Skip to content

Fix signature badge on commits tab of merge request

What does this MR do?

On the 'Commits' view of a repository, a signature badge (Verified or Unverified) is displayed for each signed commit (e.g. see http://localhost:3000/gitlab-org/gitlab-test/-/commits/feature). The same is actually implemented for the 'Commits' tab on the view of a merge request. But in this case, the raw data and thus the signature of the commit is not loaded, so no signature badge is displayed (e.g. see http://localhost:3000/gitlab-org/gitlab-test/-/merge_requests/8/commits).

This MR fixes the described ~bug: By a change when loading the commits, the signature badges are also displayed in the 'Commits' tab on the view of a merge request.

🛠 with at Siemens

/cc @bufferoverflow

Screenshots

http://localhost:3000/gitlab-org/gitlab-test/-/merge_requests/8/commits:

Before After
image image

How to setup and validate locally

  1. Visit a 'Commits' view of a repository with signed commits such as http://localhost:3000/gitlab-org/gitlab-test/-/commits/feature
  2. Check: A signature badge (Verified or Unverified) is displayed for each signed commit. This is how it should be.
  3. Visit the 'Commits' tab of a merge request containing the same commits as above such as http://localhost:3000/gitlab-org/gitlab-test/-/merge_requests/8/commits
  4. Check: No signature badges are displayed even for signed commits.
  5. Apply the changes of this MR and refresh the page.
  6. Check: Now, a signature badge is displayed for each signed commit.

Does this MR meet the acceptance criteria?

Conformity

Availability and Testing

Security

Does this MR contain changes to processing or storing of credentials or tokens, authorization and authentication methods or other items described in the security review guidelines? If not, then delete this Security section.

  • [-] Label as security and @ mention @gitlab-com/gl-security/appsec
  • [-] The MR includes necessary changes to maintain consistency between UI, API, email, or other methods
  • [-] Security reports checked/validated by a reviewer from the AppSec team
Edited by Jonas Wälter

Merge request reports

Loading