Skip to content

Adjust VulnerabilitiesFinderResolver to accept only dismissal reason

Michał Zając requested to merge 421568-bug-list-doesn-t-match-the-filter into master

What does this MR do and why?

Adjust VulnerabilitiesFinderResolver to accept only dismissal reason

Related to #421568 (closed)

How to set up and validate locally

  1. echo "Feature.enable(:expose_dismissal_reason)" | rails c
  2. Go to flightjs/Flight project. Dismiss some Vulnerabilities with Mitigating control and False positive
  3. Go to /-/graphql-explorer and execute the query 1, it should return ALL vulnerabilities
  4. git switch 421568-bug-list-doesn-t-match-the-filter
  5. Go to /-/graphql-explorer and re-execute the query, it should return only relevant Vulnerabilities
GraphQL query 
query projectVulnerabilities($fullPath: ID!, $state: [VulnerabilityState!], $dismissalReason: [VulnerabilityDismissalReason!]) {
  project(fullPath: $fullPath) {
    id
    vulnerabilities(state: $state, dismissalReason: $dismissalReason) {
      edges {
        node {
          id
          state
          dismissalReason
        }
      }
    }
  }
}
{
  "fullPath": "flightjs/Flight",
  "state": [
    "CONFIRMED"
  ],
  "dismissalReason": [
    "MITIGATING_CONTROL",
    "FALSE_POSITIVE"
  ]
}

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

Merge request reports