Commit d47f9d23 authored by 🤖 GitLab Bot 🤖's avatar 🤖 GitLab Bot 🤖

Add latest changes from gitlab-org/gitlab@master

parent c158fa8d
Pipeline #109944395 failed with stages
in 41 minutes and 49 seconds
...@@ -36,6 +36,8 @@ class GroupMembersFinder < UnionFinder ...@@ -36,6 +36,8 @@ class GroupMembersFinder < UnionFinder
relations << descendant_members relations << descendant_members
end end
return GroupMember.none if relations.empty?
members = find_union(relations, GroupMember) members = find_union(relations, GroupMember)
filter_members(members, params) filter_members(members, params)
end end
......
...@@ -5,7 +5,7 @@ ...@@ -5,7 +5,7 @@
class Epic < ApplicationRecord class Epic < ApplicationRecord
include IgnorableColumns include IgnorableColumns
ignore_column :milestone_id, remove_after: '2019-12-15', remove_with: '12.7' ignore_column :milestone_id, remove_after: '2020-02-01', remove_with: '12.8'
def self.link_reference_pattern def self.link_reference_pattern
nil nil
......
...@@ -1325,7 +1325,7 @@ class Project < ApplicationRecord ...@@ -1325,7 +1325,7 @@ class Project < ApplicationRecord
end end
def has_active_hooks?(hooks_scope = :push_hooks) def has_active_hooks?(hooks_scope = :push_hooks)
hooks.hooks_for(hooks_scope).any? || SystemHook.hooks_for(hooks_scope).any? || Gitlab::Plugin.any? hooks.hooks_for(hooks_scope).any? || SystemHook.hooks_for(hooks_scope).any? || Gitlab::FileHook.any?
end end
def has_active_services?(hooks_scope = :push_hooks) def has_active_services?(hooks_scope = :push_hooks)
......
...@@ -14,8 +14,12 @@ class Snippet < ApplicationRecord ...@@ -14,8 +14,12 @@ class Snippet < ApplicationRecord
include Editable include Editable
include Gitlab::SQL::Pattern include Gitlab::SQL::Pattern
include FromUnion include FromUnion
include IgnorableColumns
extend ::Gitlab::Utils::Override extend ::Gitlab::Utils::Override
ignore_column :storage_version, remove_with: '12.9', remove_after: '2020-03-22'
cache_markdown_field :title, pipeline: :single_line cache_markdown_field :title, pipeline: :single_line
cache_markdown_field :description cache_markdown_field :description
cache_markdown_field :content cache_markdown_field :content
......
...@@ -14,7 +14,7 @@ class SystemHooksService ...@@ -14,7 +14,7 @@ class SystemHooksService
hook.async_execute(data, 'system_hooks') hook.async_execute(data, 'system_hooks')
end end
Gitlab::Plugin.execute_all_async(data) Gitlab::FileHook.execute_all_async(data)
end end
private private
......
...@@ -11,4 +11,4 @@ ...@@ -11,4 +11,4 @@
= render 'shared/web_hooks/index', hooks: @hooks, hook_class: @hook.class = render 'shared/web_hooks/index', hooks: @hooks, hook_class: @hook.class
= render 'shared/plugins/index' = render 'shared/file_hooks/index'
- plugins = Gitlab::Plugin.files - file_hooks = Gitlab::FileHook.files
.row.prepend-top-default .row.prepend-top-default
.col-lg-4 .col-lg-4
%h4.prepend-top-0 %h4.prepend-top-0
Plugins = _('File Hooks')
%p %p
#{link_to 'Plugins', help_page_path('administration/plugins')} are similar to = _('File hooks are similar to system hooks but are executed as files instead of sending data to a URL.')
system hooks but are executed as files instead of sending data to a URL. = link_to _('For more information, see the File Hooks documentation.'), help_page_path('administration/file_hooks')
.col-lg-8.append-bottom-default .col-lg-8.append-bottom-default
- if plugins.any? - if file_hooks.any?
.card .card
.card-header .card-header
Plugins (#{plugins.count}) = _('File Hooks (%{count})') % { count: file_hooks.count }
%ul.content-list %ul.content-list
- plugins.each do |file| - file_hooks.each do |file|
%li %li
.monospace .monospace
= File.basename(file) = File.basename(file)
- else - else
.card.bg-light.text-center .card.bg-light.text-center
.nothing-here-block No plugins found. .nothing-here-block= _('No file hooks found.')
...@@ -158,7 +158,7 @@ ...@@ -158,7 +158,7 @@
- pages - pages
- pages_domain_verification - pages_domain_verification
- pages_domain_ssl_renewal - pages_domain_ssl_renewal
- plugin - file_hook
- post_receive - post_receive
- process_commit - process_commit
- project_cache - project_cache
......
# frozen_string_literal: true # frozen_string_literal: true
class PluginWorker class FileHookWorker
include ApplicationWorker include ApplicationWorker
sidekiq_options retry: false sidekiq_options retry: false
feature_category :integrations feature_category :integrations
def perform(file_name, data) def perform(file_name, data)
success, message = Gitlab::Plugin.execute(file_name, data) success, message = Gitlab::FileHook.execute(file_name, data)
unless success unless success
Gitlab::PluginLogger.error("Plugin Error => #{file_name}: #{message}") Gitlab::FileHookLogger.error("File Hook Error => #{file_name}: #{message}")
end end
true true
......
---
title: 'Resolve Design View: Left/Right keyboard arrows through Designs'
merge_request: 22870
author:
type: added
---
title: Add returning relation from GroupMembersFinder if called on root group with
only inherited param
merge_request: 23161
author:
type: fixed
---
title: Allow Unicode 11 emojis in project names
merge_request: 22776
author: Harm Berntsen
type: changed
---
title: Added Conan installation instructions to Conan package details page
merge_request: 22390
author:
type: added
---
title: Rename GitLab Plugins feature to GitLab File Hooks
merge_request: 22979
author:
type: changed
---
title: Remove storage_version column from snippets
merge_request: 23004
author:
type: changed
---
title: Remove milestone_id from epics
merge_request: 20539
author: Lee Tickett
type: other
...@@ -76,7 +76,7 @@ ...@@ -76,7 +76,7 @@
- [pages_domain_ssl_renewal, 1] - [pages_domain_ssl_renewal, 1]
- [object_storage_upload, 1] - [object_storage_upload, 1]
- [object_storage, 1] - [object_storage, 1]
- [plugin, 1] - [file_hook, 1]
- [pipeline_background, 1] - [pipeline_background, 1]
- [repository_update_remote_mirror, 1] - [repository_update_remote_mirror, 1]
- [repository_remove_remote, 1] - [repository_remove_remote, 1]
......
# frozen_string_literal: true
class RemoveMilestoneIdFromEpics < ActiveRecord::Migration[5.2]
DOWNTIME = false
def up
remove_column :epics, :milestone_id
end
def down
add_column :epics, :milestone_id, :integer
end
end
# frozen_string_literal: true
class RemoveStorageVersionColumnFromSnippets < ActiveRecord::Migration[5.2]
include Gitlab::Database::MigrationHelpers
DOWNTIME = false
disable_ddl_transaction!
def up
return unless column_exists?(:snippets, :storage_version)
remove_column :snippets, :storage_version
end
def down
add_column_with_default( # rubocop:disable Migration/AddColumnWithDefault
:snippets,
:storage_version,
:integer,
default: 2,
allow_null: false
)
end
end
...@@ -10,7 +10,7 @@ ...@@ -10,7 +10,7 @@
# #
# It's strongly recommended that you check this file into your version control system. # It's strongly recommended that you check this file into your version control system.
ActiveRecord::Schema.define(version: 2020_01_14_180546) do ActiveRecord::Schema.define(version: 2020_01_14_113341) do
# These are extensions that must be enabled in order to support this database # These are extensions that must be enabled in order to support this database
enable_extension "pg_trgm" enable_extension "pg_trgm"
...@@ -1538,7 +1538,6 @@ ActiveRecord::Schema.define(version: 2020_01_14_180546) do ...@@ -1538,7 +1538,6 @@ ActiveRecord::Schema.define(version: 2020_01_14_180546) do
end end
create_table "epics", id: :serial, force: :cascade do |t| create_table "epics", id: :serial, force: :cascade do |t|
t.integer "milestone_id"
t.integer "group_id", null: false t.integer "group_id", null: false
t.integer "author_id", null: false t.integer "author_id", null: false
t.integer "assignee_id" t.integer "assignee_id"
...@@ -1577,7 +1576,6 @@ ActiveRecord::Schema.define(version: 2020_01_14_180546) do ...@@ -1577,7 +1576,6 @@ ActiveRecord::Schema.define(version: 2020_01_14_180546) do
t.index ["end_date"], name: "index_epics_on_end_date" t.index ["end_date"], name: "index_epics_on_end_date"
t.index ["group_id"], name: "index_epics_on_group_id" t.index ["group_id"], name: "index_epics_on_group_id"
t.index ["iid"], name: "index_epics_on_iid" t.index ["iid"], name: "index_epics_on_iid"
t.index ["milestone_id"], name: "index_milestone"
t.index ["parent_id"], name: "index_epics_on_parent_id" t.index ["parent_id"], name: "index_epics_on_parent_id"
t.index ["start_date"], name: "index_epics_on_start_date" t.index ["start_date"], name: "index_epics_on_start_date"
t.index ["start_date_sourcing_epic_id"], name: "index_epics_on_start_date_sourcing_epic_id", where: "(start_date_sourcing_epic_id IS NOT NULL)" t.index ["start_date_sourcing_epic_id"], name: "index_epics_on_start_date_sourcing_epic_id", where: "(start_date_sourcing_epic_id IS NOT NULL)"
...@@ -3838,6 +3836,7 @@ ActiveRecord::Schema.define(version: 2020_01_14_180546) do ...@@ -3838,6 +3836,7 @@ ActiveRecord::Schema.define(version: 2020_01_14_180546) do
t.string "encrypted_secret_token_iv", limit: 255 t.string "encrypted_secret_token_iv", limit: 255
t.boolean "secret", default: false, null: false t.boolean "secret", default: false, null: false
t.string "repository_storage", limit: 255, default: "default", null: false t.string "repository_storage", limit: 255, default: "default", null: false
t.integer "storage_version", default: 2, null: false
t.index ["author_id"], name: "index_snippets_on_author_id" t.index ["author_id"], name: "index_snippets_on_author_id"
t.index ["content"], name: "index_snippets_on_content_trigram", opclass: :gin_trgm_ops, using: :gin t.index ["content"], name: "index_snippets_on_content_trigram", opclass: :gin_trgm_ops, using: :gin
t.index ["created_at"], name: "index_snippets_on_created_at" t.index ["created_at"], name: "index_snippets_on_created_at"
...@@ -4590,7 +4589,6 @@ ActiveRecord::Schema.define(version: 2020_01_14_180546) do ...@@ -4590,7 +4589,6 @@ ActiveRecord::Schema.define(version: 2020_01_14_180546) do
add_foreign_key "epics", "epics", column: "start_date_sourcing_epic_id", name: "fk_9d480c64b2", on_delete: :nullify add_foreign_key "epics", "epics", column: "start_date_sourcing_epic_id", name: "fk_9d480c64b2", on_delete: :nullify
add_foreign_key "epics", "milestones", column: "due_date_sourcing_milestone_id", name: "fk_3c1fd1cccc", on_delete: :nullify add_foreign_key "epics", "milestones", column: "due_date_sourcing_milestone_id", name: "fk_3c1fd1cccc", on_delete: :nullify
add_foreign_key "epics", "milestones", column: "start_date_sourcing_milestone_id", name: "fk_1fbed67632", on_delete: :nullify add_foreign_key "epics", "milestones", column: "start_date_sourcing_milestone_id", name: "fk_1fbed67632", on_delete: :nullify
add_foreign_key "epics", "milestones", on_delete: :nullify
add_foreign_key "epics", "namespaces", column: "group_id", name: "fk_f081aa4489", on_delete: :cascade add_foreign_key "epics", "namespaces", column: "group_id", name: "fk_f081aa4489", on_delete: :cascade
add_foreign_key "epics", "users", column: "assignee_id", name: "fk_dccd3f98fc", on_delete: :nullify add_foreign_key "epics", "users", column: "assignee_id", name: "fk_dccd3f98fc", on_delete: :nullify
add_foreign_key "epics", "users", column: "author_id", name: "fk_3654b61b03", on_delete: :cascade add_foreign_key "epics", "users", column: "author_id", name: "fk_3654b61b03", on_delete: :cascade
......
...@@ -107,7 +107,7 @@ recorded: ...@@ -107,7 +107,7 @@ recorded:
- Started/stopped user impersonation - Started/stopped user impersonation
It is possible to filter particular actions by choosing an audit data type from It is possible to filter particular actions by choosing an audit data type from
the filter drop-down. You can further filter by specific group, project or user the filter dropdown box. You can further filter by specific group, project or user
(for authentication events). (for authentication events).
![audit log](img/audit_log.png) ![audit log](img/audit_log.png)
......
# File hooks
> Introduced in GitLab 10.6.
> Until 12.8 the feature name was Plugins.
With custom file hooks, GitLab administrators can introduce custom integrations
without modifying GitLab's source code.
NOTE: **Note:**
Instead of writing and supporting your own file hook you can make changes
directly to the GitLab source code and contribute back upstream. This way we can
ensure functionality is preserved across versions and covered by tests.
NOTE: **Note:**
File hooks must be configured on the filesystem of the GitLab server. Only GitLab
server administrators will be able to complete these tasks. Explore
[system hooks] or [webhooks] as an option if you do not have filesystem access.
A file hook will run on each event so it's up to you to filter events or projects
within a file hook code. You can have as many file hooks as you want. Each file hook will
be triggered by GitLab asynchronously in case of an event. For a list of events
see the [system hooks] documentation.
## Setup
The file hooks must be placed directly into the `plugins` directory, subdirectories
will be ignored. There is an
[`example` directory inside `plugins`](https://gitlab.com/gitlab-org/gitlab/tree/master/plugins/examples)
where you can find some basic examples.
Follow the steps below to set up a custom hook:
1. On the GitLab server, navigate to the plugin directory.
For an installation from source the path is usually
`/home/git/gitlab/plugins/`. For Omnibus installs the path is
usually `/opt/gitlab/embedded/service/gitlab-rails/plugins`.
For [highly available] configurations, your hook file should exist on each
application server.
1. Inside the `plugins` directory, create a file with a name of your choice,
without spaces or special characters.
1. Make the hook file executable and make sure it's owned by the Git user.
1. Write the code to make the file hook function as expected. That can be
in any language, and ensure the 'shebang' at the top properly reflects the
language type. For example, if the script is in Ruby the shebang will
probably be `#!/usr/bin/env ruby`.
1. The data to the file hook will be provided as JSON on STDIN. It will be exactly
same as for [system hooks]
That's it! Assuming the file hook code is properly implemented, the hook will fire
as appropriate. The file hooks file list is updated for each event, there is no
need to restart GitLab to apply a new file hook.
If a file hook executes with non-zero exit code or GitLab fails to execute it, a
message will be logged to:
- `gitlab-rails/plugin.log` in an Omnibus installation.
- `log/plugin.log` in a source installation.
## Creating file hooks
Below is an example that will only response on the event `project_create` and
will inform the admins from the GitLab instance that a new project has been created.
```ruby
# By using the embedded ruby version we eliminate the possibility that our chosen language
# would be unavailable from
#!/opt/gitlab/embedded/bin/ruby
require 'json'
require 'mail'
# The incoming variables are in JSON format so we need to parse it first.
ARGS = JSON.parse(STDIN.read)
# We only want to trigger this file hook on the event project_create
return unless ARGS['event_name'] == 'project_create'
# We will inform our admins of our gitlab instance that a new project is created
Mail.deliver do
from 'info@gitlab_instance.com'
to 'admin@gitlab_instance.com'
subject "new project " + ARGS['name']
body ARGS['owner_name'] + 'created project ' + ARGS['name']
end
```
## Validation
Writing your own file hook can be tricky and it's easier if you can check it
without altering the system. A rake task is provided so that you can use it
in a staging environment to test your file hook before using it in production.
The rake task will use a sample data and execute each of file hook. The output
should be enough to determine if the system sees your file hook and if it was
executed without errors.
```bash
# Omnibus installations
sudo gitlab-rake file_hooks:validate
# Installations from source
cd /home/git/gitlab
bundle exec rake file_hooks:validate RAILS_ENV=production
```
Example of output:
```
Validating file hooks from /plugins directory
* /home/git/gitlab/plugins/save_to_file.clj succeed (zero exit code)
* /home/git/gitlab/plugins/save_to_file.rb failure (non-zero exit code)
```
[system hooks]: ../system_hooks/system_hooks.md
[webhooks]: ../user/project/integrations/webhooks.md
[highly available]: ./high_availability/README.md
...@@ -245,7 +245,7 @@ To add a Prometheus dashboard for a single server GitLab setup: ...@@ -245,7 +245,7 @@ To add a Prometheus dashboard for a single server GitLab setup:
1. Create a new data source in Grafana. 1. Create a new data source in Grafana.
1. Name your data source i.e GitLab. 1. Name your data source i.e GitLab.
1. Select `Prometheus` in the type drop down. 1. Select `Prometheus` in the type dropdown box.
1. Add your Prometheus listen address as the URL and set access to `Browser`. 1. Add your Prometheus listen address as the URL and set access to `Browser`.
1. Set the HTTP method to `GET`. 1. Set the HTTP method to `GET`.
1. Save & Test your configuration to verify that it works. 1. Save & Test your configuration to verify that it works.
......
# GitLab Plugin system ---
redirect_to: 'file_hooks.md'
---
> Introduced in GitLab 10.6. This document was moved to [File Hooks](file_hooks.md), after the Plugins feature was renamed to File Hooks.
With custom plugins, GitLab administrators can introduce custom integrations
without modifying GitLab's source code.
NOTE: **Note:**
Instead of writing and supporting your own plugin you can make changes
directly to the GitLab source code and contribute back upstream. This way we can
ensure functionality is preserved across versions and covered by tests.
NOTE: **Note:**
Plugins must be configured on the filesystem of the GitLab server. Only GitLab
server administrators will be able to complete these tasks. Explore
[system hooks] or [webhooks] as an option if you do not have filesystem access.
A plugin will run on each event so it's up to you to filter events or projects
within a plugin code. You can have as many plugins as you want. Each plugin will
be triggered by GitLab asynchronously in case of an event. For a list of events
see the [system hooks] documentation.
## Setup
The plugins must be placed directly into the `plugins` directory, subdirectories
will be ignored. There is an
[`example` directory inside `plugins`](https://gitlab.com/gitlab-org/gitlab/tree/master/plugins/examples)
where you can find some basic examples.
Follow the steps below to set up a custom hook:
1. On the GitLab server, navigate to the plugin directory.
For an installation from source the path is usually
`/home/git/gitlab/plugins/`. For Omnibus installs the path is
usually `/opt/gitlab/embedded/service/gitlab-rails/plugins`.
For [highly available] configurations, your hook file should exist on each
application server.
1. Inside the `plugins` directory, create a file with a name of your choice,
without spaces or special characters.
1. Make the hook file executable and make sure it's owned by the Git user.
1. Write the code to make the plugin function as expected. That can be
in any language, and ensure the 'shebang' at the top properly reflects the
language type. For example, if the script is in Ruby the shebang will
probably be `#!/usr/bin/env ruby`.
1. The data to the plugin will be provided as JSON on STDIN. It will be exactly
same as for [system hooks]
That's it! Assuming the plugin code is properly implemented, the hook will fire
as appropriate. The plugins file list is updated for each event, there is no
need to restart GitLab to apply a new plugin.
If a plugin executes with non-zero exit code or GitLab fails to execute it, a
message will be logged to:
- `gitlab-rails/plugin.log` in an Omnibus installation.
- `log/plugin.log` in a source installation.
## Creating plugins
Below is an example that will only response on the event `project_create` and
will inform the admins from the GitLab instance that a new project has been created.
```ruby
# By using the embedded ruby version we eliminate the possibility that our chosen language
# would be unavailable from
#!/opt/gitlab/embedded/bin/ruby
require 'json'
require 'mail'
# The incoming variables are in JSON format so we need to parse it first.
ARGS = JSON.parse(STDIN.read)
# We only want to trigger this plugin on the event project_create
return unless ARGS['event_name'] == 'project_create'
# We will inform our admins of our gitlab instance that a new project is created
Mail.deliver do
from 'info@gitlab_instance.com'
to 'admin@gitlab_instance.com'
subject "new project " + ARGS['name']
body ARGS['owner_name'] + 'created project ' + ARGS['name']
end
```
## Validation
Writing your own plugin can be tricky and it's easier if you can check it
without altering the system. A rake task is provided so that you can use it
in a staging environment to test your plugin before using it in production.
The rake task will use a sample data and execute each of plugin. The output
should be enough to determine if the system sees your plugin and if it was
executed without errors.
```bash
# Omnibus installations
sudo gitlab-rake plugins:validate
# Installations from source
cd /home/git/gitlab
bundle exec rake plugins:validate RAILS_ENV=production
```
Example of output:
```
Validating plugins from /plugins directory
* /home/git/gitlab/plugins/save_to_file.clj succeed (zero exit code)
* /home/git/gitlab/plugins/save_to_file.rb failure (non-zero exit code)
```
[system hooks]: ../system_hooks/system_hooks.md
[webhooks]: ../user/project/integrations/webhooks.md
[highly available]: ./high_availability/README.md
...@@ -44,7 +44,7 @@ To enable or disable GitLab CI/CD Pipelines in your project: ...@@ -44,7 +44,7 @@ To enable or disable GitLab CI/CD Pipelines in your project:
- **Private**: Only project members can access pipelines. - **Private**: Only project members can access pipelines.
- **Internal** or **Public**: Pipelines can be set to either **Only Project Members** - **Internal** or **Public**: Pipelines can be set to either **Only Project Members**
or **Everyone With Access** via the drop-down box. or **Everyone With Access** via the dropdown box.
Press **Save changes** for the settings to take effect. Press **Save changes** for the settings to take effect.
......
...@@ -244,7 +244,7 @@ Once the database is created, connect to your new RDS instance to verify access ...@@ -244,7 +244,7 @@ Once the database is created, connect to your new RDS instance to verify access
and to install a required extension. and to install a required extension.
You can find the host or endpoint by selecting the instance you just created and You can find the host or endpoint by selecting the instance you just created and
after the details drop down you'll find it labeled as 'Endpoint'. Do not to after the details dropdown menu you'll find it labeled as 'Endpoint'. Do not to
include the colon and port number: include the colon and port number:
```sh ```sh
......
...@@ -226,7 +226,7 @@ connections: ...@@ -226,7 +226,7 @@ connections:
![Azure - Add inbound security rules - HTTP](img/azure-add-inbound-sec-rule-http.png) ![Azure - Add inbound security rules - HTTP](img/azure-add-inbound-sec-rule-http.png)
1. Enter **"HTTP"** in the `Name` field 1. Enter **"HTTP"** in the `Name` field
1. Select **HTTP** from the options in the `Service` drop-down 1. Select **HTTP** from the options in the `Service` dropdown list
1. Make sure the `Action` is set to **Allow** 1. Make sure the `Action` is set to **Allow**
1. Click **"OK"** 1. Click **"OK"**
...@@ -238,7 +238,7 @@ accept [SSH] connections: ...@@ -238,7 +238,7 @@ accept [SSH] connections:
![Azure - Add inbound security rules - SSH](img/azure-add-inbound-sec-rule-ssh.png) ![Azure - Add inbound security rules - SSH](img/azure-add-inbound-sec-rule-ssh.png)
1. Enter **"SSH"** in the `Name` field 1. Enter **"SSH"** in the `Name` field
1. Select **SSH** from the options in the `Service` drop-down 1. Select **SSH** from the options in the `Service` dropdown list
1. Make sure the `Action` is set to **Allow** 1. Make sure the `Action` is set to **Allow**
1. Click **"OK"** 1. Click **"OK"**
......
...@@ -269,6 +269,15 @@ it highlighted: ...@@ -269,6 +269,15 @@ it highlighted:
} }
], ],
"remediations": [ "remediations": [
{
"fixes": [
{
"cve": "debian:9:apt:CVE-2019-3462"
}
],
"summary": "Upgrade apt from 1.4.8 to 1.4.9",
"diff": "YXB0LWdldCB1cGRhdGUgJiYgYXB0LWdldCB1cGdyYWRlIC15IGFwdA=="
}
] ]
} }
``` ```
...@@ -305,7 +314,11 @@ the report JSON unless stated otherwise. Presence of optional fields depends on ...@@ -305,7 +314,11 @@ the report JSON unless stated otherwise. Presence of optional fields depends on
| `vulnerabilities[].links` | An array of references to external documentation pieces or articles that describe the vulnerability further. Optional. | | `vulnerabilities[].links` | An array of references to external documentation pieces or articles that describe the vulnerability further. Optional. |
| `vulnerabilities[].links[].name` | Name of the vulnerability details link. Optional. | | `vulnerabilities[].links[].name` | Name of the vulnerability details link. Optional. |
| `vulnerabilities[].links[].url` | URL of the vulnerability details document. Optional. | | `vulnerabilities[].links[].url` | URL of the vulnerability details document. Optional. |
| `remediations` | Not supported yet. | | `remediations` | An array of objects containing information on cured vulnerabilities along with patch diffs to apply. Empty if no remediations provided by an underlying analyzer. |
| `remediations[].fixes` | An array of strings that represent references to vulnerabilities fixed by this particular remediation. |
| `remediations[].fixes[].cve` | A string value that describes a fixed vulnerability occurrence in the same format as `vulnerabilities[].cve`. |
| `remediations[].summary` | Overview of how the vulnerabilities have been fixed. |
| `remediations[].diff` | base64-encoded remediation code diff, compatible with [`git apply`](https://git-scm.com/docs/git-format-patch#_discussion). |
## Troubleshooting ## Troubleshooting
......
...@@ -71,6 +71,8 @@ Designs cannot be added if the issue has been moved, or its ...@@ -71,6 +71,8 @@ Designs cannot be added if the issue has been moved, or its
## Viewing designs ## Viewing designs
Images on the Design Management page can be enlarged by clicking on them. Images on the Design Management page can be enlarged by clicking on them.
You can navigate through designs by clicking on the navigation buttons on the
top-right corner or with <kbd>Left</kbd>/<kbd>Right</kbd> keyboard buttons.
The number of comments on a design — if any — is listed to the right The number of comments on a design — if any — is listed to the right