Start using only the `Security::Finding` instead of building `Vulnerability::Finding`
Why are we doing this work
As of Nov 4th, 2022 by !103013 (merged), we have started saving the finding_data
in the security_findings
table which makes it possible to generate responses for the APIs by using the security_findings
table. After 3 months(March 2023), we will have all the records in that table with the finding_data
set so we can just use security_findings
records to generate responses for our APIs.
APIs
-
pipeline.securityReportFindings
GraphQL field -
vulnerability_findings
REST API
Implementation plan
-
Change the Security::FindingsFinder
to work likeSecurity::PureFindingsFinder
. -
Remove the Security::PureFindingsFinder
and replace all the occurrences of it withSecurity::FindingsFinder
-
Remove the Security::PipelineVulnerabilitiesFinder
call fromPipelineSecurityReportFindingsResolver
-
Remove the fallback logic from API::VulnerabilityFindings
Edited by Mehmet Emin INAC