analyzers/gosec Vulnerability Report fails to load - null for non-nullable field VulnerabilityIssueLink.issue
Summary
There is no exception log on Sentry because this is a GraphQL schema expectation error and the GraphQL does not raise exception for the schema errors.
[{message: "Cannot return null for non-nullable field VulnerabilityIssueLink.issue"}]
The issue
of an issue_link
is nil, so we have a data integrity problem here. Unclear how widespread this is
Steps to reproduce
- Visit https://gitlab.com/gitlab-org/security-products/analyzers/gosec/-/security/vulnerability_report
- Note error loading vulns
Example Project
https://gitlab.com/gitlab-org/security-products/analyzers/gosec/-/security/vulnerability_report
What is the current bug behavior?
Vulns do not display
What is the expected correct behavior?
Vulns should display
Relevant logs and/or screenshots
Output of checks
This bug happens on GitLab.com
Possible fixes
From @minac:
The easiest solution would be to add
INNER JOIN
to theissues
table while loading theissue_links
relation of vulnerabilities. But we should try to find why this happened
Edited by Matt Wilson