Frontend: Remove confidence from security reports

f864615f · Dheeraj Joshi · Kushal Pandya · b29ddc70 · f864615f · f864615f
Commit f864615f authored Feb 10, 2020 by Dheeraj Joshi Committed by Kushal Pandya Feb 10, 2020
25 changed files
--- a/ee/app/assets/javascripts/security_dashboard/components/security_dashboard_table.vue
+++ b/ee/app/assets/javascripts/security_dashboard/components/security_dashboard_table.vue
@@ -49,9 +49,6 @@ export default {
      role="row"
    >
      <div class="table-section section-10" role="rowheader">{{ s__('Reports|Severity') }}</div>
-      <div class="table-section section-10 ml-md-2" role="rowheader">
-        {{ s__('Reports|Confidence') }}
-      </div>
      <div class="table-section flex-grow-1" role="rowheader">
        {{ s__('Reports|Vulnerability') }}
      </div>

--- a/ee/app/assets/javascripts/security_dashboard/components/security_dashboard_table_row.vue
+++ b/ee/app/assets/javascripts/security_dashboard/components/security_dashboard_table_row.vue
@@ -30,9 +30,6 @@ export default {
    },
  },
  computed: {
-    confidence() {
-      return this.vulnerability.confidence || '–';
-    },
    severity() {
      return this.vulnerability.severity || ' ';
    },
@@ -74,11 +71,6 @@ export default {
      <div class="table-mobile-content"><severity-badge :severity="severity" /></div>
    </div>

-    <div class="table-section section-10 ml-md-2">
-      <div class="table-mobile-header" role="rowheader">{{ s__('Reports|Confidence') }}</div>
-      <div class="table-mobile-content text-capitalize">{{ confidence }}</div>
-    </div>
-
    <div class="table-section flex-grow-1">
      <div class="table-mobile-header" role="rowheader">{{ s__('Reports|Vulnerability') }}</div>
      <div

--- a/ee/app/assets/javascripts/security_dashboard/store/constants.js
+++ b/ee/app/assets/javascripts/security_dashboard/store/constants.js
@@ -11,17 +11,6 @@ export const SEVERITY_LEVELS = {
  none: s__('severity|None'),
 };

-export const CONFIDENCE_LEVELS = {
-  confirmed: s__('confidence|Confirmed'),
-  high: s__('confidence|High'),
-  medium: s__('confidence|Medium'),
-  low: s__('confidence|Low'),
-  unknown: s__('confidence|Unknown'),
-  ignore: s__('confidence|Ignore'),
-  experimental: s__('confidence|Experimental'),
-  undefined: s__('confidence|Undefined'),
-};
-
 export const REPORT_TYPES = {
  container_scanning: s__('ciReport|Container Scanning'),
  dast: s__('ciReport|DAST'),

--- a/ee/app/assets/javascripts/security_dashboard/store/modules/filters/constants.js
+++ b/ee/app/assets/javascripts/security_dashboard/store/modules/filters/constants.js
@@ -10,17 +10,6 @@ export const SEVERITY_LEVELS = {
  undefined: s__('severity|Undefined'),
 };

-export const CONFIDENCE_LEVELS = {
-  confirmed: s__('confidence|Confirmed'),
-  high: s__('confidence|High'),
-  medium: s__('confidence|Medium'),
-  low: s__('confidence|Low'),
-  unknown: s__('confidence|Unknown'),
-  ignore: s__('confidence|Ignore'),
-  experimental: s__('confidence|Experimental'),
-  undefined: s__('confidence|Undefined'),
-};
-
 export const REPORT_TYPES = {
  container_scanning: s__('ciReport|Container Scanning'),
  dast: s__('ciReport|DAST'),
@@ -34,10 +23,6 @@ export const BASE_FILTERS = {
    name: s__('ciReport|All severities'),
    id: ALL,
  },
-  confidence: {
-    name: s__('ciReport|All confidence levels'),
-    id: ALL,
-  },
  report_type: {
    name: s__('ciReport|All report types'),
    id: ALL,

--- a/ee/app/assets/javascripts/security_dashboard/store/modules/filters/state.js
+++ b/ee/app/assets/javascripts/security_dashboard/store/modules/filters/state.js
-import { SEVERITY_LEVELS, CONFIDENCE_LEVELS, REPORT_TYPES, BASE_FILTERS } from './constants';
+import { SEVERITY_LEVELS, REPORT_TYPES, BASE_FILTERS } from './constants';
 import { s__ } from '~/locale';

 const optionsObjectToArray = obj => Object.entries(obj).map(([id, name]) => ({ id, name }));
@@ -12,13 +12,6 @@ export default () => ({
      hidden: false,
      selection: new Set([BASE_FILTERS.severity.id]),
    },
-    {
-      name: s__('SecurityDashboard|Confidence'),
-      id: 'confidence',
-      options: [BASE_FILTERS.confidence, ...optionsObjectToArray(CONFIDENCE_LEVELS)],
-      hidden: false,
-      selection: new Set([BASE_FILTERS.confidence.id]),
-    },
    {
      name: s__('SecurityDashboard|Report type'),
      id: 'report_type',

--- a/ee/app/assets/javascripts/security_dashboard/store/modules/vulnerabilities/mutations.js
+++ b/ee/app/assets/javascripts/security_dashboard/store/modules/vulnerabilities/mutations.js
@@ -121,7 +121,6 @@ export default {

    Vue.set(state.modal.data.severity, 'value', vulnerability.severity);
    Vue.set(state.modal.data.reportType, 'value', vulnerability.report_type);
-    Vue.set(state.modal.data.confidence, 'value', vulnerability.confidence);
    Vue.set(state.modal, 'vulnerability', vulnerability);
    Vue.set(
      state.modal.vulnerability,

--- a/ee/app/assets/javascripts/security_dashboard/store/modules/vulnerabilities/state.js
+++ b/ee/app/assets/javascripts/security_dashboard/store/modules/vulnerabilities/state.js
@@ -29,7 +29,6 @@ export default () => ({
      file: { text: s__('Vulnerability|File') },
      identifiers: { text: s__('Vulnerability|Identifiers') },
      severity: { text: s__('Vulnerability|Severity') },
-      confidence: { text: s__('Vulnerability|Confidence') },
      reportType: { text: s__('Vulnerability|Report Type') },
      className: { text: s__('Vulnerability|Class') },
      image: { text: s__('Vulnerability|Image') },

--- a/ee/app/assets/javascripts/vue_shared/security_reports/components/dast_issue_body.vue
+++ b/ee/app/assets/javascripts/vue_shared/security_reports/components/dast_issue_body.vue
 <script>
 /**
 * Renders DAST body text
- * [severity] ([confidence]): [name]
+ * [severity]: [name]
 */

 import ModalOpenName from '~/reports/components/modal_open_name.vue';
@@ -27,7 +27,7 @@ export default {
 <template>
  <div class="report-block-list-issue-description prepend-top-5 append-bottom-5">
    <div class="report-block-list-issue-description-text">
-      {{ issue.severity }} ({{ issue.confidence }}):
+      {{ issue.severity }}:

      <modal-open-name :issue="issue" :status="status" class="js-modal-dast" />
    </div>

--- a/ee/app/assets/javascripts/vue_shared/security_reports/components/sast_issue_body.vue
+++ b/ee/app/assets/javascripts/vue_shared/security_reports/components/sast_issue_body.vue
 <script>
 /**
 * Renders SAST body text
- * [severity] ([confidence]): [name] in [link] : [line]
+ * [severity]: [name] in [link] : [line]
 */
 import ReportLink from '~/reports/components/report_link.vue';
 import ModalOpenName from '~/reports/components/modal_open_name.vue';
@@ -29,17 +29,10 @@ export default {

  computed: {
    title() {
-      const { severity, confidence, priority } = this.issue;
-
+      const { severity, priority } = this.issue;
      if (severity) {
-        if (confidence) {
-          return `${humanize(severity)} (${humanize(confidence)})`;
-        }
        return humanize(severity);
-      } else if (confidence) {
-        return `(${humanize(confidence)})`;
      }
-
      return priority;
    },
  },

--- a/ee/app/assets/javascripts/vue_shared/security_reports/components/vulnerability_details.vue
+++ b/ee/app/assets/javascripts/vue_shared/security_reports/components/vulnerability_details.vue
@@ -119,11 +119,7 @@ export default {
            >
              <gl-friendly-wrap :text="field.value" />
            </safe-link>
-            <gl-friendly-wrap
-              v-else
-              :text="field.value"
-              :class="{ 'text-capitalize': key === 'confidence' }"
-            />
+            <gl-friendly-wrap v-else :text="field.value" />
          </template>
        </template>
      </div>

--- a/ee/app/assets/javascripts/vue_shared/security_reports/store/mutations.js
+++ b/ee/app/assets/javascripts/vue_shared/security_reports/store/mutations.js
@@ -155,7 +155,6 @@ export default {
    }

    Vue.set(state.modal.data.severity, 'value', issue.severity);
-    Vue.set(state.modal.data.confidence, 'value', issue.confidence);

    if (issue.links && issue.links.length > 0) {
      Vue.set(state.modal.data.links, 'value', issue.links);

--- a/ee/app/assets/javascripts/vue_shared/security_reports/store/state.js
+++ b/ee/app/assets/javascripts/vue_shared/security_reports/store/state.js
@@ -96,11 +96,6 @@ export default () => ({
        text: s__('ciReport|Severity'),
        isLink: false,
      },
-      confidence: {
-        value: null,
-        text: s__('ciReport|Confidence'),
-        isLink: false,
-      },
      className: {
        value: null,
        text: s__('ciReport|Class'),

--- a/ee/changelogs/unreleased/remove-confidence-labels.yml
+++ b/ee/changelogs/unreleased/remove-confidence-labels.yml
+---
+title: Remove confidence labels from security report
+merge_request: 24033
+author:
+type: removed
--- a/ee/spec/frontend/vue_shared/security_reports/components/__snapshots__/dast_issue_body_spec.js.snap
+++ b/ee/spec/frontend/vue_shared/security_reports/components/__snapshots__/dast_issue_body_spec.js.snap
@@ -8,7 +8,7 @@ exports[`Dast Issue Body matches the snaphot 1`] = `
    class="report-block-list-issue-description-text"
  >
    
-    Low (Medium):
+    Low:

    
    <modal-open-name-stub

--- a/ee/spec/frontend/vue_shared/security_reports/components/__snapshots__/sast_issue_body_spec.js.snap
+++ b/ee/spec/frontend/vue_shared/security_reports/components/__snapshots__/sast_issue_body_spec.js.snap
@@ -8,7 +8,7 @@ exports[`Sast Issue Body matches snapshot 1`] = `
    class="report-block-list-issue-description-text"
  >
    
-    Medium (Low):
+    Medium:
    
    <modal-open-name-stub
      issue="[object Object]"

--- a/ee/spec/frontend/vue_shared/security_reports/components/dast_issue_body_spec.js
+++ b/ee/spec/frontend/vue_shared/security_reports/components/dast_issue_body_spec.js
@@ -10,7 +10,6 @@ describe('Dast Issue Body', () => {
        issue: {
          alert: 'X-Content-Type-Options Header Missing',
          severity: 'Low',
-          confidence: 'Medium',
          count: '17',
          cweid: '16',
          desc:

--- a/ee/spec/frontend/vue_shared/security_reports/components/sast_issue_body_spec.js
+++ b/ee/spec/frontend/vue_shared/security_reports/components/sast_issue_body_spec.js
@@ -26,14 +26,13 @@ describe('Sast Issue Body', () => {
  it('matches snapshot', () => {
    createComponent({
      severity: 'medium',
-      confidence: 'low',
      priority: 'high',
    });

    expect(wrapper.element).toMatchSnapshot();
  });

-  it('renders priority if no security and confidence are passed', () => {
+  it('renders priority if no security are passed', () => {
    createComponent({
      priority: 'high',
    });
@@ -41,15 +40,7 @@ describe('Sast Issue Body', () => {
    expect(findDescriptionText().text()).toBe('high:');
  });

-  it('renders confidence if no severity is passed', () => {
-    createComponent({
-      confidence: 'low',
-    });
-
-    expect(findDescriptionText().text()).toBe('(Low):');
-  });
-
-  it('renders severity if no confidence is passed', () => {
+  it('renders severity', () => {
    createComponent({
      severity: 'medium',
    });
@@ -57,15 +48,6 @@ describe('Sast Issue Body', () => {
    expect(findDescriptionText().text()).toBe('Medium:');
  });

-  it('renders severity and confidence if both are passed', () => {
-    createComponent({
-      severity: 'medium',
-      confidence: 'low',
-    });
-
-    expect(findDescriptionText().text()).toBe('Medium (Low):');
-  });
-
  it('does not render report link if no path is passed', () => {
    createComponent({});


--- a/ee/spec/frontend/vue_shared/security_reports/mock_data.js
+++ b/ee/spec/frontend/vue_shared/security_reports/mock_data.js
@@ -118,7 +118,6 @@ export const parsedDast = [
    riskcode: '1',
    riskdesc: 'Low (Medium)',
    severity: 'Low',
-    confidence: 'Medium',
    cweid: '3',
    desc: '<p>No Anti-CSRF tokens were found in a HTML submission form.</p>',
    pluginid: '123',
@@ -161,7 +160,6 @@ export const parsedDast = [
      },
    ],
    severity: 'Low',
-    confidence: 'Medium',
    cweid: '4',
    desc: '<p>The Anti-MIME-Sniffing header X-Content-Type-Options was not set to "nosniff".</p>',
    pluginid: '3456',
@@ -258,7 +256,6 @@ export const mockFindings = [
    report_type: 'dependency_scanning',
    name: 'Cross-site Scripting in serialize-javascript',
    severity: 'unknown',
-    confidence: 'undefined',
    scanner: { external_id: 'gemnasium', name: 'Gemnasium' },
    identifiers: [
      {
@@ -306,7 +303,6 @@ export const mockFindings = [
    report_type: 'dependency_scanning',
    name: '3rd party CORS request may execute in jquery',
    severity: 'medium',
-    confidence: 'undefined',
    scanner: { external_id: 'retire.js', name: 'Retire.js' },
    identifiers: [
      {
@@ -390,7 +386,6 @@ export const mockFindings = [
    name:
      'jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution in jquery',
    severity: 'low',
-    confidence: 'undefined',
    scanner: { external_id: 'retire.js', name: 'Retire.js' },
    identifiers: [
      {
@@ -473,7 +468,6 @@ export const mockFindings = [
    name:
      'jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution in jquery',
    severity: 'low',
-    confidence: 'undefined',
    scanner: { external_id: 'retire.js', name: 'Retire.js' },
    identifiers: [
      {

--- a/ee/spec/frontend/vue_shared/security_reports/store/mutations_spec.js
+++ b/ee/spec/frontend/vue_shared/security_reports/store/mutations_spec.js
@@ -125,10 +125,6 @@ describe('security reports mutations', () => {
      expect(stateCopy.modal.data.severity.text).toEqual('Severity');
      expect(stateCopy.modal.data.severity.isLink).toEqual(false);

-      expect(stateCopy.modal.data.confidence.value).toEqual(null);
-      expect(stateCopy.modal.data.confidence.text).toEqual('Confidence');
-      expect(stateCopy.modal.data.confidence.isLink).toEqual(false);
-
      expect(stateCopy.modal.data.links.value).toEqual([]);
      expect(stateCopy.modal.data.links.text).toEqual('Links');
      expect(stateCopy.modal.data.links.isLink).toEqual(false);
@@ -207,7 +203,6 @@ describe('security reports mutations', () => {
      expect(stateCopy.modal.data.image.value).toEqual(issue.location.image);
      expect(stateCopy.modal.data.identifiers.value).toEqual(issue.identifiers);
      expect(stateCopy.modal.data.severity.value).toEqual(issue.severity);
-      expect(stateCopy.modal.data.confidence.value).toEqual(issue.confidence);
      expect(stateCopy.modal.data.links.value).toEqual(issue.links);
      expect(stateCopy.modal.data.instances.value).toEqual(issue.instances);
      expect(stateCopy.modal.data.url.value).toEqual(

--- a/ee/spec/javascripts/security_dashboard/components/filters_spec.js
+++ b/ee/spec/javascripts/security_dashboard/components/filters_spec.js
@@ -18,7 +18,7 @@ describe('Filter component', () => {
    });

    it('should display all filters', () => {
-      expect(vm.$el.querySelectorAll('.js-filter').length).toEqual(4);
+      expect(vm.$el.querySelectorAll('.js-filter').length).toEqual(3);
    });

    it('should display "Hide dismissed vulnerabilities" toggle', () => {

--- a/ee/spec/javascripts/security_dashboard/components/security_dashboard_table_row_spec.js
+++ b/ee/spec/javascripts/security_dashboard/components/security_dashboard_table_row_spec.js
@@ -30,11 +30,6 @@ describe('Security Dashboard Table Row', () => {
      expect(vm.$el.querySelectorAll('.table-mobile-content')[0].textContent).toContain(' ');
    });

-    it('should render a `–` for confidence', () => {
-      expect(vm.confidence).toEqual('–');
-      expect(vm.$el.querySelectorAll('.table-mobile-content')[1].textContent).toContain('–');
-    });
-
    it('should not render action buttons', () => {
      expect(vm.$el.querySelectorAll('.action-buttons button').length).toBe(0);
    });
@@ -62,21 +57,15 @@ describe('Security Dashboard Table Row', () => {
      ).toContain(props.vulnerability.severity);
    });

-    it('should render the confidence', () => {
-      expect(
-        vm.$el.querySelectorAll('.table-mobile-content')[1].textContent.toLowerCase(),
-      ).toContain(props.vulnerability.confidence);
-    });
-
    describe('the project name', () => {
      it('should render the name', () => {
-        expect(vm.$el.querySelectorAll('.table-mobile-content')[2].textContent).toContain(
+        expect(vm.$el.querySelectorAll('.table-mobile-content')[1].textContent).toContain(
          props.vulnerability.name,
        );
      });

      it('should render the project namespace', () => {
-        expect(vm.$el.querySelectorAll('.table-mobile-content')[2].textContent).toContain(
+        expect(vm.$el.querySelectorAll('.table-mobile-content')[1].textContent).toContain(
          props.vulnerability.location.file,
        );
      });
@@ -106,7 +95,7 @@ describe('Security Dashboard Table Row', () => {
      });

      it('should contain project name as the namespace', () => {
-        expect(vm.$el.querySelectorAll('.table-mobile-content')[2].textContent).toContain(
+        expect(vm.$el.querySelectorAll('.table-mobile-content')[1].textContent).toContain(
          props.vulnerability.project.full_name,
        );
      });
@@ -126,7 +115,7 @@ describe('Security Dashboard Table Row', () => {
      });

      it('should contain container image as the namespace', () => {
-        expect(vm.$el.querySelectorAll('.table-mobile-content')[2].textContent).toContain(
+        expect(vm.$el.querySelectorAll('.table-mobile-content')[1].textContent).toContain(
          props.vulnerability.location.image,
        );
      });

--- a/ee/spec/javascripts/security_dashboard/store/vulnerabilities/mutations_spec.js
+++ b/ee/spec/javascripts/security_dashboard/store/vulnerabilities/mutations_spec.js
@@ -256,10 +256,6 @@ describe('vulnerabilities module mutations', () => {
        expect(state.modal.data.severity.value).toEqual(vulnerability.severity);
      });

-      it('should set the modal confidence', () => {
-        expect(state.modal.data.confidence.value).toEqual(vulnerability.confidence);
-      });
-
      it('should set the modal class', () => {
        expect(state.modal.data.className.value).toEqual(vulnerability.location.class);
      });

--- a/ee/spec/javascripts/vue_shared/components/reports/report_issues_spec.js
+++ b/ee/spec/javascripts/vue_shared/components/reports/report_issues_spec.js
@@ -118,11 +118,9 @@ describe('Report issues', () => {
      });
    });

-    it('renders severity (confidence) and title', () => {
+    it('renders severity and title', () => {
      expect(vm.$el.textContent).toContain(parsedDast[0].title);
-      expect(vm.$el.textContent).toContain(
-        `${parsedDast[0].severity} (${parsedDast[0].confidence})`,
-      );
+      expect(vm.$el.textContent).toContain(`${parsedDast[0].severity}`);
    });
  });
 });
--- a/ee/spec/javascripts/vue_shared/components/reports/report_item_spec.js
+++ b/ee/spec/javascripts/vue_shared/components/reports/report_item_spec.js
@@ -118,11 +118,9 @@ describe('Report issue', () => {
      });
    });

-    it('renders severity (confidence) and title', () => {
+    it('renders severity and title', () => {
      expect(vm.$el.textContent).toContain(parsedDast[0].title);
-      expect(vm.$el.textContent).toContain(
-        `${parsedDast[0].severity} (${parsedDast[0].confidence})`,
-      );
+      expect(vm.$el.textContent).toContain(`${parsedDast[0].severity}`);
    });
  });


--- a/locale/gitlab.pot
+++ b/locale/gitlab.pot
@@ -15811,9 +15811,6 @@ msgstr ""
 msgid "Reports|Classname"
 msgstr ""

-msgid "Reports|Confidence"
-msgstr ""
-
 msgid "Reports|Execution time"
 msgstr ""

@@ -16673,9 +16670,6 @@ msgstr ""
 msgid "SecurityDashboard|Add projects"
 msgstr ""

-msgid "SecurityDashboard|Confidence"
-msgstr ""
-
 msgid "SecurityDashboard|Edit dashboard"
 msgstr ""

@@ -21113,9 +21107,6 @@ msgstr ""
 msgid "Vulnerability|Class"
 msgstr ""

-msgid "Vulnerability|Confidence"
-msgstr ""
-
 msgid "Vulnerability|Description"
 msgstr ""

@@ -22189,9 +22180,6 @@ msgstr ""
 msgid "ciReport|(is loading, errors when loading results)"
 msgstr ""

-msgid "ciReport|All confidence levels"
-msgstr ""
-
 msgid "ciReport|All projects"
 msgstr ""

@@ -22213,9 +22201,6 @@ msgstr ""
 msgid "ciReport|Code quality"
 msgstr ""

-msgid "ciReport|Confidence"
-msgstr ""
-
 msgid "ciReport|Container Scanning"
 msgstr ""

@@ -22353,30 +22338,6 @@ msgstr ""
 msgid "commit %{commit_id}"
 msgstr ""

-msgid "confidence|Confirmed"
-msgstr ""
-
-msgid "confidence|Experimental"
-msgstr ""
-
-msgid "confidence|High"
-msgstr ""
-
-msgid "confidence|Ignore"
-msgstr ""
-
-msgid "confidence|Low"
-msgstr ""
-
-msgid "confidence|Medium"
-msgstr ""
-
-msgid "confidence|Undefined"
-msgstr ""
-
-msgid "confidence|Unknown"
-msgstr ""
-
 msgid "confidentiality|You are going to turn off the confidentiality. This means <strong>everyone</strong> will be able to see and leave a comment on this issue."
 msgstr ""