Fix VulerabilityType.identifiers field when vulnerability.finding returns nil
The vulnerability report page is failing for the following filtering combinations; https://gitlab.com/gitlab-org/gitlab/-/security/vulnerability_report/?sortBy=detected&sortDesc=false&activity=ALL&state=ALL
{
vulnerability(id: "gid://gitlab/Vulnerability/1") {
id
project {
name
}
identifiers {
name
}
}
}This throws an error:
{
"errors": [
{
"graphQLErrors": [
{
"message": "Cannot return null for non-nullable field Vulnerability.identifiers",
"locations": [
{
"line": 7,
"column": 5
}
],
"path": [
"vulnerability",
"identifiers"
]
}
],
"clientErrors": [],
"networkError": null,
"message": "Cannot return null for non-nullable field Vulnerability.identifiers",
"stack": "Error\n at new t (https://gitlab.com/assets/webpack/main.734e0d82.chunk.js:1:68160)\n at https://gitlab.com/assets/webpack/main.734e0d82.chunk.js:1:314525\n at Object.next (https://gitlab.com/assets/webpack/main.734e0d82.chunk.js:69:111978)\n at y (https://gitlab.com/assets/webpack/main.734e0d82.chunk.js:69:109874)\n at k (https://gitlab.com/assets/webpack/main.734e0d82.chunk.js:69:110380)\n at e.next (https://gitlab.com/assets/webpack/main.734e0d82.chunk.js:69:110913)\n at https://gitlab.com/assets/webpack/main.734e0d82.chunk.js:63:116748\n at Array.forEach (<anonymous>)\n at i (https://gitlab.com/assets/webpack/main.734e0d82.chunk.js:63:116716)\n at Object.next (https://gitlab.com/assets/webpack/main.734e0d82.chunk.js:1:292848)"
}
]
}Though we are using in few places finding but only identifiers field is non-null:
https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/app/graphql/types/vulnerability_type.rb
Possible fixes:
To fix this specific scenario:
- We can use
vulnerability_findinginstead offindingin the identifiers method so that it returnsfindingincasevulnerability_idis nil infinding
or,
- Make this field
null: trueso that we do not throws error when finding is nil.
Follow up:
As a follow up, we should fix the data or association.
Edited by 🤖 GitLab Bot 🤖