Fix "Vulnerability report errors out when users select `Show 100 items` and switch tabs"
What does this MR do and why?
This fixes a bug where the VulnerabilityList
component would trigger an unnecessary GraphQL query when the user had selected a custom page size. In addition to hitting the API unnecessarily, the addition query could sometimes cause the backend to throw an error about the maximum query complexity being exceeded. That's likely because both queries were bundled in a single transaction thanks to VueApollo's magic.
The root cause of this is that the VulnerabilityList
defines its own default page size (DEFAULT_PAGE_SIZE = 20
) when it mounts, but then relies on the LocalStorageSync
triggering an event to restore the user-selected size from the local storage. This MR fixes this by ensuring the local storage value is retrieved before VulnerabilityList
even renders anything so that we don't have to wait on LocalStorageSync
's event.
Screenshots or screen recordings
Before | After |
---|---|
![]() |
![]() |
How to set up and validate locally
- Navigate to a project's
Security & Compliance > Vulnerability Report
page. - At the bottom of the page, select any value other than
20
in the page size dropdown. - At the top of the page, activate the
Operational vulnerabilities
tab. - In the
Network
development tab, inspect the latestgraphql
transaction.- Before those changes, you should see two queries in the same transaction.
- After those changes, there should be only one query, with the
first
parameter corresponding to the page size you previously selected.
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Related to #366951 (closed)
Merge request reports
Activity
changed milestone to %15.2
assigned to @pgascouvaillancourt
Suggested Reviewers (beta)
The individuals below may be good candidates to participate in the review based on various factors.
You can use slash commands in comments to quickly assign
/assign_reviewer @user1
.Suggested Reviewers @ntepluhina
,@peterhegman
,@sming-gitlab
,@dpisek
,@svedova
If you do not believe these suggestions are useful, please apply the label Bad Suggested Reviewer. You can also provide feedback for this feature on this issue:
https://gitlab.com/gitlab-org/gitlab/-/issues/357923
.Automatically generated by Suggested Reviewers Bot - an experimental ML-based recommendation engine created by ~"group::applied ml".
Reviewer roulette
Changes that require review have been detected!
Please refer to the table below for assigning reviewers and maintainers suggested by Danger in the specified category:
Category Reviewer Maintainer frontend Payton Burdette ( @pburdette
) (UTC-4, same timezone as@pgascouvaillancourt
)David O'Regan ( @oregand
) (UTC+1, 5 hours ahead of@pgascouvaillancourt
)To spread load more evenly across eligible reviewers, Danger has picked a candidate for each review slot, based on their timezone. Feel free to override these selections if you think someone else would be better-suited or use the GitLab Review Workload Dashboard to find other available reviewers.
To read more on how to use the reviewer roulette, please take a look at the Engineering workflow and code review guidelines. Please consider assigning a reviewer or maintainer who is a domain expert in the area of the merge request.
Once you've decided who will review this merge request, assign them as a reviewer! Danger does not automatically notify them for you.
If needed, you can retry the
danger-review
job that generated this comment.Generated by
DangerBundle size analysis [beta]
This compares changes in bundle size for entry points between the commits d75ed311 and 90ab0a39
Special assetsEntrypoint / Name Size before Size after Diff Diff in percent mainChunk 1.98 MB 1.96 MB -11.94 KB -0.6 % average 3.54 MB 3.53 MB -9.4 KB -0.3 % Significant Growth: 17Expand
Entrypoint / Name Size before Size after Diff Diff in percent pages.projects.work_items 974.25 KB 1.35 MB +403.54 KB 41.4 % pages.projects.merge_requests.show 5.39 MB 5.52 MB +139.25 KB 2.5 % pages.projects.releases.edit 1.56 MB 1.61 MB +55.16 KB 3.5 % pages.projects.releases.new 1.56 MB 1.61 MB +55.16 KB 3.5 % pages.admin.audit_logs 1.22 MB 1.25 MB +31.43 KB 2.5 % pages.groups.audit_events 1.22 MB 1.25 MB +29.59 KB 2.4 % pages.projects.audit_events 1.39 MB 1.42 MB +29.59 KB 2.1 % pages.operations.environments 339.03 KB 351.27 KB +12.24 KB 3.6 % pages.operations.index 467.45 KB 479.69 KB +12.24 KB 2.6 % pages.admin 18.64 KB 20.48 KB +1.84 KB 9.9 % The table above is limited to 10 entries. Please look at the full report for more details
New entry points: 2Expand
Entrypoint / Name Size before Size after Diff Diff in percent pages.groups.runners.index 0 Bytes 1.39 MB +1.39 MB 100.0 % pages.groups.runners.show 0 Bytes 1013.91 KB +1013.91 KB 100.0 %
Your MR has at least one entrypoint growing significantly (more > 1 KB or 2%). If you write new or extend existing features, this is expected and there is nothing to worry about.
Please consider pinging someone from the FE Foundations (
@dmishunov
,@justin_ho
,@mikegreiling
or@nmezzopera
) for review, if you are unsure about the size increase.Note: We do not have exact data for d75ed311. So we have used data from: 7af59d4f.
The target commit was too new, so we used the latest commit from master we have info on.
It might help to rerun thebundle-size-review
job
This might mean that you have a few false positives in this report. If something unrelated to your code changes is reported, you can check this comparison in order to see if they caused this change.Please look at the full report for more details
Read more about how this report works.
Generated by
Danger- Resolved by Savas Vedova
@dpisek could you review this please?
requested review from @dpisek
Allure report
allure-report-publisher
generated test report!review-qa-blocking:
test report for 90ab0a39expand test summary
+---------------------------------------------------------------------------+ | suites summary | +----------------------+--------+--------+---------+-------+-------+--------+ | | passed | failed | skipped | flaky | total | result | +----------------------+--------+--------+---------+-------+-------+--------+ | Create | 23 | 0 | 2 | 23 | 25 | ❗ | | Verify | 12 | 0 | 1 | 12 | 13 | ❗ | | Manage | 37 | 0 | 2 | 39 | 39 | ❗ | | Plan | 47 | 0 | 1 | 47 | 48 | ❗ | | Secure | 2 | 0 | 0 | 2 | 2 | ❗ | | Package | 0 | 0 | 1 | 0 | 1 | ➖ | | Protect | 2 | 0 | 0 | 2 | 2 | ❗ | | Version sanity check | 0 | 0 | 1 | 0 | 1 | ➖ | | Configure | 0 | 0 | 1 | 0 | 1 | ➖ | +----------------------+--------+--------+---------+-------+-------+--------+ | Total | 123 | 0 | 9 | 125 | 132 | ❗ | +----------------------+--------+--------+---------+-------+-------+--------+
added 1 commit
- ffcfdaf7 - Retrieve pageSize from local storage as soon as possible
- Resolved by Paul Gascou-Vaillancourt
- Resolved by Paul Gascou-Vaillancourt
removed review request for @dpisek
@dpisek
, thanks for approving this merge request.This is the first time the merge request is approved. To ensure full test coverage, a new pipeline has been started.
For more info, please refer to the following links:
added 114 commits
-
ffcfdaf7...d75ed311 - 111 commits from branch
master
- d8884a87 - Add a test for when page size is retrieved from local storage
- 60c3b7da - Retrieve pageSize from local storage as soon as possible
- 7650f89a - fixup! Add a test for when page size is retrieved from local storage
Toggle commit list-
ffcfdaf7...d75ed311 - 111 commits from branch
marked this merge request as draft from 7650f89a
requested review from @svedova
mentioned in commit 9cd65b77
mentioned in issue #366951 (closed)
added workflowstaging-canary label and removed workflowready for development label
added workflowcanary label and removed workflowstaging-canary label
added workflowstaging label and removed workflowcanary label
added workflowproduction label and removed workflowstaging label
added workflowstaging label and removed workflowproduction label
added workflowpost-deploy-db-staging label and removed workflowstaging label
added workflowpost-deploy-db-production label and removed workflowpost-deploy-db-staging label
added releasedcandidate label
added releasedpublished label and removed releasedcandidate label
mentioned in merge request kubitus-project/kubitus-installer!1252 (merged)