Disallow negative integers for vulnerabilities_allowed (!119595) · Merge requests · GitLab.org / GitLab

Martin Čavoj requested to merge 396992-be-improve-number-of-vulnerabilities-filtering into master May 04, 2023

What does this MR do and why?

This MR is a follow-up of !118919 (comment 1377802248) and updates the security orchestration schema to not allow negative integers for vulnerabilities_allowed.

Screenshots or screen recordings

How to set up and validate locally

Navigate to a project/group => Security & Compliance => Policies => New policy => Scan result policy
Add a security scan
Switch to .yaml editor and change vulnerabilities_allowed to -1 (or any other negative numbers)
Observe the warning in the .yaml editor
Click on "Configure with a merge request"
Observe an error "Invalid policy YAML"

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

I have evaluated the MR acceptance checklist for this MR.

Related to #396992 (closed)

Disallow negative integers for vulnerabilities_allowed

What does this MR do and why?

Screenshots or screen recordings

How to set up and validate locally

MR acceptance checklist

Merge request reports