Put OWASP Top Ten behind a feature flag for group level (!150690) · Merge requests · GitLab.org / GitLab

Savas Vedova requested to merge svedova-enable-owasp-group-level into master Apr 24, 2024

What does this MR do and why?

Put OWASP Top Ten behind a feature flag for group level

Use the vulnerability_owasp_top_10_group feature flag to allow displaying owasp top 10 grouping option in the group level vulnerability report.

MR acceptance checklist

Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Screenshots or screen recordings

How to set up and validate locally

Enable the feature flags:

echo "Feature.enable(:vulnerability_owasp_top_10_group)" | rails c

echo "Feature.enable(:group_level_vulnerability_report_grouping)" | rails c

Fork https://gitlab.com/gitlab-examples/security/security-reports/ and add it under a group
Run the pipeline against the default branch to populate vulnerabilities
Visit Group > Secure > Vulnerability Report

Edited Apr 24, 2024 by Savas Vedova

Put OWASP Top Ten behind a feature flag for group level

What does this MR do and why?

MR acceptance checklist

Screenshots or screen recordings

How to set up and validate locally

Merge request reports