Customize which vulnerability severities will be considered for approval
Why are we doing this work
Currently Vunerability-check rule applies to any severity. Providing a way to define which severities(s) should be considered will give the user more granularity.
Relevant links
Non-functional requirements
-
Documentation: -
Feature flag: -
Performance: -
Testing:
Implementation plan
-
frontend Add a dropdown with the severities available -
frontend Add all
as an option to keep support with the current behaviour -
backend Extend the model to support the scanners related to endpoint: http://HOST/api/v4/projects/PROJECT_ID/approval_settings/rules
-
backend Extend or derive the related rules to consider the severities. -
documentation Update related docs
Edited by Zamir Martins