Sort vulnerabilities for pipeline dashboard (!18863) · Merge requests · GitLab.org / GitLab

Can Eldem requested to merge sort-vulnerabilities-for-pipeline-dashboard into master Oct 21, 2019

What does this MR do?

During testing in staging we realised that pipeline -> Security Dashboard view doesn't sort according to severity and confidence. Unfortunately test that was written wasn't correct therefore we weren't able to catch this.

Screenshots

Before

After

Sorting for pipeline essentially done with following;

 occurrences.sort_by { |x| [x.severity, x.confidence] }

☝ severity and confidence are string values so sorting won't be correct. We should use their enum(integer) values in order to sort them correctly.

   CONFIDENCE_LEVELS = {
      undefined: 0,
      ignore: 1,
      unknown: 2,
      experimental: 3,
      low: 4,
      medium: 5,
      high: 6,
      confirmed: 7
    }
    SEVERITY_LEVELS = {
      undefined: 0,
      info: 1,
      unknown: 2,
      # experimental: 3, formerly used by confidence, no longer applicable
      low: 4,
      medium: 5,
      high: 6,
      critical: 7
    }

Does this MR meet the acceptance criteria?

Pipeline security dashboard sorting must be done according to enum values

Related issue #34114 (closed)

Conformity

Edited Oct 22, 2019 by Can Eldem

Sort vulnerabilities for pipeline dashboard