Add security report schemas version 15.1.0 (!149589) · Merge requests · GitLab.org / GitLab

Igor Frenkel requested to merge 439770-bump-security-report-schemas-v15.1.0 into master Apr 15, 2024

What does this MR do and why?

Support security-report-schemas version by adding 15.1.0 json schemas to the list of valid schemas and 15.1.0 as valid version to the validator.

Details

Each GitLab Secure analyzer produces a JSON report that contains vulnerability findings to display on the Vulnerability Dashboard.

GitLab Secure schemas are used to ensure that reports produced by analyzers are able to be parsed successfully by GitLab Rails. Each JSON report indicates which version of the Secure schema it conforms to. When the report is parsed, the file is validated using the appropriate schema and will be rejected if it does not succeed.

A new version of the schema has been released, therefore in order to support analyzers using this version the new schema files must be included in the Rails codebase.

Reference

Refs #439770 (closed)

MR acceptance checklist

Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Screenshots or screen recordings

Screenshots are required for UI changes, and strongly recommended for all other merge requests.

Before	After

How to set up and validate locally

Numbered steps to set up and validate the change are strongly suggested.

Related to #439770 (closed)

Edited Apr 16, 2024 by Olivier Gonzalez

Admin message

Add security report schemas version 15.1.0