Skip to content

GitLab Next

Why GitLab
Pricing
Contact Sales
Explore

Sign in
Get free trial

WIP: Resolve "Handle multiple sites in DAST reports"

Review changes
Download
Patches
Plain diff

Pulkit Sharma requested to merge 11930-handle-multiple-entries-dast-report into master Sep 26, 2019

Overview 2
Commits 2
Pipelines 1
Changes 10

What does this MR do?

The main goal of this MR is to handle multiple entries present in the DAST report (Refer #11930 (closed))

Additional changes:

Update DAST report fixture to the latest format (#13034 (closed))
During deduplication of occurrences, now also ignoring WASC identifiers, since they also represent a class (similar to CWE), so cannot be used for deduplication (As multiple occurrences can have the same identifier). Some vulnerabilities were getting deduplicated because of us not ignoring WASC.

Pending changes:

Add fixture which has multiple entries in the report
Add specs to handle legacy report
Add specs to check logging/some error scenarios
Verify UI

Does this MR meet the acceptance criteria?

Conformity

Changelog entry
Documentation created/updated or follow-up review issue created
Code review guidelines
Merge request performance guidelines
Style guides
Database guides
Separation of EE specific content

Closes #11930 (closed)

Merge request reports

Assignee Loading

Reviewers Loading

Request review from

Loading

Time tracking Loading

Loading