Issues created from vulnerabilities have relative, broken links
Summary
When creating an issue from a vulnerability, the link to the file is invalid.
This issue is a regression of #10435 (closed) since the new standalone security dashboard
Steps to reproduce
- Browse security dashboard (for ex)
- Choose a vulnerability
- Create an issue from it
- Use the link to the affected file
Example Project
https://gitlab.com/gitlab-org/security-products/tests/sast/issues/6
What is the current bug behavior?
Link is relative. So it's working from gitlab.com, but not from email notifications for example:
[sbt/src/main/scala/example/Main.scala:12](sbt/src/main/scala/example/Main.scala#L12)
What is the expected correct behavior?
- link is a valid URL
- link should also contain the hash of the pipeline it ran on, if possible:
https://gitlab.com/gitlab-org/security-products/tests/sast/blob/7dadc3c1/sbt/src/main/scala/example/Main.scala#L12
//over
https://gitlab.com/gitlab-org/security-products/tests/sast/blob/master/sbt/src/main/scala/example/Main.scala#L12
Possible Fixes
The original fix was !27747 (merged) I think location blob_path
is no longer being passed in POST https://gitlab.com/craigmsmith/sast-test/-/vulnerability_feedback
Edited by Craig Smith