Skip to content
Snippets Groups Projects
Commit 27069807 authored by Mehmet Emin INAC's avatar Mehmet Emin INAC :two:
Browse files

Merge branch '370926-remove-use-of-vulnerabilities-message' into 'master'

Deprecate `message` field from `VulnerabilityCreate` GraphQL mutation

See merge request !119960



Merged-by: default avatarMehmet Emin INAC <minac@gitlab.com>
Approved-by: default avatarMehmet Emin INAC <minac@gitlab.com>
Reviewed-by: default avatarHordur Freyr Yngvason <hfyngvason@gitlab.com>
Reviewed-by: default avatarMehmet Emin INAC <minac@gitlab.com>
Co-authored-by: default avatarMichał Zając <mzajac@gitlab.com>
parents 3f1cb40d 3ab3efb1
No related branches found
No related tags found
2 merge requests!120936Draft: Debugging commit to trigger pipeline (DO NOT MERGE),!119960Deprecate `message` field from `VulnerabilityCreate` GraphQL mutation
Pipeline #869455260 passed
......@@ -6594,7 +6594,7 @@ Input type: `VulnerabilityCreateInput`
| <a id="mutationvulnerabilitycreatedetectedat"></a>`detectedAt` | [`Time`](#time) | Timestamp of when the vulnerability was first detected (defaults to creation time). |
| <a id="mutationvulnerabilitycreatedismissedat"></a>`dismissedAt` | [`Time`](#time) | Timestamp of when the vulnerability state changed to dismissed (defaults to creation time if status is `dismissed`). |
| <a id="mutationvulnerabilitycreateidentifiers"></a>`identifiers` | [`[VulnerabilityIdentifierInput!]!`](#vulnerabilityidentifierinput) | Array of CVE or CWE identifiers for the vulnerability. |
| <a id="mutationvulnerabilitycreatemessage"></a>`message` | [`String`](#string) | Short text section that describes the vulnerability. This may include the finding's specific information. |
| <a id="mutationvulnerabilitycreatemessage"></a>`message` **{warning-solid}** | [`String`](#string) | **Deprecated:** message field has been removed from security reports schema. Deprecated in 16.1. |
| <a id="mutationvulnerabilitycreatename"></a>`name` | [`String!`](#string) | Name of the vulnerability. |
| <a id="mutationvulnerabilitycreateproject"></a>`project` | [`ProjectID!`](#projectid) | ID of the project to attach the vulnerability to. |
| <a id="mutationvulnerabilitycreateresolvedat"></a>`resolvedAt` | [`Time`](#time) | Timestamp of when the vulnerability state changed to resolved (defaults to creation time if status is `resolved`). |
......@@ -22575,7 +22575,7 @@ Represents a vulnerability.
| <a id="vulnerabilitylinks"></a>`links` | [`[VulnerabilityLink!]!`](#vulnerabilitylink) | List of links associated with the vulnerability. |
| <a id="vulnerabilitylocation"></a>`location` | [`VulnerabilityLocation`](#vulnerabilitylocation) | Location metadata for the vulnerability. Its fields depend on the type of security scan that found the vulnerability. |
| <a id="vulnerabilitymergerequest"></a>`mergeRequest` | [`MergeRequest`](#mergerequest) | Merge request that fixes the vulnerability. |
| <a id="vulnerabilitymessage"></a>`message` | [`String`](#string) | Short text description of the vulnerability. This may include the finding's specific information. |
| <a id="vulnerabilitymessage"></a>`message` **{warning-solid}** | [`String`](#string) | **Deprecated** in 16.1. message field has been removed from security reports schema. |
| <a id="vulnerabilitynotes"></a>`notes` | [`NoteConnection!`](#noteconnection) | All notes on this noteable. (see [Connections](#connections)) |
| <a id="vulnerabilityprimaryidentifier"></a>`primaryIdentifier` | [`VulnerabilityIdentifier`](#vulnerabilityidentifier) | Primary identifier of the vulnerability. |
| <a id="vulnerabilityproject"></a>`project` | [`Project`](#project) | Project on which the vulnerability was found. |
......@@ -52,6 +52,7 @@ class Create < BaseMutation
argument :message, GraphQL::Types::String,
required: false,
deprecated: { reason: 'message field has been removed from security reports schema', milestone: '16.1' },
description: "Short text section that describes the vulnerability. This may include the finding's specific information."
argument :detected_at, Types::TimeType,
......@@ -100,7 +101,6 @@ def build_vulnerability_params(params)
state
severity
confidence
message
description
solution
detected_at
......
......@@ -24,6 +24,7 @@ class VulnerabilityType < BaseObject
field :message, GraphQL::Types::String,
null: true, method: :finding_message,
deprecated: { reason: 'message field has been removed from security reports schema', milestone: '16.1' },
description: "Short text description of the vulnerability. This may include the finding's specific information."
field :state, VulnerabilityStateEnum,
......
......@@ -58,7 +58,7 @@
expect(mutated_vulnerability).to be_detected
expect(mutated_vulnerability.description).to eq(attributes.dig(:description))
expect(mutated_vulnerability.finding_description).to eq(attributes.dig(:description))
expect(mutated_vulnerability.finding_message).to eq(attributes.dig(:message))
expect(mutated_vulnerability.finding_message).to eq(nil)
expect(mutated_vulnerability.solution).to eq(attributes.dig(:solution))
expect(subject[:errors]).to be_empty
end
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment