Skip to content

Introduce security report diffs

Olivier Gonzalez requested to merge 7586-introduce_reports_diff into master

What does this MR do?

Introduce security report diffs.

  • Allow to compare two reports to get the list of added, existing, and fixed vulnerabilities.
  • Provides a Security::CompareReportsBaseService that relies on primary identifier and location fingeprints to compare vulnerabilities.
  • Provides a Security::CompareReportsSastService that leverages the git diff to improve matching for SAST reports.

This is a preliminary step (#3) for upcoming changes regarding https://gitlab.com/gitlab-org/gitlab-ee/issues/7586

List of MRs:

  1. Use POROs for security report vulnerabilities: https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/10417
  2. Add locations POROs for vulnerabilities: https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/10508
  3. Introduce security report diffs: https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/10559

What are the relevant issue numbers?

#7586 (closed)

Does this MR meet the acceptance criteria?

Edited by Olivier Gonzalez

Merge request reports

Loading