Security tab on the pipeline does not hyperlink to file/line detected by SAST
Summary
We can see the security issues found by SAST in the "Security" tab on the pipeline page.
However, on this page, the file and line that the vulnerability reported is not hyperlinked.
Steps to reproduce
- Create a project
- Set up SAST
- Go to the CI/CD > Pipelines > (Specific Pipeline) > Security
- Click any vulnerability
Note: This issue only happned in the pipeline page. In the vulnerability report page (Compliance > Vulnerability report > (Specific Report)
), the file and line is hyperlinked.
Example Project
https://gitlab.com/gitlab-gold/kkamiya-test/sast-test/-/pipelines/906450747/security
What is the current bug behavior?
File:
is not hyperlinked.
What is the expected correct behavior?
File:
should be hyperlinked.
Relevant logs and/or screenshots
-
CI/CD > Pipelines > (Specific Pipeline) > Security
(issue exists) -
Compliance > Vulnerability report > (Specific Report)
(issue does not exist)
Output of checks
This bug happens on GitLab.com
Results of GitLab environment info
This bug happens on GitLab.com
Results of GitLab application Check
This bug happens on GitLab.com
Possible fixes
Feasibility of fix/implement is discussing at this Slack thread: https://gitlab.slack.com/archives/CV09DAXEW/p1687411799517909