Draft: investigate missing fields **DO NOT MERGE THIS**
What does this MR do and why?
This MR is simply a SPIKE. We're investigating the missing fields in GraphQL in order to request them from the backend.
Mock GrahpQL Server
https://gitlab.com/dpisek/vulnerability-graphql-mock
Result of spike
-
backend Add the following fields:
# Enums
enum VulnerabilitySupportingMessageName {
RECORDED
}
# Types
type VulnerabilityRequestResponseHeader {
name: String
value: String
}
type VulnerabilityRequest {
body: String
method: String
url: String
headers: [VulnerabilityRequestResponseHeader!]
}
type VulnerabilityResponse {
body: String
statusCode: String
reasonPhrase: String
headers: [VulnerabilityRequestResponseHeader!]
}
type VulnerabilitySupportingMessage {
name: VulnerabilitySupportingMessageName
response: VulnerabilityResponse
}
type VulnerabilityEvidenceSource {
name: String
}
type VulnerabilityAsset {
name: String
url: String
}
type VulnerabilityRemediation {
diff: [String!]
}
## Extensions
# Check /ee/lib/ee/gitlab/ci/parsers/security/validators/schemas/coverage_fuzzing.json
# for more details
extend type VulnerabilityLocationCoverageFuzzing {
crashType: String
crashAddress: String
stacktraceSnippet: String
}
extend type VulnerabilityScanner {
url: String
version: String
}
extend type Vulnerability {
createdAt: Time
pipeline: Pipeline
request: VulnerabilityRequest
response: VulnerabilityResponse
supportingMessages: [VulnerabilitySupportingMessage!]
evidenceSource: VulnerabilityEvidenceSource
assets: [VulnerabilityAsset!]
solution: String
remediations: [VulnerabilityRemediation!]
canModifyRelatedIssues: Boolean!
relatedIssuesHelpPath: String
}
-
frontend Migrate ee/app/assets/javascripts/vue_shared/security_reports/components/merge_request_note.vue
andee/vue_shared/security_reports/components/event_item.vue
to usecamelCase
fields. -
frontend Find vulnerability.hasMr
occurrences. We won't have this field anymore, instead use themergeRequest
field to deduct this information. -
frontend Find mergeRequestFeedback
occurrences and rename them withmergeRequest
Edited by Savas Vedova