Draft: Remove ee/spec/models/security/finding_spec.rb from cross-join allowlist (!71714) · Merge requests · GitLab.org / GitLab

Dylan Griffith requested to merge remove-security-finding-spec-cross-joins into master Oct 05, 2021

What does this MR do and why?

This fixes a simple cross-join in has_one :build as well as allowlisting directly the callsite of a known cross-join issue. This allows us to remove a whole test file from an allowlist as it no longer contains offences.

I only found 1 usage (outside of the test) which was https://gitlab.com/gitlab-org/gitlab/-/blob/532e3e3e9a0042c7a5a27add11c4257b5fad8806/ee/app/finders/security/findings_finder.rb#L77 . I didn't check if there were preloads but the only reliable way to do that is to run the whole pipeline anyway so a green pipeline should indicate this was never being used for preloading as it won't work with preloads anymore.

Screenshots or screen recordings

These are strongly recommended to assist reviewers and reduce the time to merge your change.

How to set up and validate locally

Numbered steps to set up and validate the change are strongly suggested.

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

I have evaluated the MR acceptance checklist for this MR.

Closes #342380 (closed)

Edited Oct 05, 2021 by Dylan Griffith

Draft: Remove ee/spec/models/security/finding_spec.rb from cross-join allowlist

What does this MR do and why?

Screenshots or screen recordings

How to set up and validate locally

MR acceptance checklist

Merge request reports