Update file check_manifest_coherence_service.rb

Ronak Patelrequested to merge
gitlab-community/gitlab-org/gitlab:fix/json-safe-parse-check-manifest-coherence-service into master

What does this MR do and why?

References

Replaces Gitlab::Json.parse with Gitlab::Json.safe_parse in app/services/packages/npm/check_manifest_coherence_service.rb to fix a Gitlab/JsonSafeParse RuboCop violation.

safe_parse adds built-in protections against excessively large JSON payloads and deeply nested JSON structures, improving the security and resilience of the npm manifest coherence check service.

References

Screenshots or screen recordings

Not applicable — no UI changes.

How to set up and validate locally

  1. Find the changed file: app/services/packages/npm/check_manifest_coherence_service.rb
  2. Confirm Gitlab::Json.parse has been replaced with Gitlab::Json.safe_parse
  3. Run the existing tests for this service: bundle exec rspec spec/services/packages/npm/check_manifest_coherence_service_spec.rb
  4. Verify all tests pass with no regressions

MR acceptance checklist

Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Merge request reports