Rename `security` approval_rule report_type to `vulnerability`.
Summary
The ApprovalMergeRequestRule
has an enum named report_type
with an item named security
. I propose that we rename this item to vulnerability
. At the moment, the security
report type is used to describe the Vulnerability-Check
merge request approval rule. The name security
is a little ambiguous and could be made more explicit by renaming to something like vulnerability
.
Improvements
The main benefit of this change is readability. It ensures that future authors of the report approval rules understand that the security
report type represents the vulnerability report produced from dependency scanning.
Risks
In order to complete this change we will need to rename security
to vulnerability
in code. The database column uses fixed numeric identifiers so a data migration is not necessary.
Involved components
- https://gitlab.com/gitlab-org/gitlab-ee/blob/4f6c4758c0e2c1075a295336bdfea0d43b12b488/ee/app/models/approval_merge_request_rule.rb#L50
- https://gitlab.com/gitlab-org/gitlab-ee/blob/4f6c4758c0e2c1075a295336bdfea0d43b12b488/ee/app/models/approval_merge_request_rule.rb#L56
- https://gitlab.com/gitlab-org/gitlab-ee/blob/4f6c4758c0e2c1075a295336bdfea0d43b12b488/ee/spec/factories/approval_rules.rb#L19
- https://gitlab.com/gitlab-org/gitlab-ee/tree/master/ee/app/services/security
Optional: Intended side effects
Improved readability.
Optional: Missing test coverage
N/A
Technical Notes
The enum and security_report
scope is introduced in a5649ee0 which can be checked to understand the scope of changes required.