Remove scanner, category fields from vulnerabilities, in Security reports
Summary
After adding .scan.scanner
and .scan.type
to the security reports as described in #202053 (closed), we should then remove .vulnerabilities[].scanner
and .vulnerabilities[].category
, for these are redundant.
- remove
Category
andScanner
struct field from theIssue
struct, in the common library, and update the Secure analyzers (SAST, Container Scanning, Secret Detection, and Dependency Scanning) - update the Rails backend of gitlab
- remove the fields from the JSON schemas, in security-report-schemas (covered in Build and release next MODEL (aka major) versio... (#339812 - closed))
Improvements
The new security reports are smaller and more readable.
Risks
The main risk is to break backward compatibility when running new versions of the Secure analyzers with old versions of the GitLab backend.
Involved components
Optional: Intended side effects
Optional: Missing test coverage
Edited by Thiago Figueiró