Resolve vulnerability modal error race condition

Samantha Mingrequested to merge
510296-resolve-error-race-condition into master

What does this MR do and why?

Resolve vulnerability modal error race condition. Error message is being reset and not displayed due to race condition in the MR vulnerability modal.

Issue: #510296 (closed)

Note: this bug is difficult to replicate consistently as it really depends on the timing of things. The bugs only appear when the createVulnerabilityForFinding returns the error response BEFORE the resolveStart resets error message to ''

Scenario One: Error message is not displayed (the bug) 🐛

This is the scenario this MR is fixing.

createVulnerabilityForFinding returns error response
└──────────▶|
resolveStart resets error message to ''
└──────────────────────▶|

Result: No error message b/c '' wins
Before After
image image

Scenario two: Error message is displayed

As evident by: #509284 (comment 2267320731). There's nothing to fix here.

createVulnerabilityForFinding returns error response
└──────────────────────▶|
resolveStart resets error message to ''
└──────────▶|

Result: Display Error message

References

Please include cross links to any resources that are relevant to this MR. This will give reviewers and future readers helpful context to give an efficient review of the changes introduced.

MR acceptance checklist

Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Screenshots or screen recordings

Screenshots are required for UI changes, and strongly recommended for all other merge requests.

Before After

How to set up and validate locally

Numbered steps to set up and validate the change are strongly suggested.

  1. Clone https://gitlab.com/gitlab-org/govern/threat-insights-demos/verification-projects/cwe-tests
  2. Run a pipeline
  3. Make an edit to file cwe-328/ruby/cwe-328-fixed.rb and create a new Merge Request
require 'digest/md5'

def hash_password(password)
  Digest::MD5.hexdigest(password)
end
  1. Wait until the security scanning completes
  2. There should be a vulnerability
  3. Click on any vulnerability to open the modal
  4. Once the modal is open, open the dev tool
  5. Go to the "Network" tab and select Offline
  6. The error message should appear

Related to #510296 (closed)

Edited by Samantha Ming

Merge request reports