Add 'location.file' to new vulnerability details component
What does this MR do and why?
Adds the finding's file location to the new, GraphQL-only details component. The file is rendered within a separate section "Location", which is also added.
Screenshots or screen recordings
How to set up and validate locally
Numbered steps to set up and validate the change are strongly suggested.
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Related to #371722 (closed)
Merge request reports
Activity
changed milestone to %15.4
Suggested Reviewers (beta)
The individuals below may be good candidates to participate in the review based on various factors.
You can use slash commands in comments to quickly assign
/assign_reviewer @user1.Suggested Reviewers @dbalexandre,@mayra-cabrera,@marin,@dzaporozhets,@tkuahIf you do not believe these suggestions are useful, please apply the label Bad Suggested Reviewer. You can also provide feedback for this feature on this issue:
https://gitlab.com/gitlab-org/gitlab/-/issues/357923.Automatically generated by Suggested Reviewers Bot - an experimental ML-based recommendation engine created by ~"group::applied ml".
Edited by GitLab Reviewer-Recommender Bot2 Warnings 
featureaddition and featureenhancement merge requests normally have a documentation change. Consider adding a documentation update or confirming the documentation plan with the Technical Writer counterpart.
For more information, see:
- The Handbook page on merge request types.
- The definition of done documentation.
This merge request changed files with disabled eslint rules. Please consider fixing them. 1 Message 
CHANGELOG missing: If you want to create a changelog entry for GitLab FOSS, add the
Changelogtrailer to the commit message you want to add to the changelog.If you want to create a changelog entry for GitLab EE, also add the
EE: truetrailer to your commit message.If this merge request doesn't need a CHANGELOG entry, feel free to ignore this message.
Disabled eslint rules
The following files have disabled
eslintrules. Please consider fixing them:ee/app/assets/javascripts/security_dashboard/components/shared/vulnerability_details_graphql/index.stories.js
Run the following command for more details
node_modules/.bin/eslint --report-unused-disable-directives --no-inline-config \ 'ee/app/assets/javascripts/security_dashboard/components/shared/vulnerability_details_graphql/index.stories.js'Reviewer roulette
Changes that require review have been detected!
Please refer to the table below for assigning reviewers and maintainers suggested by Danger in the specified category:
Category Reviewer Maintainer frontend Tomas Vik ( @viktomas) (UTC+2, same timezone as@dpisek)Jose Ivan Vargas ( @jivanvl) (UTC-5, 7 hours behind@dpisek)To spread load more evenly across eligible reviewers, Danger has picked a candidate for each review slot, based on their timezone. Feel free to override these selections if you think someone else would be better-suited or use the GitLab Review Workload Dashboard to find other available reviewers.
To read more on how to use the reviewer roulette, please take a look at the Engineering workflow and code review guidelines. Please consider assigning a reviewer or maintainer who is a domain expert in the area of the merge request.
Once you've decided who will review this merge request, assign them as a reviewer! Danger does not automatically notify them for you.
If needed, you can retry the
danger-reviewjob that generated this comment.Generated by
Bundle size analysis [beta]
This compares changes in bundle size for entry points between the commits 4242c4c8 and 4d9c9ece
Entrypoint / Name Size before Size after Diff Diff in percent average 3.54 MB 3.54 MB - 0.0 % mainChunk 1.92 MB 1.92 MB - 0.0 %
Please look at the full report for more details
Read more about how this report works.
Generated by
Allure report
allure-report-publishergenerated test report!e2e-review-qa-blocking:
expand test summary
+-----------------------------------------------------------------------------------------+ | suites summary | +------------------------------------+--------+--------+---------+-------+-------+--------+ | | passed | failed | skipped | flaky | total | result | +------------------------------------+--------+--------+---------+-------+-------+--------+ | Create | 27 | 0 | 2 | 25 | 29 | ❗ | | Plan | 47 | 0 | 1 | 46 | 48 | ❗ | | Manage | 52 | 0 | 8 | 56 | 60 | ❗ | | Verify | 12 | 0 | 1 | 10 | 13 | ❗ | | Secure | 2 | 0 | 0 | 2 | 2 | ❗ | | Configure | 0 | 0 | 1 | 0 | 1 | ➖ | | Package | 0 | 0 | 1 | 0 | 1 | ➖ | | Version sanity check | 0 | 0 | 1 | 0 | 1 | ➖ | | Protect | 2 | 0 | 0 | 2 | 2 | ❗ | | Feature flag handler sanity checks | 9 | 0 | 0 | 0 | 9 | ✅ | +------------------------------------+--------+--------+---------+-------+-------+--------+ | Total | 151 | 0 | 15 | 141 | 166 | ❗ | +------------------------------------+--------+--------+---------+-------+-------+--------+e2e-review-qa:
expand test summary
+-----------------------------------------------------------------------------------------+ | suites summary | +------------------------------------+--------+--------+---------+-------+-------+--------+ | | passed | failed | skipped | flaky | total | result | +------------------------------------+--------+--------+---------+-------+-------+--------+ | Plan | 47 | 0 | 1 | 0 | 48 | ✅ | | Manage | 52 | 0 | 8 | 10 | 60 | ❗ | | Verify | 12 | 0 | 1 | 0 | 13 | ✅ | | Create | 28 | 0 | 1 | 1 | 29 | ❗ | | Protect | 2 | 0 | 0 | 0 | 2 | ✅ | | Configure | 0 | 0 | 1 | 0 | 1 | ➖ | | Secure | 2 | 0 | 0 | 0 | 2 | ✅ | | Feature flag handler sanity checks | 9 | 0 | 0 | 0 | 9 | ✅ | | Version sanity check | 0 | 0 | 1 | 0 | 1 | ➖ | | Package | 0 | 0 | 1 | 0 | 1 | ➖ | +------------------------------------+--------+--------+---------+-------+-------+--------+ | Total | 152 | 0 | 14 | 11 | 166 | ❗ | +------------------------------------+--------+--------+---------+-------+-------+--------+added 67 commits
-
3a50b721...f282600a - 63 commits from branch
master - e912055c - WIP
- cee09bfb - WIP: add link to file
- be7e25d5 - WIP: add types
- df31e5fc - WIP: update translation files
Toggle commit list-
3a50b721...f282600a - 63 commits from branch
added 170 commits
-
df31e5fc...9ab89980 - 166 commits from branch
master - 1913dfcc - WIP
- fa2bfbbe - WIP: add link to file
- 0be245f4 - WIP: add types
- 5a41ea77 - WIP: update translation files
Toggle commit list-
df31e5fc...9ab89980 - 166 commits from branch
added 65 commits
-
5a41ea77...66f7ce74 - 61 commits from branch
master - bfea2456 - WIP
- a25c75a5 - WIP: add link to file
- fb378fa8 - WIP: add types
- d093bb93 - WIP: update translation files
Toggle commit list-
5a41ea77...66f7ce74 - 61 commits from branch
assigned to @dpisek
added 54 commits
-
d093bb93...27cafc62 - 53 commits from branch
master - 688ef1a4 - Add location-file field to vuln details GraphQL
-
d093bb93...27cafc62 - 53 commits from branch
added 186 commits
-
688ef1a4...6f5582fb - 184 commits from branch
master - bc9dc446 - Add location-file field to vuln details GraphQL
- f6dd16ea - Add specs for location section
-
688ef1a4...6f5582fb - 184 commits from branch
added 29 commits
-
f6dd16ea...60e57e32 - 27 commits from branch
master - 0fe3d791 - Add location-file field to vuln details GraphQL
- c516bf9c - Add specs for location section
-
f6dd16ea...60e57e32 - 27 commits from branch
80 108 </details-section-list-item> 81 109 </template> 82 110 </details-section> 111 112 <details-section v-if="location" :heading="$options.i18n.locationHeading"> 113 <template #list> 114 <details-section-list-item v-if="location.file" :label="$options.i18n.locationFileLabel"> changed this line in version 11 of the diff
27 27 name: 'GitLab.com', 28 28 webUrl: 'http://gitlab.com', 29 29 }, 30 location: { 31 // @TODO: confirm data changed this line in version 12 of the diff
requested review from @sming-gitlab
- Resolved by Savas Vedova
@sming-gitlab - Could you please do the initial review on this one?
- Last reply by Savas Vedova
added 139 commits
-
f4eecaf0...0d674f44 - 136 commits from branch
master - 2019a72b - Add location-file field to vuln details GraphQL
- c50b5e3a - Add specs for location section
- c9655228 - Add specs for link to file
Toggle commit list-
f4eecaf0...0d674f44 - 136 commits from branch
removed review request for @sming-gitlab
@sming-gitlab, thanks for approving this merge request.This is the first time the merge request is approved. To ensure full test coverage, a new pipeline has been started.
For more info, please refer to the following links:
added 68 commits
-
c9655228...db115bc4 - 65 commits from branch
master - a37a22e0 - Add location-file field to vuln details GraphQL
- bd5e7537 - Add specs for location section
- a8b5f931 - Add specs for link to file
Toggle commit list-
c9655228...db115bc4 - 65 commits from branch
added 121 commits
-
a8b5f931...6d37b4da - 118 commits from branch
master - 44267479 - Add location-file field to vuln details GraphQL
- ebc44596 - Add specs for location section
- 84e7dae6 - Add specs for link to file
Toggle commit list-
a8b5f931...6d37b4da - 118 commits from branch
changed milestone to %15.5
added missed:15.4 label
added 40 commits
-
84e7dae6...e805460a - 37 commits from branch
master - d4fca119 - Add location-file field to vuln details GraphQL
- 3604a1b2 - Add specs for location section
- 97b6bf2f - Add specs for link to file
Toggle commit list-
84e7dae6...e805460a - 37 commits from branch
added 1 commit
- 4d9c9ece - Feedback: Add specs to cover line range link
requested review from @svedova
mentioned in commit f8852d6b
added workflowstaging-canary label and removed workflowin dev label
added workflowcanary label and removed workflowstaging-canary label
added workflowstaging label and removed workflowcanary label
added workflowproduction label and removed workflowstaging label
added workflowpost-deploy-db-staging label and removed workflowproduction label
mentioned in issue gitlab-com/www-gitlab-com#13669 (closed)
added releasedcandidate label
added releasedpublished label and removed releasedcandidate label
