mapActions('sast', {
setSastHeadPath: 'setHeadPath',
setSastBasePath: 'setBasePath',
setSastDiffEndpoint: 'setDiffEndpoint', setSastDiffEndpoint: 'setDiffEndpoint',
fetchSastReports: 'fetchReports',
fetchSastDiff: 'fetchDiff', fetchSastDiff: 'fetchDiff',
}), }),
isMergeRequestReportApiEnabled(type) {
return Boolean(this.glFeatures[`${type}MergeRequestReportApi`]);
},
hasReportsType(type) {
if (this.isMergeRequestReportApiEnabled(type)) {
return this.enabledReports[type];
}
const { head, diffEndpoint } = this[type].paths;
return Boolean(head || diffEndpoint);
},
}, },
}; };
</script> </script>
......
...@@ -119,10 +119,10 @@ export const anyReportHasError = state => ...@@ -119,10 +119,10 @@ export const anyReportHasError = state =>
state.dependencyScanning.hasError; state.dependencyScanning.hasError;
export const noBaseInAllReports = state => export const noBaseInAllReports = state =>
!state.sast.paths.base && !state.sast.hasBaseReport &&
!state.dast.paths.base && !state.dast.hasBaseReport &&
!state.sastContainer.paths.base && !state.sastContainer.hasBaseReport &&
!state.dependencyScanning.paths.base; !state.dependencyScanning.hasBaseReport;
export const anyReportHasIssues = state => export const anyReportHasIssues = state =>
state.sast.newIssues.length > 0 || state.sast.newIssues.length > 0 ||
......
...@@ -62,12 +62,14 @@ export default { ...@@ -62,12 +62,14 @@ export default {
[types.RECEIVE_DIFF_SUCCESS](state, { diff, enrichData }) { [types.RECEIVE_DIFF_SUCCESS](state, { diff, enrichData }) {
const { added, fixed, existing } = parseDiff(diff, enrichData); const { added, fixed, existing } = parseDiff(diff, enrichData);
const baseReportOutofDate = diff.base_report_out_of_date || false; const baseReportOutofDate = diff.base_report_out_of_date || false;
const hasBaseReport = Boolean(diff.base_report_created_at);
state.isLoading = false; state.isLoading = false;
state.newIssues = added; state.newIssues = added;
state.resolvedIssues = fixed; state.resolvedIssues = fixed;
state.allIssues = existing; state.allIssues = existing;
state.baseReportOutofDate = baseReportOutofDate; state.baseReportOutofDate = baseReportOutofDate;
state.hasBaseReport = hasBaseReport;
}, },
[types.RECEIVE_DIFF_ERROR](state) { [types.RECEIVE_DIFF_ERROR](state) {
......
...@@ -12,4 +12,5 @@ export default () => ({ ...@@ -12,4 +12,5 @@ export default () => ({
resolvedIssues: [], resolvedIssues: [],
allIssues: [], allIssues: [],
baseReportOutofDate: false, baseReportOutofDate: false,
hasBaseReport: false,
}); });
...@@ -109,12 +109,14 @@ export default { ...@@ -109,12 +109,14 @@ export default {
[types.RECEIVE_SAST_CONTAINER_DIFF_SUCCESS](state, { diff, enrichData }) { [types.RECEIVE_SAST_CONTAINER_DIFF_SUCCESS](state, { diff, enrichData }) {
const { added, fixed, existing } = parseDiff(diff, enrichData); const { added, fixed, existing } = parseDiff(diff, enrichData);
const baseReportOutofDate = diff.base_report_out_of_date || false; const baseReportOutofDate = diff.base_report_out_of_date || false;
const hasBaseReport = Boolean(diff.base_report_created_at);
Vue.set(state.sastContainer, 'isLoading', false); Vue.set(state.sastContainer, 'isLoading', false);
Vue.set(state.sastContainer, 'newIssues', added); Vue.set(state.sastContainer, 'newIssues', added);
Vue.set(state.sastContainer, 'resolvedIssues', fixed); Vue.set(state.sastContainer, 'resolvedIssues', fixed);
Vue.set(state.sastContainer, 'allIssues', existing); Vue.set(state.sastContainer, 'allIssues', existing);
Vue.set(state.sastContainer, 'baseReportOutofDate', baseReportOutofDate); Vue.set(state.sastContainer, 'baseReportOutofDate', baseReportOutofDate);
Vue.set(state.sastContainer, 'hasBaseReport', hasBaseReport);
}, },
[types.RECEIVE_SAST_CONTAINER_DIFF_ERROR](state) { [types.RECEIVE_SAST_CONTAINER_DIFF_ERROR](state) {
...@@ -167,12 +169,14 @@ export default { ...@@ -167,12 +169,14 @@ export default {
[types.RECEIVE_DAST_DIFF_SUCCESS](state, { diff, enrichData }) { [types.RECEIVE_DAST_DIFF_SUCCESS](state, { diff, enrichData }) {
const { added, fixed, existing } = parseDiff(diff, enrichData); const { added, fixed, existing } = parseDiff(diff, enrichData);
const baseReportOutofDate = diff.base_report_out_of_date || false; const baseReportOutofDate = diff.base_report_out_of_date || false;
const hasBaseReport = Boolean(diff.base_report_created_at);
Vue.set(state.dast, 'isLoading', false); Vue.set(state.dast, 'isLoading', false);
Vue.set(state.dast, 'newIssues', added); Vue.set(state.dast, 'newIssues', added);
Vue.set(state.dast, 'resolvedIssues', fixed); Vue.set(state.dast, 'resolvedIssues', fixed);
Vue.set(state.dast, 'allIssues', existing); Vue.set(state.dast, 'allIssues', existing);
Vue.set(state.dast, 'baseReportOutofDate', baseReportOutofDate); Vue.set(state.dast, 'baseReportOutofDate', baseReportOutofDate);
Vue.set(state.dast, 'hasBaseReport', hasBaseReport);
}, },
[types.RECEIVE_DAST_DIFF_ERROR](state) { [types.RECEIVE_DAST_DIFF_ERROR](state) {
...@@ -256,12 +260,14 @@ export default { ...@@ -256,12 +260,14 @@ export default {
[types.RECEIVE_DEPENDENCY_SCANNING_DIFF_SUCCESS](state, { diff, enrichData }) { [types.RECEIVE_DEPENDENCY_SCANNING_DIFF_SUCCESS](state, { diff, enrichData }) {
const { added, fixed, existing } = parseDiff(diff, enrichData); const { added, fixed, existing } = parseDiff(diff, enrichData);
const baseReportOutofDate = diff.base_report_out_of_date || false; const baseReportOutofDate = diff.base_report_out_of_date || false;
const hasBaseReport = Boolean(diff.base_report_created_at);
Vue.set(state.dependencyScanning, 'isLoading', false); Vue.set(state.dependencyScanning, 'isLoading', false);
Vue.set(state.dependencyScanning, 'newIssues', added); Vue.set(state.dependencyScanning, 'newIssues', added);
Vue.set(state.dependencyScanning, 'resolvedIssues', fixed); Vue.set(state.dependencyScanning, 'resolvedIssues', fixed);
Vue.set(state.dependencyScanning, 'allIssues', existing); Vue.set(state.dependencyScanning, 'allIssues', existing);
Vue.set(state.dependencyScanning, 'baseReportOutofDate', baseReportOutofDate); Vue.set(state.dependencyScanning, 'baseReportOutofDate', baseReportOutofDate);
Vue.set(state.dependencyScanning, 'hasBaseReport', hasBaseReport);
}, },
[types.RECEIVE_DEPENDENCY_SCANNING_DIFF_ERROR](state) { [types.RECEIVE_DEPENDENCY_SCANNING_DIFF_ERROR](state) {
......
...@@ -29,6 +29,7 @@ export default () => ({ ...@@ -29,6 +29,7 @@ export default () => ({
newIssues: [], newIssues: [],
resolvedIssues: [], resolvedIssues: [],
baseReportOutofDate: false, baseReportOutofDate: false,
hasBaseReport: false,
}, },
dast: { dast: {
paths: { paths: {
...@@ -43,6 +44,7 @@ export default () => ({ ...@@ -43,6 +44,7 @@ export default () => ({
newIssues: [], newIssues: [],
resolvedIssues: [], resolvedIssues: [],
baseReportOutofDate: false, baseReportOutofDate: false,
hasBaseReport: false,
}, },
dependencyScanning: { dependencyScanning: {
...@@ -59,6 +61,7 @@ export default () => ({ ...@@ -59,6 +61,7 @@ export default () => ({
resolvedIssues: [], resolvedIssues: [],
allIssues: [], allIssues: [],
baseReportOutofDate: false, baseReportOutofDate: false,
hasBaseReport: false,
}, },
modal: { modal: {
......
const libTiffCveFingerprint = 'e503c23a7776dd5e2c35ac63c8cce6b6468be9ba'; const libTiffCveFingerprint = 'e503c23a7776dd5e2c35ac63c8cce6b6468be9ba';
const libTiffCveFingerprint2 = '29af456d1107381bc2511646e2ae488ddfe9a8ed'; const libTiffCveFingerprint2 = '29af456d1107381bc2511646e2ae488ddfe9a8ed';
export const baseIssues = [
{
categories: ['Security'],
check_name: 'Insecure Dependency',
description: 'Insecure Dependency',
location: {
path: 'Gemfile.lock',
lines: {
begin: 22,
end: 22,
},
},
fingerprint: 'ca2e59451e98ae60ba2f54e3857c50e5',
},
{
categories: ['Security'],
check_name: 'Insecure Dependency',
description: 'Insecure Dependency',
location: {
path: 'Gemfile.lock',
lines: {
begin: 21,
end: 21,
},
},
fingerprint: 'ca2354534dee94ae60ba2f54e3857c50e5',
},
];
export const sastParsedIssues = [ export const sastParsedIssues = [
{ {
title: 'Arbitrary file existence disclosure in Action Pack', title: 'Arbitrary file existence disclosure in Action Pack',
...@@ -186,187 +157,6 @@ export const sastIssuesBase = [ ...@@ -186,187 +157,6 @@ export const sastIssuesBase = [
}, },
]; ];
export const parsedSastIssuesStore = [
{
tool: 'bundler_audit',
message: 'Arbitrary file existence disclosure in Action Pack',
cve: 'CVE-2014-7829',
solution: 'upgrade to ~> 3.2.21, ~> 4.0.11.1, ~> 4.0.12, ~> 4.1.7.1, >= 4.1.8',
title: 'Arbitrary file existence disclosure in Action Pack',
path: 'Gemfile.lock',
urlPath: 'path/Gemfile.lock#L5-10',
category: 'sast',
project_fingerprint: 'f55331d66fd4f3bfb4237d48e9c9fa8704bd33c6',
location: {
file: 'Gemfile.lock',
start_line: 5,
end_line: 10,
},
links: [
{
url: 'https://groups.google.com/forum/#!topic/rubyonrails-security/rMTQy4oRCGk',
},
],
identifiers: [
{
type: 'CVE',
name: 'CVE-2014-7829',
value: 'CVE-2014-7829',
link: 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7829',
},
],
},
{
tool: 'bundler_audit',
message: 'Possible Information Leak Vulnerability in Action View',
cve: 'CVE-2016-0752',
solution:
'upgrade to >= 5.0.0.beta1.1, >= 4.2.5.1, ~> 4.2.5, >= 4.1.14.1, ~> 4.1.14, ~> 3.2.22.1',
title: 'Possible Information Leak Vulnerability in Action View',
path: 'Gemfile.lock',
urlPath: 'path/Gemfile.lock',
category: 'sast',
project_fingerprint: 'a6b61a2eba59071178d5899b26dd699fb880de1e',
location: {
file: 'Gemfile.lock',
},
links: [
{
url: 'https://groups.google.com/forum/#!topic/rubyonrails-security/335P1DcLG00',
},
],
identifiers: [
{
type: 'CVE',
name: 'CVE-2016-0752',
value: 'CVE-2016-0752',
link: 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0752',
},
],
},
{
tool: 'bundler_audit',
message: 'Possible Object Leak and Denial of Service attack in Action Pack',
cve: 'CVE-2016-0751',
solution:
'upgrade to >= 5.0.0.beta1.1, >= 4.2.5.1, ~> 4.2.5, >= 4.1.14.1, ~> 4.1.14, ~> 3.2.22.1',
title: 'Possible Object Leak and Denial of Service attack in Action Pack',
path: 'Gemfile.lock',
urlPath: 'path/Gemfile.lock',
category: 'sast',
project_fingerprint: '830f85e5fb011408bab365eb809cd97a45b0aa17',
location: {
file: 'Gemfile.lock',
},
links: [
{
url: 'https://groups.google.com/forum/#!topic/rubyonrails-security/9oLY_FCzvoc',
},
],
identifiers: [
{
type: 'CVE',
name: 'CVE-2016-0751',
value: 'CVE-2016-0751',
link: 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0751',
},
],
},
];
export const parsedSastIssuesHead = [
{
tool: 'bundler_audit',
message: 'Arbitrary file existence disclosure in Action Pack',
cve: 'CVE-2014-7829',
solution: 'upgrade to ~> 3.2.21, ~> 4.0.11.1, ~> 4.0.12, ~> 4.1.7.1, >= 4.1.8',
title: 'Arbitrary file existence disclosure in Action Pack',
path: 'Gemfile.lock',
urlPath: 'path/Gemfile.lock#L5-10',
category: 'sast',
project_fingerprint: 'f55331d66fd4f3bfb4237d48e9c9fa8704bd33c6',
location: {
file: 'Gemfile.lock',
start_line: 5,
end_line: 10,
},
links: [
{
url: 'https://groups.google.com/forum/#!topic/rubyonrails-security/rMTQy4oRCGk',
},
],
identifiers: [
{
type: 'CVE',
name: 'CVE-2014-7829',
value: 'CVE-2014-7829',
link: 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7829',
},
],
},
{
tool: 'bundler_audit',
message: 'Possible Object Leak and Denial of Service attack in Action Pack',
cve: 'CVE-2016-0751',
solution:
'upgrade to >= 5.0.0.beta1.1, >= 4.2.5.1, ~> 4.2.5, >= 4.1.14.1, ~> 4.1.14, ~> 3.2.22.1',
title: 'Possible Object Leak and Denial of Service attack in Action Pack',
path: 'Gemfile.lock',
urlPath: 'path/Gemfile.lock',
category: 'sast',
project_fingerprint: '830f85e5fb011408bab365eb809cd97a45b0aa17',
location: {
file: 'Gemfile.lock',
},
links: [
{
url: 'https://groups.google.com/forum/#!topic/rubyonrails-security/9oLY_FCzvoc',
},
],
identifiers: [
{
type: 'CVE',
name: 'CVE-2016-0751',
value: 'CVE-2016-0751',
link: 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0751',
},
],
},
];
export const parsedSastBaseStore = [
{
title: 'Test Information Leak Vulnerability in Action View',
tool: 'bundler_audit',
message: 'Test Information Leak Vulnerability in Action View',
cve: 'CVE-2016-9999',
solution:
'upgrade to >= 5.0.0.beta1.1, >= 4.2.5.1, ~> 4.2.5, >= 4.1.14.1, ~> 4.1.14, ~> 3.2.22.1',
path: 'Gemfile.lock',
urlPath: 'path/Gemfile.lock#L5-10',
category: 'sast',
project_fingerprint: '3f5608c99f0c7442ba59bc6c0c1864d0000f8e1a',
location: {
file: 'Gemfile.lock',
start_line: 5,
end_line: 10,
},
links: [
{
url: 'https://groups.google.com/forum/#!topic/rubyonrails-security/335P1DcLG00',
},
],
identifiers: [
{
type: 'CVE',
name: 'CVE-2016-9999',
value: 'CVE-2016-9999',
link: 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9999',
},
],
},
];
export const dependencyScanningIssuesOld = [ export const dependencyScanningIssuesOld = [
{ {
tool: 'bundler_audit', tool: 'bundler_audit',
...@@ -706,21 +496,6 @@ export const parsedSastContainerBaseStore = [ ...@@ -706,21 +496,6 @@ export const parsedSastContainerBaseStore = [
}, },
]; ];
export const allIssuesParsed = [
{
title: 'Possible Information Leak Vulnerability in Action View',
tool: 'bundler_audit',
message: 'Possible Information Leak Vulnerability in Action View',
url: 'https://groups.google.com/forum/#!topic/rubyonrails-security/335P1DcLG00',
cve: 'CVE-2016-0752',
file: 'Gemfile.lock',
solution:
'upgrade to >= 5.0.0.beta1.1, >= 4.2.5.1, ~> 4.2.5, >= 4.1.14.1, ~> 4.1.14, ~> 3.2.22.1',
path: 'Gemfile.lock',
urlPath: 'path/Gemfile.lock',
},
];
export const dockerReport = { export const dockerReport = {
image: 'registry.example.com/example/master:1234', image: 'registry.example.com/example/master:1234',
unapproved: ['CVE-2017-12944', 'CVE-2017-16232'], unapproved: ['CVE-2017-12944', 'CVE-2017-16232'],
...@@ -1287,103 +1062,6 @@ export const parsedDastNewIssues = [ ...@@ -1287,103 +1062,6 @@ export const parsedDastNewIssues = [
}, },
]; ];
/**
* SAST report API response for no added & fixed issues but with security issues
*/
export const sastHeadAllIssues = [
{
cve: 'CVE-2014-7829',
tool: 'retire',
url: 'https://github.com/jquery/jquery/issues/2432',
file: '/builds/gonzoyumo/test-package-lock/node_modules/tinycolor2/demo/jquery-1.9.1.js',
priority: 'medium',
message: '3rd party CORS request may execute',
},
{
cve: 'CVE-2014-7828',
tool: 'retire',
url: 'https://bugs.jquery.com/ticket/11974',
file: '/builds/gonzoyumo/test-package-lock/node_modules/tinycolor2/demo/jquery-1.9.1.js',
priority: 'medium',
message: 'parseHTML() executes scripts in event handlers',
},
{
cve: 'CVE-2014-7827',
tool: 'retire',
url: 'https://nodesecurity.io/advisories/146',
priority: 'high',
message: 'growl_command-injection',
},
{
cve: 'CVE-2014-7826',
tool: 'retire',
url: 'https://nodesecurity.io/advisories/146',
priority: 'high',
message: 'growl_command-injection',
},
];
export const sastBaseAllIssues = [
{
cve: 'CVE-2014-7829',
tool: 'gemnasium',
message: 'Command Injection for growl',
url: 'https://github.com/tj/node-growl/pull/61',
file: 'package-lock.json',
},
{
cve: 'CVE-2014-7828',
tool: 'gemnasium',
message: 'Regular Expression Denial of Service for tough-cookie',
url: 'https://github.com/salesforce/tough-cookie/issues/92',
file: 'package-lock.json',
},
{
cve: 'CVE-2014-7827',
tool: 'gemnasium',
message: 'Regular Expression Denial of Service for string',
url: 'https://github.com/jprichardson/string.js/issues/212',
file: 'package-lock.json',
},
{
cve: 'CVE-2014-7826',
tool: 'gemnasium',
message: 'Regular Expression Denial of Service for debug',
url: 'https://nodesecurity.io/advisories/534',
file: 'package-lock.json',
},
{
cve: 'CVE-2014-7825',
tool: 'retire',
message: '3rd party CORS request may execute',
url: 'https://github.com/jquery/jquery/issues/2432',
file: '/code/node_modules/tinycolor2/demo/jquery-1.9.1.js',
priority: 'medium',
},
{
cve: 'CVE-2014-7824',
tool: 'retire',
message: 'parseHTML() executes scripts in event handlers',
url: 'https://bugs.jquery.com/ticket/11974',
file: '/code/node_modules/tinycolor2/demo/jquery-1.9.1.js',
priority: 'medium',
},
{
cve: 'CVE-2014-7823',
tool: 'retire',
message: 'growl_command-injection',
url: 'https://nodesecurity.io/advisories/146',
priority: 'high',
},
{
cve: 'CVE-2014-7822',
tool: 'retire',
message: 'growl_command-injection',
url: 'https://nodesecurity.io/advisories/146',
priority: 'high',
},
];
export const sastFeedbacks = [ export const sastFeedbacks = [
{ {
id: 3, id: 3,
...@@ -1483,3 +1161,336 @@ export const containerScanningFeedbacks = [ ...@@ -1483,3 +1161,336 @@ export const containerScanningFeedbacks = [
project_fingerprint: libTiffCveFingerprint2, project_fingerprint: libTiffCveFingerprint2,
}, },
]; ];
export const mockFindings = [
{
id: null,
report_type: 'dependency_scanning',
name: 'Cross-site Scripting in serialize-javascript',
severity: 'unknown',
confidence: 'undefined',
scanner: { external_id: 'gemnasium', name: 'Gemnasium' },
identifiers: [
{
external_type: 'gemnasium',
external_id: '58caa017-9a9a-46d6-bab2-ec930f46833c',
name: 'Gemnasium-58caa017-9a9a-46d6-bab2-ec930f46833c',
url:
'https://deps.sec.gitlab.com/packages/npm/serialize-javascript/versions/1.7.0/advisories',
},
{
external_type: 'cve',
external_id: 'CVE-2019-16769',
name: 'CVE-2019-16769',
url: 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16769',
},
],
project_fingerprint: '09df9f4d11c8deb93d81bdcc39f7667b44143298',
create_vulnerability_feedback_issue_path: '/gitlab-org/gitlab-ui/vulnerability_feedback',
create_vulnerability_feedback_merge_request_path:
'/gitlab-org/gitlab-ui/vulnerability_feedback',
create_vulnerability_feedback_dismissal_path: '/gitlab-org/gitlab-ui/vulnerability_feedback',
project: {
id: 7071551,
name: 'gitlab-ui',
full_path: '/gitlab-org/gitlab-ui',
full_name: 'GitLab.org / gitlab-ui',
},
dismissal_feedback: null,
issue_feedback: null,
merge_request_feedback: null,
description:
'The serialize-javascript npm package is vulnerable to Cross-site Scripting (XSS). It does not properly mitigate against unsafe characters in serialized regular expressions. If serialized data of regular expression objects are used in an environment other than Node.js, it is affected by this vulnerability.',
links: [{ url: 'https://nvd.nist.gov/vuln/detail/CVE-2019-16769' }],
location: {
file: 'yarn.lock',
dependency: { package: { name: 'serialize-javascript' }, version: '1.7.0' },
},
remediations: [null],
solution: 'Upgrade to version 2.1.1 or above.',
state: 'opened',
blob_path: '/gitlab-org/gitlab-ui/blob/ad137f0a8ac59af961afe47d04e5cc062c6864a9/yarn.lock',
},
{
id: null,
report_type: 'dependency_scanning',
name: '3rd party CORS request may execute in jquery',
severity: 'medium',
confidence: 'undefined',
scanner: { external_id: 'retire.js', name: 'Retire.js' },
identifiers: [
{
external_type: 'cve',
external_id: 'CVE-2015-9251',
name: 'CVE-2015-9251',
url: 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-9251',
},
],
project_fingerprint: '1ecd3b214cf39c0b9ad23a0a9679778d7cf55876',
create_vulnerability_feedback_issue_path: '/gitlab-org/gitlab-ui/vulnerability_feedback',
create_vulnerability_feedback_merge_request_path:
'/gitlab-org/gitlab-ui/vulnerability_feedback',
create_vulnerability_feedback_dismissal_path: '/gitlab-org/gitlab-ui/vulnerability_feedback',
project: {
id: 7071551,
name: 'gitlab-ui',
full_path: '/gitlab-org/gitlab-ui',
full_name: 'GitLab.org / gitlab-ui',
},
dismissal_feedback: {
id: 2528,
created_at: '2019-08-26T12:30:32.349Z',
project_id: 7071551,
author: {
id: 181229,
name: "Lukas 'Eipi' Eipert",
username: 'leipert',
state: 'active',
avatar_url:
'https://secure.gravatar.com/avatar/19a1f1260fa70323f35bc508927921a2?s=80\u0026d=identicon',
web_url: 'https://gitlab.com/leipert',
status_tooltip_html: null,
path: '/leipert',
},
comment_details: {
comment: 'This particular jQuery version appears in a test path of tinycolor2.\n',
comment_timestamp: '2019-08-26T12:30:37.610Z',
comment_author: {
id: 181229,
name: "Lukas 'Eipi' Eipert",
username: 'leipert',
state: 'active',
avatar_url:
'https://secure.gravatar.com/avatar/19a1f1260fa70323f35bc508927921a2?s=80\u0026d=identicon',
web_url: 'https://gitlab.com/leipert',
status_tooltip_html: null,
path: '/leipert',
},
},
pipeline: { id: 78375355, path: '/gitlab-org/gitlab-ui/pipelines/78375355' },
destroy_vulnerability_feedback_dismissal_path:
'/gitlab-org/gitlab-ui/vulnerability_feedback/2528',
category: 'dependency_scanning',
feedback_type: 'dismissal',
branch: 'leipert-dogfood-secure',
project_fingerprint: '1ecd3b214cf39c0b9ad23a0a9679778d7cf55876',
},
issue_feedback: null,
merge_request_feedback: null,
description: null,
links: [
{ url: 'https://github.com/jquery/jquery/issues/2432' },
{ url: 'http://blog.jquery.com/2016/01/08/jquery-2-2-and-1-12-released/' },
{ url: 'https://nvd.nist.gov/vuln/detail/CVE-2015-9251' },
{ url: 'http://research.insecurelabs.org/jquery/test/' },
],
location: {
file: 'node_modules/tinycolor2/demo/jquery-1.9.1.js',
dependency: { package: { name: 'jquery' }, version: '1.9.1' },
},
remediations: [null],
solution: null,
state: 'dismissed',
blob_path:
'/gitlab-org/gitlab-ui/blob/ad137f0a8ac59af961afe47d04e5cc062c6864a9/node_modules/tinycolor2/demo/jquery-1.9.1.js',
},
{
id: null,
report_type: 'dependency_scanning',
name:
'jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution in jquery',
severity: 'low',
confidence: 'undefined',
scanner: { external_id: 'retire.js', name: 'Retire.js' },
identifiers: [
{
external_type: 'cve',
external_id: 'CVE-2019-11358',
name: 'CVE-2019-11358',
url: 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11358',
},
],
project_fingerprint: 'aeb4b2442d92d0ccf7023f0c220bda8b4ba910e3',
create_vulnerability_feedback_issue_path: '/gitlab-org/gitlab-ui/vulnerability_feedback',
create_vulnerability_feedback_merge_request_path:
'/gitlab-org/gitlab-ui/vulnerability_feedback',
create_vulnerability_feedback_dismissal_path: '/gitlab-org/gitlab-ui/vulnerability_feedback',
project: {
id: 7071551,
name: 'gitlab-ui',
full_path: '/gitlab-org/gitlab-ui',
full_name: 'GitLab.org / gitlab-ui',
},
dismissal_feedback: {
id: 4197,
created_at: '2019-11-14T11:03:18.472Z',
project_id: 7071551,
author: {
id: 181229,
name: "Lukas 'Eipi' Eipert",
username: 'leipert',
state: 'active',
avatar_url:
'https://secure.gravatar.com/avatar/19a1f1260fa70323f35bc508927921a2?s=80\u0026d=identicon',
web_url: 'https://gitlab.com/leipert',
status_tooltip_html: null,
path: '/leipert',
},
comment_details: {
comment:
'This is a false positive, as it just part of some documentation assets of sass-true.',
comment_timestamp: '2019-11-14T11:03:18.464Z',
comment_author: {
id: 181229,
name: "Lukas 'Eipi' Eipert",
username: 'leipert',
state: 'active',
avatar_url:
'https://secure.gravatar.com/avatar/19a1f1260fa70323f35bc508927921a2?s=80\u0026d=identicon',
web_url: 'https://gitlab.com/leipert',
status_tooltip_html: null,
path: '/leipert',
},
},
destroy_vulnerability_feedback_dismissal_path:
'/gitlab-org/gitlab-ui/vulnerability_feedback/4197',
category: 'dependency_scanning',
feedback_type: 'dismissal',
branch: null,
project_fingerprint: 'aeb4b2442d92d0ccf7023f0c220bda8b4ba910e3',
},
issue_feedback: null,
merge_request_feedback: null,
description: null,
links: [
{ url: 'https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/' },
{ url: 'https://nvd.nist.gov/vuln/detail/CVE-2019-11358' },
{ url: 'https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b' },
],
location: {
file: 'node_modules/sass-true/docs/assets/webpack/common.min.js',
dependency: { package: { name: 'jquery' }, version: '3.3.1' },
},
remediations: [null],
solution: null,
state: 'dismissed',
blob_path:
'/gitlab-org/gitlab-ui/blob/ad137f0a8ac59af961afe47d04e5cc062c6864a9/node_modules/sass-true/docs/assets/webpack/common.min.js',
},
{
id: null,
report_type: 'dependency_scanning',
name:
'jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution in jquery',
severity: 'low',
confidence: 'undefined',
scanner: { external_id: 'retire.js', name: 'Retire.js' },
identifiers: [
{
external_type: 'cve',
external_id: 'CVE-2019-11358',
name: 'CVE-2019-11358',
url: 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11358',
},
],
project_fingerprint: 'eb86aa13eb9d897a083ead6e134aa78aa9cadd52',
create_vulnerability_feedback_issue_path: '/gitlab-org/gitlab-ui/vulnerability_feedback',
create_vulnerability_feedback_merge_request_path:
'/gitlab-org/gitlab-ui/vulnerability_feedback',
create_vulnerability_feedback_dismissal_path: '/gitlab-org/gitlab-ui/vulnerability_feedback',
project: {
id: 7071551,
name: 'gitlab-ui',
full_path: '/gitlab-org/gitlab-ui',
full_name: 'GitLab.org / gitlab-ui',
},
dismissal_feedback: {
id: 2527,
created_at: '2019-08-26T12:29:43.624Z',
project_id: 7071551,
author: {
id: 181229,
name: "Lukas 'Eipi' Eipert",
username: 'leipert',
state: 'active',
avatar_url:
'https://secure.gravatar.com/avatar/19a1f1260fa70323f35bc508927921a2?s=80\u0026d=identicon',
web_url: 'https://gitlab.com/leipert',
status_tooltip_html: null,
path: '/leipert',
},
comment_details: {
comment: 'This particular jQuery version appears in a test path of tinycolor2.',
comment_timestamp: '2019-08-26T12:30:14.840Z',
comment_author: {
id: 181229,
name: "Lukas 'Eipi' Eipert",
username: 'leipert',
state: 'active',
avatar_url:
'https://secure.gravatar.com/avatar/19a1f1260fa70323f35bc508927921a2?s=80\u0026d=identicon',
web_url: 'https://gitlab.com/leipert',
status_tooltip_html: null,
path: '/leipert',
},
},
pipeline: { id: 78375355, path: '/gitlab-org/gitlab-ui/pipelines/78375355' },
destroy_vulnerability_feedback_dismissal_path:
'/gitlab-org/gitlab-ui/vulnerability_feedback/2527',
category: 'dependency_scanning',
feedback_type: 'dismissal',
branch: 'leipert-dogfood-secure',
project_fingerprint: 'eb86aa13eb9d897a083ead6e134aa78aa9cadd52',
},
issue_feedback: null,
merge_request_feedback: null,
description: null,
links: [
{ url: 'https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/' },
{ url: 'https://nvd.nist.gov/vuln/detail/CVE-2019-11358' },
{ url: 'https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b' },
],
location: {
file: 'node_modules/tinycolor2/demo/jquery-1.9.1.js',
dependency: { package: { name: 'jquery' }, version: '1.9.1' },
},
remediations: [null],
solution: null,
state: 'dismissed',
blob_path:
'/gitlab-org/gitlab-ui/blob/ad137f0a8ac59af961afe47d04e5cc062c6864a9/node_modules/tinycolor2/demo/jquery-1.9.1.js',
},
];
export const sastDiffSuccessMock = {
added: [mockFindings[0]],
fixed: [mockFindings[1], mockFindings[2]],
existing: [mockFindings[3]],
base_report_created_at: '2020-01-01T10:00:00.000Z',
base_report_out_of_date: false,
head_report_created_at: '2020-01-10T10:00:00.000Z',
};
export const dastDiffSuccessMock = {
added: [mockFindings[0]],
fixed: [mockFindings[1], mockFindings[2]],
base_report_created_at: '2020-01-01T10:00:00.000Z',
base_report_out_of_date: false,
head_report_created_at: '2020-01-10T10:00:00.000Z',
};
export const containerScanningDiffSuccessMock = {
added: [mockFindings[0], mockFindings[1]],
fixed: [mockFindings[2]],
base_report_created_at: '2020-01-01T10:00:00.000Z',
base_report_out_of_date: false,
head_report_created_at: '2020-01-10T10:00:00.000Z',
};
export const dependencyScanningDiffSuccessMock = {
added: [mockFindings[0], mockFindings[1]],
fixed: [mockFindings[2]],
base_report_created_at: '2020-01-01T10:00:00.000Z',
base_report_out_of_date: false,
head_report_created_at: '2020-01-10T10:00:00.000Z',
};
...@@ -525,8 +525,8 @@ describe('Security reports getters', () => { ...@@ -525,8 +525,8 @@ describe('Security reports getters', () => {
expect(noBaseInAllReports(state)).toEqual(true); expect(noBaseInAllReports(state)).toEqual(true);
}); });
it('returns false when any of the reports has base', () => { it('returns false when any of the reports has a base', () => {
state.dast.paths.base = BASE_PATH; state.dast.hasBaseReport = true;
expect(noBaseInAllReports(state)).toEqual(false); expect(noBaseInAllReports(state)).toEqual(false);
}); });
......
...@@ -15,20 +15,21 @@ import mockData, { ...@@ -15,20 +15,21 @@ import mockData, {
parsedHeadIssues, parsedHeadIssues,
} from 'ee_spec/vue_mr_widget/mock_data'; } from 'ee_spec/vue_mr_widget/mock_data';
import {
sastIssues,
sastIssuesBase,
dockerReport,
dockerBaseReport,
dast,
dastBase,
sastBaseAllIssues,
sastHeadAllIssues,
} from 'ee_spec/vue_shared/security_reports/mock_data';
import { SUCCESS } from '~/vue_merge_request_widget/components/deployment/constants'; import { SUCCESS } from '~/vue_merge_request_widget/components/deployment/constants';
import { convertObjectPropsToCamelCase } from '~/lib/utils/common_utils'; import { convertObjectPropsToCamelCase } from '~/lib/utils/common_utils';
import axios from '~/lib/utils/axios_utils'; import axios from '~/lib/utils/axios_utils';
import { MTWPS_MERGE_STRATEGY, MT_MERGE_STRATEGY } from '~/vue_merge_request_widget/constants'; import { MTWPS_MERGE_STRATEGY, MT_MERGE_STRATEGY } from '~/vue_merge_request_widget/constants';
import {
sastDiffSuccessMock,
dastDiffSuccessMock,
containerScanningDiffSuccessMock,
dependencyScanningDiffSuccessMock,
} from 'ee_spec/vue_shared/security_reports/mock_data';
const SAST_SELECTOR = '.js-sast-widget';
const DAST_SELECTOR = '.js-dast-widget';
const DEPENDENCY_SCANNING_SELECTOR = '.js-dependency-scanning-widget';
const CONTAINER_SCANNING_SELECTOR = '.js-sast-container';
describe('ee merge request widget options', () => { describe('ee merge request widget options', () => {
let vm; let vm;
...@@ -60,37 +61,37 @@ describe('ee merge request widget options', () => { ...@@ -60,37 +61,37 @@ describe('ee merge request widget options', () => {
gon.features = {}; gon.features = {};
}); });
describe('security widget', () => { const VULNERABILITY_FEEDBACK_ENDPOINT = 'vulnerability_feedback_path';
describe('SAST', () => {
const SAST_DIFF_ENDPOINT = 'sast_diff_endpoint';
beforeEach(() => { beforeEach(() => {
gl.mrWidgetData = { gl.mrWidgetData = {
...mockData, ...mockData,
sast: { enabled_reports: {
base_path: 'path.json', sast: true,
head_path: 'head_path.json',
}, },
vulnerability_feedback_path: 'vulnerability_feedback_path', sast_comparison_path: SAST_DIFF_ENDPOINT,
vulnerability_feedback_path: VULNERABILITY_FEEDBACK_ENDPOINT,
}; };
}); });
describe('when it is loading', () => { describe('when it is loading', () => {
it('should render loading indicator', () => { it('should render loading indicator', () => {
mock.onGet('path.json').reply(200, sastBaseAllIssues); mock.onGet(SAST_DIFF_ENDPOINT).reply(200, sastDiffSuccessMock);
mock.onGet('head_path.json').reply(200, sastHeadAllIssues); mock.onGet(VULNERABILITY_FEEDBACK_ENDPOINT).reply(200, []);
mock.onGet('vulnerability_feedback_path').reply(200, []);
vm = mountComponent(Component, { mrData: gl.mrWidgetData }); vm = mountComponent(Component, { mrData: gl.mrWidgetData });
expect(vm.$el.querySelector('.js-sast-widget').textContent.trim()).toContain( expect(vm.$el.querySelector(SAST_SELECTOR).textContent.trim()).toContain('SAST is loading');
'SAST is loading',
);
}); });
}); });
describe('with successful request', () => { describe('with successful request', () => {
beforeEach(() => { beforeEach(() => {
mock.onGet('path.json').reply(200, sastIssuesBase); mock.onGet(SAST_DIFF_ENDPOINT).reply(200, sastDiffSuccessMock);
mock.onGet('head_path.json').reply(200, sastIssues); mock.onGet(VULNERABILITY_FEEDBACK_ENDPOINT).reply(200, []);
mock.onGet('vulnerability_feedback_path').reply(200, []);
vm = mountComponent(Component, { mrData: gl.mrWidgetData }); vm = mountComponent(Component, { mrData: gl.mrWidgetData });
}); });
...@@ -98,32 +99,10 @@ describe('ee merge request widget options', () => { ...@@ -98,32 +99,10 @@ describe('ee merge request widget options', () => {
setTimeout(() => { setTimeout(() => {
expect( expect(
removeBreakLine( removeBreakLine(
vm.$el.querySelector('.js-sast-widget .report-block-list-issue-description') vm.$el.querySelector(`${SAST_SELECTOR} .report-block-list-issue-description`)
.textContent, .textContent,
), ),
).toEqual('SAST detected 2 new, and 1 fixed vulnerabilities'); ).toEqual('SAST detected 1 new, and 2 fixed vulnerabilities');
done();
}, 0);
});
});
describe('with full report and no added or fixed issues', () => {
beforeEach(() => {
mock.onGet('path.json').reply(200, sastBaseAllIssues);
mock.onGet('head_path.json').reply(200, sastBaseAllIssues);
mock.onGet('vulnerability_feedback_path').reply(200, []);
vm = mountComponent(Component, { mrData: gl.mrWidgetData });
});
it('renders no new vulnerabilities message', done => {
setTimeout(() => {
expect(
removeBreakLine(
vm.$el.querySelector('.js-sast-widget .report-block-list-issue-description')
.textContent,
),
).toEqual('SAST detected no new vulnerabilities');
done(); done();
}, 0); }, 0);
}); });
...@@ -131,9 +110,8 @@ describe('ee merge request widget options', () => { ...@@ -131,9 +110,8 @@ describe('ee merge request widget options', () => {
describe('with empty successful request', () => { describe('with empty successful request', () => {
beforeEach(() => { beforeEach(() => {
mock.onGet('path.json').reply(200, []); mock.onGet(SAST_DIFF_ENDPOINT).reply(200, { added: [], existing: [] });
mock.onGet('head_path.json').reply(200, []); mock.onGet(VULNERABILITY_FEEDBACK_ENDPOINT).reply(200, []);
mock.onGet('vulnerability_feedback_path').reply(200, []);
vm = mountComponent(Component, { mrData: gl.mrWidgetData }); vm = mountComponent(Component, { mrData: gl.mrWidgetData });
}); });
...@@ -142,7 +120,7 @@ describe('ee merge request widget options', () => { ...@@ -142,7 +120,7 @@ describe('ee merge request widget options', () => {
setTimeout(() => { setTimeout(() => {
expect( expect(
removeBreakLine( removeBreakLine(
vm.$el.querySelector('.js-sast-widget .report-block-list-issue-description') vm.$el.querySelector(`${SAST_SELECTOR} .report-block-list-issue-description`)
.textContent, .textContent,
).trim(), ).trim(),
).toEqual('SAST detected no vulnerabilities'); ).toEqual('SAST detected no vulnerabilities');
...@@ -153,16 +131,15 @@ describe('ee merge request widget options', () => { ...@@ -153,16 +131,15 @@ describe('ee merge request widget options', () => {
describe('with failed request', () => { describe('with failed request', () => {
beforeEach(() => { beforeEach(() => {
mock.onGet('path.json').reply(500, []); mock.onGet(SAST_DIFF_ENDPOINT).reply(500, {});
mock.onGet('head_path.json').reply(500, []); mock.onGet(VULNERABILITY_FEEDBACK_ENDPOINT).reply(500, []);
mock.onGet('vulnerability_feedback_path').reply(500, []);
vm = mountComponent(Component, { mrData: gl.mrWidgetData }); vm = mountComponent(Component, { mrData: gl.mrWidgetData });
}); });
it('should render error indicator', done => { it('should render error indicator', done => {
setTimeout(() => { setTimeout(() => {
expect(removeBreakLine(vm.$el.querySelector('.js-sast-widget').textContent)).toContain( expect(removeBreakLine(vm.$el.querySelector(SAST_SELECTOR).textContent)).toContain(
'SAST: Loading resulted in an error', 'SAST: Loading resulted in an error',
); );
done(); done();
...@@ -171,37 +148,37 @@ describe('ee merge request widget options', () => { ...@@ -171,37 +148,37 @@ describe('ee merge request widget options', () => {
}); });
}); });
describe('dependency scanning widget', () => { describe('Dependency Scanning', () => {
const DEPENDENCY_SCANNING_ENDPOINT = 'dependency_scanning_diff_endpoint';
beforeEach(() => { beforeEach(() => {
gl.mrWidgetData = { gl.mrWidgetData = {
...mockData, ...mockData,
dependency_scanning: { enabled_reports: {
base_path: 'path.json', dependency_scanning: true,
head_path: 'head_path.json',
}, },
vulnerability_feedback_path: 'vulnerability_feedback_path', dependency_scanning_comparison_path: DEPENDENCY_SCANNING_ENDPOINT,
vulnerability_feedback_path: VULNERABILITY_FEEDBACK_ENDPOINT,
}; };
}); });
describe('when it is loading', () => { describe('when it is loading', () => {
it('should render loading indicator', () => { it('should render loading indicator', () => {
mock.onGet('path.json').reply(200, sastIssuesBase); mock.onGet(DEPENDENCY_SCANNING_ENDPOINT).reply(200, dependencyScanningDiffSuccessMock);
mock.onGet('head_path.json').reply(200, sastIssues); mock.onGet(VULNERABILITY_FEEDBACK_ENDPOINT).reply(200, []);
mock.onGet('vulnerability_feedback_path').reply(200, []);
vm = mountComponent(Component, { mrData: gl.mrWidgetData }); vm = mountComponent(Component, { mrData: gl.mrWidgetData });
expect( expect(
removeBreakLine(vm.$el.querySelector('.js-dependency-scanning-widget').textContent), removeBreakLine(vm.$el.querySelector(DEPENDENCY_SCANNING_SELECTOR).textContent),
).toContain('Dependency scanning is loading'); ).toContain('Dependency scanning is loading');
}); });
}); });
describe('with successful request', () => { describe('with successful request', () => {
beforeEach(() => { beforeEach(() => {
mock.onGet('path.json').reply(200, sastIssuesBase); mock.onGet(DEPENDENCY_SCANNING_ENDPOINT).reply(200, dependencyScanningDiffSuccessMock);
mock.onGet('head_path.json').reply(200, sastIssues); mock.onGet(VULNERABILITY_FEEDBACK_ENDPOINT).reply(200, []);
mock.onGet('vulnerability_feedback_path').reply(200, []);
vm = mountComponent(Component, { mrData: gl.mrWidgetData }); vm = mountComponent(Component, { mrData: gl.mrWidgetData });
}); });
...@@ -211,7 +188,7 @@ describe('ee merge request widget options', () => { ...@@ -211,7 +188,7 @@ describe('ee merge request widget options', () => {
expect( expect(
removeBreakLine( removeBreakLine(
vm.$el.querySelector( vm.$el.querySelector(
'.js-dependency-scanning-widget .report-block-list-issue-description', `${DEPENDENCY_SCANNING_SELECTOR} .report-block-list-issue-description`,
).textContent, ).textContent,
), ),
).toEqual('Dependency scanning detected 2 new, and 1 fixed vulnerabilities'); ).toEqual('Dependency scanning detected 2 new, and 1 fixed vulnerabilities');
...@@ -222,9 +199,12 @@ describe('ee merge request widget options', () => { ...@@ -222,9 +199,12 @@ describe('ee merge request widget options', () => {
describe('with full report and no added or fixed issues', () => { describe('with full report and no added or fixed issues', () => {
beforeEach(() => { beforeEach(() => {
mock.onGet('path.json').reply(200, sastBaseAllIssues); mock.onGet(DEPENDENCY_SCANNING_ENDPOINT).reply(200, {
mock.onGet('head_path.json').reply(200, sastBaseAllIssues); added: [],
mock.onGet('vulnerability_feedback_path').reply(200, []); fixed: [],
existing: [{ title: 'Mock finding' }],
});
mock.onGet(VULNERABILITY_FEEDBACK_ENDPOINT).reply(200, []);
vm = mountComponent(Component, { mrData: gl.mrWidgetData }); vm = mountComponent(Component, { mrData: gl.mrWidgetData });
}); });
...@@ -234,7 +214,7 @@ describe('ee merge request widget options', () => { ...@@ -234,7 +214,7 @@ describe('ee merge request widget options', () => {
expect( expect(
removeBreakLine( removeBreakLine(
vm.$el.querySelector( vm.$el.querySelector(
'.js-dependency-scanning-widget .report-block-list-issue-description', `${DEPENDENCY_SCANNING_SELECTOR} .report-block-list-issue-description`,
).textContent, ).textContent,
), ),
).toEqual('Dependency scanning detected no new vulnerabilities'); ).toEqual('Dependency scanning detected no new vulnerabilities');
...@@ -245,9 +225,8 @@ describe('ee merge request widget options', () => { ...@@ -245,9 +225,8 @@ describe('ee merge request widget options', () => {
describe('with empty successful request', () => { describe('with empty successful request', () => {
beforeEach(() => { beforeEach(() => {
mock.onGet('path.json').reply(200, []); mock.onGet(DEPENDENCY_SCANNING_ENDPOINT).reply(200, { added: [], fixed: [], existing: [] });
mock.onGet('head_path.json').reply(200, []); mock.onGet(VULNERABILITY_FEEDBACK_ENDPOINT).reply(200, []);
mock.onGet('vulnerability_feedback_path').reply(200, []);
vm = mountComponent(Component, { mrData: gl.mrWidgetData }); vm = mountComponent(Component, { mrData: gl.mrWidgetData });
}); });
...@@ -257,7 +236,7 @@ describe('ee merge request widget options', () => { ...@@ -257,7 +236,7 @@ describe('ee merge request widget options', () => {
expect( expect(
removeBreakLine( removeBreakLine(
vm.$el.querySelector( vm.$el.querySelector(
'.js-dependency-scanning-widget .report-block-list-issue-description', `${DEPENDENCY_SCANNING_SELECTOR} .report-block-list-issue-description`,
).textContent, ).textContent,
), ),
).toEqual('Dependency scanning detected no vulnerabilities'); ).toEqual('Dependency scanning detected no vulnerabilities');
...@@ -278,7 +257,7 @@ describe('ee merge request widget options', () => { ...@@ -278,7 +257,7 @@ describe('ee merge request widget options', () => {
it('should render error indicator', done => { it('should render error indicator', done => {
setTimeout(() => { setTimeout(() => {
expect( expect(
removeBreakLine(vm.$el.querySelector('.js-dependency-scanning-widget').textContent), removeBreakLine(vm.$el.querySelector(DEPENDENCY_SCANNING_SELECTOR).textContent),
).toContain('Dependency scanning: Loading resulted in an error'); ).toContain('Dependency scanning: Loading resulted in an error');
done(); done();
}, 0); }, 0);
...@@ -649,37 +628,37 @@ describe('ee merge request widget options', () => { ...@@ -649,37 +628,37 @@ describe('ee merge request widget options', () => {
}); });
}); });
describe('sast container report', () => { describe('Container Scanning', () => {
const CONTAINER_SCANNING_ENDPOINT = 'container_scanning';
beforeEach(() => { beforeEach(() => {
gl.mrWidgetData = { gl.mrWidgetData = {
...mockData, ...mockData,
sast_container: { enabled_reports: {
head_path: 'gl-sast-container.json', container_scanning: true,
base_path: 'sast-container-base.json',
}, },
vulnerability_feedback_path: 'vulnerability_feedback_path', container_scanning_comparison_path: CONTAINER_SCANNING_ENDPOINT,
vulnerability_feedback_path: VULNERABILITY_FEEDBACK_ENDPOINT,
}; };
}); });
describe('when it is loading', () => { describe('when it is loading', () => {
it('should render loading indicator', () => { it('should render loading indicator', () => {
mock.onGet('gl-sast-container.json').reply(200, dockerReport); mock.onGet(CONTAINER_SCANNING_ENDPOINT).reply(200, containerScanningDiffSuccessMock);
mock.onGet('sast-container-base.json').reply(200, dockerBaseReport); mock.onGet(VULNERABILITY_FEEDBACK_ENDPOINT).reply(200, []);
mock.onGet('vulnerability_feedback_path').reply(200, []);
vm = mountComponent(Component, { mrData: gl.mrWidgetData }); vm = mountComponent(Component, { mrData: gl.mrWidgetData });
expect(removeBreakLine(vm.$el.querySelector('.js-sast-container').textContent)).toContain( expect(
'Container scanning is loading', removeBreakLine(vm.$el.querySelector(CONTAINER_SCANNING_SELECTOR).textContent),
); ).toContain('Container scanning is loading');
}); });
}); });
describe('with successful request', () => { describe('with successful request', () => {
beforeEach(() => { beforeEach(() => {
mock.onGet('gl-sast-container.json').reply(200, dockerReport); mock.onGet(CONTAINER_SCANNING_ENDPOINT).reply(200, containerScanningDiffSuccessMock);
mock.onGet('sast-container-base.json').reply(200, dockerBaseReport); mock.onGet(VULNERABILITY_FEEDBACK_ENDPOINT).reply(200, []);
mock.onGet('vulnerability_feedback_path').reply(200, []);
vm = mountComponent(Component, { mrData: gl.mrWidgetData }); vm = mountComponent(Component, { mrData: gl.mrWidgetData });
}); });
...@@ -688,10 +667,11 @@ describe('ee merge request widget options', () => { ...@@ -688,10 +667,11 @@ describe('ee merge request widget options', () => {
setTimeout(() => { setTimeout(() => {
expect( expect(
removeBreakLine( removeBreakLine(
vm.$el.querySelector('.js-sast-container .report-block-list-issue-description') vm.$el.querySelector(
.textContent, `${CONTAINER_SCANNING_SELECTOR} .report-block-list-issue-description`,
).textContent,
), ),
).toEqual('Container scanning detected 1 new, and 1 fixed vulnerabilities'); ).toEqual('Container scanning detected 2 new, and 1 fixed vulnerabilities');
done(); done();
}, 0); }, 0);
}); });
...@@ -699,16 +679,15 @@ describe('ee merge request widget options', () => { ...@@ -699,16 +679,15 @@ describe('ee merge request widget options', () => {
describe('with failed request', () => { describe('with failed request', () => {
beforeEach(() => { beforeEach(() => {
mock.onGet('gl-sast-container.json').reply(500, {}); mock.onGet(CONTAINER_SCANNING_ENDPOINT).reply(500, {});
mock.onGet('sast-container-base.json').reply(500, {}); mock.onGet(VULNERABILITY_FEEDBACK_ENDPOINT).reply(500, []);
mock.onGet('vulnerability_feedback_path').reply(500, []);
vm = mountComponent(Component, { mrData: gl.mrWidgetData }); vm = mountComponent(Component, { mrData: gl.mrWidgetData });
}); });
it('should render error indicator', done => { it('should render error indicator', done => {
setTimeout(() => { setTimeout(() => {
expect(vm.$el.querySelector('.js-sast-container').textContent.trim()).toContain( expect(vm.$el.querySelector(CONTAINER_SCANNING_SELECTOR).textContent.trim()).toContain(
'Container scanning: Loading resulted in an error', 'Container scanning: Loading resulted in an error',
); );
done(); done();
...@@ -717,37 +696,35 @@ describe('ee merge request widget options', () => { ...@@ -717,37 +696,35 @@ describe('ee merge request widget options', () => {
}); });
}); });
describe('dast report', () => { describe('DAST', () => {
const DAST_ENDPOINT = 'dast_report';
beforeEach(() => { beforeEach(() => {
gl.mrWidgetData = { gl.mrWidgetData = {
...mockData, ...mockData,
dast: { enabled_reports: {
head_path: 'dast.json', dast: true,
base_path: 'dast_base.json',
}, },
vulnerability_feedback_path: 'vulnerability_feedback_path', dast_comparison_path: DAST_ENDPOINT,
vulnerability_feedback_path: VULNERABILITY_FEEDBACK_ENDPOINT,
}; };
}); });
describe('when it is loading', () => { describe('when it is loading', () => {
it('should render loading indicator', () => { it('should render loading indicator', () => {
mock.onGet('dast.json').reply(200, dast); mock.onGet(DAST_ENDPOINT).reply(200, dastDiffSuccessMock);
mock.onGet('dast_base.json').reply(200, dastBase); mock.onGet(VULNERABILITY_FEEDBACK_ENDPOINT).reply(200, []);
mock.onGet('vulnerability_feedback_path').reply(200, []);
vm = mountComponent(Component, { mrData: gl.mrWidgetData }); vm = mountComponent(Component, { mrData: gl.mrWidgetData });
expect(vm.$el.querySelector('.js-dast-widget').textContent.trim()).toContain( expect(vm.$el.querySelector(DAST_SELECTOR).textContent.trim()).toContain('DAST is loading');
'DAST is loading',
);
}); });
}); });
describe('with successful request', () => { describe('with successful request', () => {
beforeEach(() => { beforeEach(() => {
mock.onGet('dast.json').reply(200, dast); mock.onGet(DAST_ENDPOINT).reply(200, dastDiffSuccessMock);
mock.onGet('dast_base.json').reply(200, dastBase); mock.onGet(VULNERABILITY_FEEDBACK_ENDPOINT).reply(200, []);
mock.onGet('vulnerability_feedback_path').reply(200, []);
vm = mountComponent(Component, { mrData: gl.mrWidgetData }); vm = mountComponent(Component, { mrData: gl.mrWidgetData });
}); });
...@@ -756,9 +733,9 @@ describe('ee merge request widget options', () => { ...@@ -756,9 +733,9 @@ describe('ee merge request widget options', () => {
setTimeout(() => { setTimeout(() => {
expect( expect(
vm.$el vm.$el
.querySelector('.js-dast-widget .report-block-list-issue-description') .querySelector(`${DAST_SELECTOR} .report-block-list-issue-description`)
.textContent.trim(), .textContent.trim(),
).toEqual('DAST detected 1 new vulnerability'); ).toEqual('DAST detected 1 new, and 2 fixed vulnerabilities');
done(); done();
}, 0); }, 0);
}); });
...@@ -766,16 +743,15 @@ describe('ee merge request widget options', () => { ...@@ -766,16 +743,15 @@ describe('ee merge request widget options', () => {
describe('with failed request', () => { describe('with failed request', () => {
beforeEach(() => { beforeEach(() => {
mock.onGet('dast.json').reply(500, {}); mock.onGet(DAST_ENDPOINT).reply(500, {});
mock.onGet('dast_base.json').reply(500, {}); mock.onGet(VULNERABILITY_FEEDBACK_ENDPOINT).reply(500, {});
mock.onGet('vulnerability_feedback_path').reply(500, []);
vm = mountComponent(Component, { mrData: gl.mrWidgetData }); vm = mountComponent(Component, { mrData: gl.mrWidgetData });
}); });
it('should render error indicator', done => { it('should render error indicator', done => {
setTimeout(() => { setTimeout(() => {
expect(vm.$el.querySelector('.js-dast-widget').textContent.trim()).toContain( expect(vm.$el.querySelector(DAST_SELECTOR).textContent.trim()).toContain(
'DAST: Loading resulted in an error', 'DAST: Loading resulted in an error',
); );
done(); done();
...@@ -1095,4 +1071,41 @@ describe('ee merge request widget options', () => { ...@@ -1095,4 +1071,41 @@ describe('ee merge request widget options', () => {
expect(vm.service).toEqual(jasmine.objectContaining(convertObjectPropsToCamelCase(paths))); expect(vm.service).toEqual(jasmine.objectContaining(convertObjectPropsToCamelCase(paths)));
}); });
}); });
describe('when no security reports are enabled', () => {
const noSecurityReportsEnabledCases = [
undefined,
{},
{
dast: false,
sast: false,
container_scanning: false,
dependency_scanning: false,
},
];
noSecurityReportsEnabledCases.forEach(noSecurityReportsEnabled => {
beforeEach(() => {
gl.mrWidgetData = {
...mockData,
enabled_reports: noSecurityReportsEnabled,
};
vm = mountComponent(Component, { mrData: gl.mrWidgetData });
});
it('does not render the security reports', () => {
const selectors = [
SAST_SELECTOR,
DAST_SELECTOR,
DEPENDENCY_SCANNING_SELECTOR,
CONTAINER_SCANNING_SELECTOR,
];
const securityWidgets = selectors.map(selector => vm.$el.querySelector(selector));
expect(securityWidgets).toEqual([null, null, null, null]);
});
});
});
}); });
...@@ -11,9 +11,9 @@ export default Object.assign({}, mockData, { ...@@ -11,9 +11,9 @@ export default Object.assign({}, mockData, {
}, },
vulnerability_feedback_help_path: '/help/user/application_security/index', vulnerability_feedback_help_path: '/help/user/application_security/index',
enabled_reports: { enabled_reports: {
sast: true, sast: false,
container_scanning: false, container_scanning: false,
dast: true, dast: false,
dependency_scanning: false, dependency_scanning: false,
license_management: true, license_management: true,
}, },
......
...@@ -10,18 +10,37 @@ import { waitForMutation } from 'spec/helpers/vue_test_utils_helper'; ...@@ -10,18 +10,37 @@ import { waitForMutation } from 'spec/helpers/vue_test_utils_helper';
import { trimText } from 'spec/helpers/text_helper'; import { trimText } from 'spec/helpers/text_helper';
import axios from '~/lib/utils/axios_utils'; import axios from '~/lib/utils/axios_utils';
import { import {
sastIssues, sastDiffSuccessMock,
sastIssuesBase, dastDiffSuccessMock,
dockerReport, containerScanningDiffSuccessMock,
dockerBaseReport, dependencyScanningDiffSuccessMock,
dast, mockFindings,
dastBase,
} from './mock_data'; } from './mock_data';
const CONTAINER_SCANNING_DIFF_ENDPOINT = 'container_scanning.json';
const DEPENDENCY_SCANNING_DIFF_ENDPOINT = 'dependency_scanning.json';
const DAST_DIFF_ENDPOINT = 'dast.json';
const SAST_DIFF_ENDPOINT = 'sast.json';
describe('Grouped security reports app', () => { describe('Grouped security reports app', () => {
let wrapper; let wrapper;
let mock; let mock;
const props = {
headBlobPath: 'path',
baseBlobPath: 'path',
sastHelpPath: 'path',
sastContainerHelpPath: 'path',
dastHelpPath: 'path',
dependencyScanningHelpPath: 'path',
vulnerabilityFeedbackPath: 'vulnerability_feedback_path.json',
vulnerabilityFeedbackHelpPath: 'path',
pipelineId: 123,
canCreateIssue: true,
canCreateMergeRequest: true,
canDismissVulnerability: true,
};
const createWrapper = (propsData, provide = {}) => { const createWrapper = (propsData, provide = {}) => {
wrapper = mount(GroupedSecurityReportsApp, { wrapper = mount(GroupedSecurityReportsApp, {
propsData, propsData,
...@@ -31,6 +50,7 @@ describe('Grouped security reports app', () => { ...@@ -31,6 +50,7 @@ describe('Grouped security reports app', () => {
beforeEach(() => { beforeEach(() => {
mock = new MockAdapter(axios); mock = new MockAdapter(axios);
mock.onGet('vulnerability_feedback_path.json').reply(200, []);
}); });
afterEach(() => { afterEach(() => {
...@@ -42,46 +62,39 @@ describe('Grouped security reports app', () => { ...@@ -42,46 +62,39 @@ describe('Grouped security reports app', () => {
mock.restore(); mock.restore();
}); });
describe('all reports', () => {
const allReportProps = {
...props,
enabledReports: {
sast: true,
dast: true,
containerScanning: true,
dependencyScanning: true,
},
};
beforeEach(() => {
gl.mrWidgetData = gl.mrWidgetData || {};
gl.mrWidgetData.container_scanning_comparison_path = CONTAINER_SCANNING_DIFF_ENDPOINT;
gl.mrWidgetData.dependency_scanning_comparison_path = DEPENDENCY_SCANNING_DIFF_ENDPOINT;
gl.mrWidgetData.dast_comparison_path = DAST_DIFF_ENDPOINT;
gl.mrWidgetData.sast_comparison_path = SAST_DIFF_ENDPOINT;
});
describe('with error', () => { describe('with error', () => {
beforeEach(done => { beforeEach(done => {
mock.onGet('sast_head.json').reply(500); mock.onGet(CONTAINER_SCANNING_DIFF_ENDPOINT).reply(500);
mock.onGet('sast_base.json').reply(500); mock.onGet(DEPENDENCY_SCANNING_DIFF_ENDPOINT).reply(500);
mock.onGet('dast_head.json').reply(500); mock.onGet(DAST_DIFF_ENDPOINT).reply(500);
mock.onGet('dast_base.json').reply(500); mock.onGet(SAST_DIFF_ENDPOINT).reply(500);
mock.onGet('sast_container_head.json').reply(500);
mock.onGet('sast_container_base.json').reply(500);
mock.onGet('dss_head.json').reply(500);
mock.onGet('dss_base.json').reply(500);
mock.onGet('vulnerability_feedback_path.json').reply(500, []);
createWrapper({ createWrapper(allReportProps);
headBlobPath: 'path',
baseBlobPath: 'path',
sastHeadPath: 'sast_head.json',
sastBasePath: 'sast_base.json',
dastHeadPath: 'dast_head.json',
dastBasePath: 'dast_base.json',
sastContainerHeadPath: 'sast_container_head.json',
sastContainerBasePath: 'sast_container_base.json',
dependencyScanningHeadPath: 'dss_head.json',
dependencyScanningBasePath: 'dss_base.json',
sastHelpPath: 'path',
sastContainerHelpPath: 'path',
dastHelpPath: 'path',
dependencyScanningHelpPath: 'path',
vulnerabilityFeedbackPath: 'vulnerability_feedback_path.json',
vulnerabilityFeedbackHelpPath: 'path',
pipelineId: 123,
canCreateIssue: true,
canCreateMergeRequest: true,
canDismissVulnerability: true,
});
Promise.all([ Promise.all([
waitForMutation(wrapper.vm.$store, `sast/${sastTypes.RECEIVE_REPORTS_ERROR}`), waitForMutation(wrapper.vm.$store, `sast/${sastTypes.RECEIVE_DIFF_ERROR}`),
waitForMutation(wrapper.vm.$store, types.RECEIVE_SAST_CONTAINER_ERROR), waitForMutation(wrapper.vm.$store, types.RECEIVE_SAST_CONTAINER_DIFF_ERROR),
waitForMutation(wrapper.vm.$store, types.RECEIVE_DAST_ERROR), waitForMutation(wrapper.vm.$store, types.RECEIVE_DAST_DIFF_ERROR),
waitForMutation(wrapper.vm.$store, types.RECEIVE_DEPENDENCY_SCANNING_ERROR), waitForMutation(wrapper.vm.$store, types.RECEIVE_DEPENDENCY_SCANNING_DIFF_ERROR),
]) ])
.then(done) .then(done)
.catch(done.fail); .catch(done.fail);
...@@ -93,9 +106,13 @@ describe('Grouped security reports app', () => { ...@@ -93,9 +106,13 @@ describe('Grouped security reports app', () => {
'Security scanning failed loading any results', 'Security scanning failed loading any results',
); );
expect(wrapper.vm.$el.querySelector('.js-collapse-btn').textContent.trim()).toEqual('Expand'); expect(wrapper.vm.$el.querySelector('.js-collapse-btn').textContent.trim()).toEqual(
'Expand',
);
expect(trimText(wrapper.vm.$el.textContent)).toContain('SAST: Loading resulted in an error'); expect(trimText(wrapper.vm.$el.textContent)).toContain(
'SAST: Loading resulted in an error',
);
expect(trimText(wrapper.vm.$el.textContent)).toContain( expect(trimText(wrapper.vm.$el.textContent)).toContain(
'Dependency scanning: Loading resulted in an error', 'Dependency scanning: Loading resulted in an error',
...@@ -111,38 +128,12 @@ describe('Grouped security reports app', () => { ...@@ -111,38 +128,12 @@ describe('Grouped security reports app', () => {
describe('while loading', () => { describe('while loading', () => {
beforeEach(() => { beforeEach(() => {
mock.onGet('sast_head.json').reply(200, sastIssues); mock.onGet(CONTAINER_SCANNING_DIFF_ENDPOINT).reply(200, {});
mock.onGet('sast_base.json').reply(200, sastIssuesBase); mock.onGet(DEPENDENCY_SCANNING_DIFF_ENDPOINT).reply(200, {});
mock.onGet('dast_head.json').reply(200, dast); mock.onGet(DAST_DIFF_ENDPOINT).reply(200, {});
mock.onGet('dast_base.json').reply(200, dastBase); mock.onGet(SAST_DIFF_ENDPOINT).reply(200, {});
mock.onGet('sast_container_head.json').reply(200, dockerReport);
mock.onGet('sast_container_base.json').reply(200, dockerBaseReport);
mock.onGet('dss_head.json').reply(200, sastIssues);
mock.onGet('dss_base.json').reply(200, sastIssuesBase);
mock.onGet('vulnerability_feedback_path.json').reply(200, []);
createWrapper({ createWrapper(allReportProps);
headBlobPath: 'path',
baseBlobPath: 'path',
sastHeadPath: 'sast_head.json',
sastBasePath: 'sast_base.json',
dastHeadPath: 'dast_head.json',
dastBasePath: 'dast_base.json',
sastContainerHeadPath: 'sast_container_head.json',
sastContainerBasePath: 'sast_container_base.json',
dependencyScanningHeadPath: 'dss_head.json',
dependencyScanningBasePath: 'dss_base.json',
sastHelpPath: 'path',
sastContainerHelpPath: 'path',
dastHelpPath: 'path',
dependencyScanningHelpPath: 'path',
vulnerabilityFeedbackPath: 'vulnerability_feedback_path.json',
vulnerabilityFeedbackHelpPath: 'path',
pipelineId: 123,
canCreateIssue: true,
canCreateMergeRequest: true,
canDismissVulnerability: true,
});
}); });
it('renders loading summary text + spinner', () => { it('renders loading summary text + spinner', () => {
...@@ -151,7 +142,9 @@ describe('Grouped security reports app', () => { ...@@ -151,7 +142,9 @@ describe('Grouped security reports app', () => {
'Security scanning is loading', 'Security scanning is loading',
); );
expect(wrapper.vm.$el.querySelector('.js-collapse-btn').textContent.trim()).toEqual('Expand'); expect(wrapper.vm.$el.querySelector('.js-collapse-btn').textContent.trim()).toEqual(
'Expand',
);
expect(wrapper.vm.$el.textContent).toContain('SAST is loading'); expect(wrapper.vm.$el.textContent).toContain('SAST is loading');
expect(wrapper.vm.$el.textContent).toContain('Dependency scanning is loading'); expect(wrapper.vm.$el.textContent).toContain('Dependency scanning is loading');
...@@ -160,46 +153,20 @@ describe('Grouped security reports app', () => { ...@@ -160,46 +153,20 @@ describe('Grouped security reports app', () => {
}); });
}); });
describe('with all reports', () => { describe('with successful responses', () => {
beforeEach(done => { beforeEach(done => {
mock.onGet('sast_head.json').reply(200, sastIssues); mock.onGet(CONTAINER_SCANNING_DIFF_ENDPOINT).reply(200, containerScanningDiffSuccessMock);
mock.onGet('sast_base.json').reply(200, sastIssuesBase); mock.onGet(DEPENDENCY_SCANNING_DIFF_ENDPOINT).reply(200, dependencyScanningDiffSuccessMock);
mock.onGet('dast_head.json').reply(200, dast); mock.onGet(DAST_DIFF_ENDPOINT).reply(200, dastDiffSuccessMock);
mock.onGet('dast_base.json').reply(200, dastBase); mock.onGet(SAST_DIFF_ENDPOINT).reply(200, sastDiffSuccessMock);
mock.onGet('sast_container_head.json').reply(200, dockerReport);
mock.onGet('sast_container_base.json').reply(200, dockerBaseReport);
mock.onGet('dss_head.json').reply(200, sastIssues);
mock.onGet('dss_base.json').reply(200, sastIssuesBase);
mock.onGet('vulnerability_feedback_path.json').reply(200, []);
createWrapper({ createWrapper(allReportProps);
headBlobPath: 'path',
baseBlobPath: 'path',
sastHeadPath: 'sast_head.json',
sastBasePath: 'sast_base.json',
dastHeadPath: 'dast_head.json',
dastBasePath: 'dast_base.json',
sastContainerHeadPath: 'sast_container_head.json',
sastContainerBasePath: 'sast_container_base.json',
dependencyScanningHeadPath: 'dss_head.json',
dependencyScanningBasePath: 'dss_base.json',
sastHelpPath: 'path',
sastContainerHelpPath: 'path',
dastHelpPath: 'path',
dependencyScanningHelpPath: 'path',
vulnerabilityFeedbackPath: 'vulnerability_feedback_path.json',
vulnerabilityFeedbackHelpPath: 'path',
pipelineId: 123,
canCreateIssue: true,
canCreateMergeRequest: true,
canDismissVulnerability: true,
});
Promise.all([ Promise.all([
waitForMutation(wrapper.vm.$store, `sast/${sastTypes.RECEIVE_REPORTS}`), waitForMutation(wrapper.vm.$store, `sast/${sastTypes.RECEIVE_DIFF_SUCCESS}`),
waitForMutation(wrapper.vm.$store, types.RECEIVE_DAST_REPORTS), waitForMutation(wrapper.vm.$store, types.RECEIVE_DAST_DIFF_SUCCESS),
waitForMutation(wrapper.vm.$store, types.RECEIVE_SAST_CONTAINER_REPORTS), waitForMutation(wrapper.vm.$store, types.RECEIVE_SAST_CONTAINER_DIFF_SUCCESS),
waitForMutation(wrapper.vm.$store, types.RECEIVE_DEPENDENCY_SCANNING_REPORTS), waitForMutation(wrapper.vm.$store, types.RECEIVE_DEPENDENCY_SCANNING_DIFF_SUCCESS),
]) ])
.then(done) .then(done)
.catch(done.fail); .catch(done.fail);
...@@ -211,15 +178,17 @@ describe('Grouped security reports app', () => { ...@@ -211,15 +178,17 @@ describe('Grouped security reports app', () => {
// Renders the summary text // Renders the summary text
expect(wrapper.vm.$el.querySelector('.js-code-text').textContent.trim()).toEqual( expect(wrapper.vm.$el.querySelector('.js-code-text').textContent.trim()).toEqual(
'Security scanning detected 6 new, and 3 fixed vulnerabilities', 'Security scanning detected 6 new, and 6 fixed vulnerabilities',
); );
// Renders the expand button // Renders the expand button
expect(wrapper.vm.$el.querySelector('.js-collapse-btn').textContent.trim()).toEqual('Expand'); expect(wrapper.vm.$el.querySelector('.js-collapse-btn').textContent.trim()).toEqual(
'Expand',
);
// Renders Sast result // Renders Sast result
expect(trimText(wrapper.vm.$el.textContent)).toContain( expect(trimText(wrapper.vm.$el.textContent)).toContain(
'SAST detected 2 new, and 1 fixed vulnerabilities', 'SAST detected 1 new, and 2 fixed vulnerabilities',
); );
// Renders DSS result // Renders DSS result
...@@ -229,11 +198,13 @@ describe('Grouped security reports app', () => { ...@@ -229,11 +198,13 @@ describe('Grouped security reports app', () => {
// Renders container scanning result // Renders container scanning result
expect(wrapper.vm.$el.textContent).toContain( expect(wrapper.vm.$el.textContent).toContain(
'Container scanning detected 1 new, and 1 fixed vulnerabilities', 'Container scanning detected 2 new, and 1 fixed vulnerabilities',
); );
// Renders DAST result // Renders DAST result
expect(wrapper.vm.$el.textContent).toContain('DAST detected 1 new vulnerability'); expect(wrapper.vm.$el.textContent).toContain(
'DAST detected 1 new, and 2 fixed vulnerabilities',
);
}); });
it('opens modal with more information', done => { it('opens modal with more information', done => {
...@@ -242,11 +213,11 @@ describe('Grouped security reports app', () => { ...@@ -242,11 +213,11 @@ describe('Grouped security reports app', () => {
Vue.nextTick(() => { Vue.nextTick(() => {
expect(wrapper.vm.$el.querySelector('.modal-title').textContent.trim()).toEqual( expect(wrapper.vm.$el.querySelector('.modal-title').textContent.trim()).toEqual(
sastIssues[0].message, mockFindings[0].name,
); );
expect(wrapper.vm.$el.querySelector('.modal-body').textContent).toContain( expect(wrapper.vm.$el.querySelector('.modal-body').textContent).toContain(
sastIssues[0].solution, mockFindings[0].solution,
); );
done(); done();
...@@ -265,6 +236,7 @@ describe('Grouped security reports app', () => { ...@@ -265,6 +236,7 @@ describe('Grouped security reports app', () => {
}, 0); }, 0);
}); });
}); });
});
describe('with the pipelinePath prop', () => { describe('with the pipelinePath prop', () => {
const pipelinePath = '/path/to/the/pipeline'; const pipelinePath = '/path/to/the/pipeline';
...@@ -284,70 +256,19 @@ describe('Grouped security reports app', () => { ...@@ -284,70 +256,19 @@ describe('Grouped security reports app', () => {
}); });
}); });
describe('with the reports API enabled', () => {
describe('container scanning reports', () => { describe('container scanning reports', () => {
const sastContainerEndpoint = 'sast_container.json'; beforeEach(done => {
const props = {
headBlobPath: 'path',
baseBlobPath: 'path',
sastHelpPath: 'path',
sastContainerHelpPath: 'path',
dastHelpPath: 'path',
dependencyScanningHelpPath: 'path',
vulnerabilityFeedbackPath: 'vulnerability_feedback_path.json',
vulnerabilityFeedbackHelpPath: 'path',
pipelineId: 123,
canCreateIssue: true,
canCreateMergeRequest: true,
canDismissVulnerability: true,
};
const provide = {
glFeatures: {
containerScanningMergeRequestReportApi: true,
},
};
beforeEach(() => {
gl.mrWidgetData = gl.mrWidgetData || {}; gl.mrWidgetData = gl.mrWidgetData || {};
gl.mrWidgetData.container_scanning_comparison_path = sastContainerEndpoint; gl.mrWidgetData.container_scanning_comparison_path = CONTAINER_SCANNING_DIFF_ENDPOINT;
mock.onGet(sastContainerEndpoint).reply(200, {
added: [dockerReport.vulnerabilities[0], dockerReport.vulnerabilities[1]],
fixed: [dockerReport.vulnerabilities[2]],
});
mock.onGet('vulnerability_feedback_path.json').reply(200, []);
});
describe('with reports disabled', () => {
beforeEach(() => {
createWrapper(
{
...props,
enabledReports: {
containerScanning: false,
},
},
provide,
);
});
it('should not render the widget', () => { mock.onGet(CONTAINER_SCANNING_DIFF_ENDPOINT).reply(200, containerScanningDiffSuccessMock);
expect(wrapper.vm.$el.querySelector('.js-sast-container')).toBeNull();
});
});
describe('with reports enabled', () => { createWrapper({
beforeEach(done => {
createWrapper(
{
...props, ...props,
enabledReports: { enabledReports: {
containerScanning: true, containerScanning: true,
}, },
}, });
provide,
);
waitForMutation(wrapper.vm.$store, types.RECEIVE_SAST_CONTAINER_DIFF_SUCCESS) waitForMutation(wrapper.vm.$store, types.RECEIVE_SAST_CONTAINER_DIFF_SUCCESS)
.then(done) .then(done)
...@@ -355,7 +276,7 @@ describe('Grouped security reports app', () => { ...@@ -355,7 +276,7 @@ describe('Grouped security reports app', () => {
}); });
it('should set setSastContainerDiffEndpoint', () => { it('should set setSastContainerDiffEndpoint', () => {
expect(wrapper.vm.sastContainer.paths.diffEndpoint).toEqual(sastContainerEndpoint); expect(wrapper.vm.sastContainer.paths.diffEndpoint).toEqual(CONTAINER_SCANNING_DIFF_ENDPOINT);
}); });
it('should display the correct numbers of vulnerabilities', () => { it('should display the correct numbers of vulnerabilities', () => {
...@@ -364,71 +285,20 @@ describe('Grouped security reports app', () => { ...@@ -364,71 +285,20 @@ describe('Grouped security reports app', () => {
); );
}); });
}); });
});
describe('dependency scanning reports', () => { describe('dependency scanning reports', () => {
const dependencyScanningEndpoint = 'dependency_scanning.json'; beforeEach(done => {
const props = {
headBlobPath: 'path',
baseBlobPath: 'path',
sastHelpPath: 'path',
sastContainerHelpPath: 'path',
dastHelpPath: 'path',
dependencyScanningHelpPath: 'path',
vulnerabilityFeedbackPath: 'vulnerability_feedback_path.json',
vulnerabilityFeedbackHelpPath: 'path',
pipelineId: 123,
canCreateIssue: true,
canCreateMergeRequest: true,
canDismissVulnerability: true,
};
const provide = {
glFeatures: {
dependencyScanningMergeRequestReportApi: true,
},
};
beforeEach(() => {
gl.mrWidgetData = gl.mrWidgetData || {}; gl.mrWidgetData = gl.mrWidgetData || {};
gl.mrWidgetData.dependency_scanning_comparison_path = dependencyScanningEndpoint; gl.mrWidgetData.dependency_scanning_comparison_path = DEPENDENCY_SCANNING_DIFF_ENDPOINT;
mock.onGet(dependencyScanningEndpoint).reply(200, {
added: [dockerReport.vulnerabilities[0], dockerReport.vulnerabilities[1]],
fixed: [dockerReport.vulnerabilities[2]],
});
mock.onGet('vulnerability_feedback_path.json').reply(200, []);
});
describe('with reports disabled', () => {
beforeEach(() => {
createWrapper(
{
...props,
enabledReports: {
dependencyScanning: false,
},
},
provide,
);
});
it('should not render the widget', () => { mock.onGet(DEPENDENCY_SCANNING_DIFF_ENDPOINT).reply(200, dependencyScanningDiffSuccessMock);
expect(wrapper.vm.$el.querySelector('.js-dependency-scanning-widget')).toBeNull();
});
});
describe('with reports enabled', () => { createWrapper({
beforeEach(done => {
createWrapper(
{
...props, ...props,
enabledReports: { enabledReports: {
dependencyScanning: true, dependencyScanning: true,
}, },
}, });
provide,
);
waitForMutation(wrapper.vm.$store, types.RECEIVE_DEPENDENCY_SCANNING_DIFF_SUCCESS) waitForMutation(wrapper.vm.$store, types.RECEIVE_DEPENDENCY_SCANNING_DIFF_SUCCESS)
.then(done) .then(done)
...@@ -437,7 +307,7 @@ describe('Grouped security reports app', () => { ...@@ -437,7 +307,7 @@ describe('Grouped security reports app', () => {
it('should set setDependencyScanningDiffEndpoint', () => { it('should set setDependencyScanningDiffEndpoint', () => {
expect(wrapper.vm.dependencyScanning.paths.diffEndpoint).toEqual( expect(wrapper.vm.dependencyScanning.paths.diffEndpoint).toEqual(
dependencyScanningEndpoint, DEPENDENCY_SCANNING_DIFF_ENDPOINT,
); );
}); });
...@@ -447,72 +317,22 @@ describe('Grouped security reports app', () => { ...@@ -447,72 +317,22 @@ describe('Grouped security reports app', () => {
); );
}); });
}); });
});
describe('dast reports', () => { describe('dast reports', () => {
const dastEndpoint = 'dast.json'; beforeEach(done => {
const props = {
headBlobPath: 'path',
baseBlobPath: 'path',
sastHelpPath: 'path',
sastContainerHelpPath: 'path',
dastHelpPath: 'path',
dependencyScanningHelpPath: 'path',
vulnerabilityFeedbackPath: 'vulnerability_feedback_path.json',
vulnerabilityFeedbackHelpPath: 'path',
pipelineId: 123,
canCreateIssue: true,
canCreateMergeRequest: true,
canDismissVulnerability: true,
};
const provide = {
glFeatures: {
dastMergeRequestReportApi: true,
},
};
beforeEach(() => {
gl.mrWidgetData = gl.mrWidgetData || {}; gl.mrWidgetData = gl.mrWidgetData || {};
gl.mrWidgetData.dast_comparison_path = dastEndpoint; gl.mrWidgetData.dast_comparison_path = DAST_DIFF_ENDPOINT;
mock.onGet(dastEndpoint).reply(200, {
added: [dockerReport.vulnerabilities[0]],
fixed: [dockerReport.vulnerabilities[1], dockerReport.vulnerabilities[2]],
base_report_out_of_date: true,
});
mock.onGet('vulnerability_feedback_path.json').reply(200, []);
});
describe('with reports disabled', () => {
beforeEach(() => {
createWrapper(
{
...props,
enabledReports: {
dast: false,
},
},
provide,
);
});
it('should not render the widget', () => { mock
expect(wrapper.vm.$el.querySelector('.js-dast-widget')).toBeNull(); .onGet(DAST_DIFF_ENDPOINT)
}); .reply(200, { ...dastDiffSuccessMock, base_report_out_of_date: true });
});
describe('with reports enabled', () => { createWrapper({
beforeEach(done => {
createWrapper(
{
...props, ...props,
enabledReports: { enabledReports: {
dast: true, dast: true,
}, },
}, });
provide,
);
waitForMutation(wrapper.vm.$store, types.RECEIVE_DAST_DIFF_SUCCESS) waitForMutation(wrapper.vm.$store, types.RECEIVE_DAST_DIFF_SUCCESS)
.then(done) .then(done)
...@@ -520,7 +340,7 @@ describe('Grouped security reports app', () => { ...@@ -520,7 +340,7 @@ describe('Grouped security reports app', () => {
}); });
it('should set setDastDiffEndpoint', () => { it('should set setDastDiffEndpoint', () => {
expect(wrapper.vm.dast.paths.diffEndpoint).toEqual(dastEndpoint); expect(wrapper.vm.dast.paths.diffEndpoint).toEqual(DAST_DIFF_ENDPOINT);
}); });
it('should display the correct numbers of vulnerabilities', () => { it('should display the correct numbers of vulnerabilities', () => {
...@@ -535,75 +355,24 @@ describe('Grouped security reports app', () => { ...@@ -535,75 +355,24 @@ describe('Grouped security reports app', () => {
); );
}); });
}); });
});
describe('sast reports', () => { describe('sast reports', () => {
const sastEndpoint = 'sast.json'; beforeEach(done => {
const props = {
headBlobPath: 'path',
baseBlobPath: 'path',
sastHelpPath: 'path',
sastContainerHelpPath: 'path',
dastHelpPath: 'path',
dependencyScanningHelpPath: 'path',
vulnerabilityFeedbackPath: 'vulnerability_feedback_path.json',
vulnerabilityFeedbackHelpPath: 'path',
pipelineId: 123,
canCreateIssue: true,
canCreateMergeRequest: true,
canDismissVulnerability: true,
targetBranch: 'master',
};
const provide = {
glFeatures: {
sastMergeRequestReportApi: true,
},
};
beforeEach(() => {
gl.mrWidgetData = gl.mrWidgetData || {}; gl.mrWidgetData = gl.mrWidgetData || {};
gl.mrWidgetData.sast_comparison_path = sastEndpoint; gl.mrWidgetData.sast_comparison_path = SAST_DIFF_ENDPOINT;
gl.mrWidgetData.diverged_commits_count = 100; gl.mrWidgetData.diverged_commits_count = 100;
mock.onGet(sastEndpoint).reply(200, { mock
added: [dockerReport.vulnerabilities[0]], .onGet(SAST_DIFF_ENDPOINT)
fixed: [dockerReport.vulnerabilities[1], dockerReport.vulnerabilities[2]], .reply(200, { ...sastDiffSuccessMock, base_report_out_of_date: true });
existing: [dockerReport.vulnerabilities[2]],
base_report_out_of_date: true,
});
mock.onGet('vulnerability_feedback_path.json').reply(200, []);
});
describe('with reports disabled', () => {
beforeEach(() => {
createWrapper(
{
...props,
enabledReports: {
sast: false,
},
},
provide,
);
});
it('should not render the widget', () => {
expect(wrapper.vm.$el.querySelector('.js-sast-widget')).toBeNull();
});
});
describe('with reports enabled', () => { createWrapper({
beforeEach(done => {
createWrapper(
{
...props, ...props,
targetBranch: 'master',
enabledReports: { enabledReports: {
sast: true, sast: true,
}, },
}, });
provide,
);
waitForMutation(wrapper.vm.$store, `sast/${sastTypes.RECEIVE_DIFF_SUCCESS}`) waitForMutation(wrapper.vm.$store, `sast/${sastTypes.RECEIVE_DIFF_SUCCESS}`)
.then(done) .then(done)
...@@ -611,7 +380,7 @@ describe('Grouped security reports app', () => { ...@@ -611,7 +380,7 @@ describe('Grouped security reports app', () => {
}); });
it('should set setSastDiffEndpoint', () => { it('should set setSastDiffEndpoint', () => {
expect(wrapper.vm.sast.paths.diffEndpoint).toEqual(sastEndpoint); expect(wrapper.vm.sast.paths.diffEndpoint).toEqual(SAST_DIFF_ENDPOINT);
}); });
it('should display the correct numbers of vulnerabilities', () => { it('should display the correct numbers of vulnerabilities', () => {
...@@ -626,6 +395,4 @@ describe('Grouped security reports app', () => { ...@@ -626,6 +395,4 @@ describe('Grouped security reports app', () => {
); );
}); });
}); });
});
});
}); });
...@@ -4,37 +4,22 @@ import * as mockData from '../../../frontend/vue_shared/security_reports/mock_da ...@@ -4,37 +4,22 @@ import * as mockData from '../../../frontend/vue_shared/security_reports/mock_da
// https://gitlab.com/gitlab-org/gitlab/merge_requests/10466#note_156218753 // https://gitlab.com/gitlab-org/gitlab/merge_requests/10466#note_156218753
export const { export const {
allIssuesParsed,
baseIssues,
containerScanningFeedbacks, containerScanningFeedbacks,
dast, dast,
dastBase, dastBase,
dastFeedbacks, dastFeedbacks,
dependencyScanningFeedbacks, dependencyScanningFeedbacks,
dependencyScanningIssues,
dependencyScanningIssuesBase,
dependencyScanningIssuesMajor2,
dependencyScanningIssuesOld,
dockerBaseReport, dockerBaseReport,
dockerNewIssues,
dockerOnlyHeadParsed,
dockerReport, dockerReport,
dockerReportParsed, dockerReportParsed,
oldSastIssues,
parsedDast, parsedDast,
parsedDastNewIssues,
parsedDependencyScanningBaseStore,
parsedDependencyScanningIssuesHead,
parsedDependencyScanningIssuesStore,
parsedSastBaseStore,
parsedSastContainerBaseStore,
parsedSastIssuesHead,
parsedSastIssuesStore,
sastBaseAllIssues,
sastFeedbacks, sastFeedbacks,
sastHeadAllIssues,
sastIssues, sastIssues,
sastIssuesBase, sastIssuesBase,
sastIssuesMajor2,
sastParsedIssues, sastParsedIssues,
mockFindings,
sastDiffSuccessMock,
dastDiffSuccessMock,
containerScanningDiffSuccessMock,
dependencyScanningDiffSuccessMock,
} = mockData; } = mockData;
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment