Update the GraphQL Query to return Other vulnerabilities for OWASP Top 10
Summary
As previously discussed here, the top-level total counts in the vulnerability report, and the total of the grouped reports do not match for OWASP Top 10 Group.
Other groups do not have this problem because they either have an Unknown
or Other
category, which every vulnerability that does not match to the group criteria will fall into.
This issue tracks the effort to update the GraphQL Queries vulnerabilitySeveritiesCount
and projectVulnerabilities
to return other vulnerabilities for OWASP Top 10 (2017 and 2021)
Implementation plan
Introduce a NONE
wildcard support to the GraphQL owaspTopTen
argument values for project.vulnerabilitySeveritiesCount
and project.vulnerabilities
similar to the other GitLab GraphQL API's
References:
Edited by Bala Kumar