Skip to content

Add download patch functionality for vulnerability

What does this MR do?

Add download patch functionality for vulnerability

  • add ability to download the patch in the split button
  • add tests

Screenshots

Before

Like the after pictures, but without the download patch button

After

Split button now has download patch button available

image

On click

image

To Test

Steps

  1. Have GDK and the Runner installed and properly configured
  2. Locally clone this project from staging
  3. Run the pipeline on the curable branch
  4. Go to the security dashboard and view the Authentication bypass via incorrect DOM traversal and canonicalization in saml2-js vulnerability
  • EXPECTED: Download Patch is available in the split button and is clickable

Does this MR meet the acceptance criteria?

Conformity

Availability and Testing

Security

If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:

  • Label as security and @ mention @gitlab-com/gl-security/appsec
  • The MR includes necessary changes to maintain consistency between UI, API, email, or other methods
  • Security reports checked/validated by a reviewer from the AppSec team

Related to #216651 (closed)

Edited by Alexander Turinske

Merge request reports