Skip to content

Use report schema v15.0.0

Serena Fang requested to merge use-schema-v-15-0-0 into main

What does this MR do?

Re-implementing !41 (merged)

Modifies CurrentVersion() so generated reports default to version 15.0.0 of the Security Report Schema. This is consistent with the shape of the generated report after !38 (merged) was merged.

This impetus for this change is that groupstatic analysis analysers use the compare_reports script for QA tests, which extracts the version out of the generated report in order to fetch the corresponding schema to validate it against. When the report package is upgraded in these analysers (and they begin to generate v15.0.0 compliant reports), version: "14.0.4" is still being specified in the generated reports. This causes schema validation to fail in some cases, notably because cve is a required property in 14.x, but the changes to the report package for 15.x support omits the cve field entirely if it's empty.

There's some additional context on Slack.

What are the relevant issue numbers?

gitlab-org/gitlab#375364 (closed)

Does this MR meet the acceptance criteria?

Edited by Lucas Charles

Merge request reports

Loading