Skip to content

Add recursive list component to generic reports section on vulnerability details page

What does this MR do?

It adds support for rendering recursive lists to generic vulnerability reports. It also makes sure that we only render nested list-items, which are supported and limit the recursive rendering to a maximum of 4 levels. (This is just an arbitrary number and we can change this if needed).

Screenshots

Screen_Shot_2021-04-01_at_10.35.37_pm

How to test this locally

  1. Create a new project, give it a gitlab-ci.yml file with the following contents:
stages:
    - dast

dast:
  stage: dast 
  image: alpine:3.10.2
  script:
    - pwd
  artifacts:
    reports:
      dast: dast.json
  1. Download $2098964 and add it to the project file dast.json
  2. Run a pipeline, view vulnerabilities

Does this MR meet the acceptance criteria?

Conformity

Availability and Testing

Security

If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:

  • Label as security and @ mention @gitlab-com/gl-security/appsec
  • The MR includes necessary changes to maintain consistency between UI, API, email, or other methods
  • Security reports checked/validated by a reviewer from the AppSec team

Related to #324891 (closed)

Edited by Enrique Alcántara

Merge request reports

Loading