Add false positive alert to finding modal (!106482) · Merge requests · GitLab.org / GitLab

Daniel Tian requested to merge 382204-add-false-positive-alert-to-finding-modal into master Dec 08, 2022

What does this MR do and why?

This MR adds the false positive alert to the finding modal:

Describe in detail what your merge request does and why.

How to set up and validate locally

Clone the security-reports project, it has been updated with a vulnerability that's a false positive: https://gitlab.com/gitlab-examples/security/security-reports
Run a pipeline, then go to the pipeline details and click on the security tab.
Filter by Secret Detection results. Find the finding with the name "Twitch API token detected; please remove and revoke it if this is a leak.".
Click on it to show the modal. You should see the "false positive detected" card at the top.

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

I have evaluated the MR acceptance checklist for this MR.

Related to #382204 (closed)

Edited Dec 21, 2022 by Daniel Tian

Add false positive alert to finding modal

What does this MR do and why?

How to set up and validate locally

MR acceptance checklist

Merge request reports