Ingest vulnerability read with owasp_top_10 (!138594) · Merge requests · GitLab.org / GitLab

Bala Kumar requested to merge 419092-vulnerability-read-ingestion-logic into master Dec 03, 2023

What does this MR do and why?

Updates vulnerability_reads.owasp_top_10 value based on the vulnerability identifier.

Related to Step-2 implementation plan on #419092 (closed)

Screenshots or screen recordings

In Rails console for the below validation project we should observe the following results.

Before	After

How to set up and validate locally

Import project https://gitlab.com/bala.kumar/verify-419092 into local and run the pipeline on the main branch.
We should observe that the vulnerability_reads.pluck(:owasp_top_10) for the imported project is having values ["A1:2017-Injection", "A1:2021-Broken Access Control"] in rails console.

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

I have evaluated the MR acceptance checklist for this MR.

Related to #419092 (closed)

Edited Dec 12, 2023 by Bala Kumar

Ingest vulnerability read with owasp_top_10

What does this MR do and why?

Screenshots or screen recordings

How to set up and validate locally

MR acceptance checklist

Merge request reports