Skip to content

Moving VulnerabilityReportsComparer to CE [RUN AS-IF-FOSS]

What does this MR do?

This MR is related to Port SAST and Secret Detection rails platform code to GitLab CE.

Following !65959 (merged), this MR implements phase 2 of this migration path which concerns moving Gitlab::Ci::Reports::Security::VulnerabilityReportsComparer to CE. To do so, and to keep Vulnerability under EE, since VulnerabilityReportsComparer will not store anything in db for CE versions of Secure features, this MR also replaces Vulnerabilities::finding and Vulnerabilities::identifier with the ci_reports_security_finding and ci_reports_security_identifier factories respectively in VulnerabilityReportsComparer.

Screenshots or Screencasts (strongly suggested)

How to setup and validate locally (strongly suggested)

Does this MR meet the acceptance criteria?

Conformity

Availability and Testing

Security

Does this MR contain changes to processing or storing of credentials or tokens, authorization and authentication methods or other items described in the security review guidelines? If not, then delete this Security section.

  • Label as security and @ mention @gitlab-com/gl-security/appsec
  • The MR includes necessary changes to maintain consistency between UI, API, email, or other methods
  • Security reports checked/validated by a reviewer from the AppSec team
Edited by Saikat Sarkar

Merge request reports

Loading