2024-02-05 - Quad Planning Issues for Sec
Hi @gl-quality/sec-qe
Please quad-plan the following issues:
groupcompliance
Group:- gitlab-org/gitlab#435713 (closed) Add instance-level variable changes to audit events (follow-up) devopsgovern, featureaddition, groupcompliance, missed:16.8, sectionsec, typefeature, workflowin dev %16.9
- gitlab-org/gitlab#435514 Follow-up from "Add pagination to compliance framework report" devopsgovern, featureaddition, frontend, groupcompliance, missed:16.8, sectionsec, typefeature, workflowready for development %16.9
- gitlab-org/gitlab#433491 (closed) Move i18n strings in SAML Auth for Approvals" to constants Category:Source Code Management, automation:ml, devopsgovern, groupcompliance, missed:16.8, sectionsec, typemaintenance, workflowready for development %16.10
-
gitlab-org/gitlab#433421 (closed) [Feature flag] Rollout of
compliance_standards_adherence_csv_export
devopsgovern, feature flag, groupcompliance, sectionsec, typemaintenance, workflowin dev %16.9 - gitlab-org/gitlab#432656 (closed) Add drawer with specific policy information devopsgovern, featureaddition, frontend, groupcompliance, missed:16.8, priority1, sectionsec, typefeature, workflowready for development %16.9
- gitlab-org/gitlab#432655 (closed) Add basic list (table+pagination) of security policies in create/edit compliance framework screen devopsgovern, featureaddition, frontend, groupcompliance, missed:16.8, priority1, sectionsec, typefeature, workflowready for development %16.9
- gitlab-org/gitlab#432431 (closed) Drop unique index from namespace_id field for audit_events_streaming_http_group_namespace_filters backend, database, devopsgovern, ~"goal::development", groupcompliance, missed:16.7, missed:16.8, priority3, sectionsec, typefeature, workflowin dev %16.9
- gitlab-org/gitlab#432430 Refactor test cases added for namespace filters for instance level audit streaming destinations Next Up, backend, devopsgovern, groupcompliance, priority3, sectionsec, typefeature, workflowready for development %17.0
- gitlab-org/gitlab#432429 Filter audit events by namespace filters added to instance level audit streaming destinations Next Up, backend, devopsgovern, groupcompliance, missed:16.7, missed:16.8, priority3, sectionsec, typefeature, workflowready for development %17.0
- gitlab-org/gitlab#432427 Add namespace filters to query api for instance level audit streaming destinations Next Up, backend, devopsgovern, ~"goal::complete", groupcompliance, missed:16.7, missed:16.8, priority3, sectionsec, typefeature, workflowready for development %17.0
- gitlab-org/gitlab#432426 Add delete api for namespace filters for instance level audit streaming destinations Next Up, backend, devopsgovern, groupcompliance, missed:16.7, missed:16.8, priority3, sectionsec, typefeature, workflowready for development %17.0
- gitlab-org/gitlab#432425 Add create api for namespace filters for instance level streaming destinations Next Up, backend, devopsgovern, ~"goal::complete", groupcompliance, priority3, sectionsec, typefeature, workflowready for development %16.10
-
gitlab-org/gitlab#431912 (closed) [Feature flag] Rollout of
audit_events_streaming_namespace_filter
automation:ml, devopsgovern, feature flag, groupcompliance, missed:16.7, missed:16.8, sectionsec, typefeature, workflowready for development %16.9 - gitlab-org/gitlab#431714 (closed) [Feature flag] Enable ff_require_saml_auth_to_approve automation:ml, automation:ml wrong, devopsgovern, feature flag, groupcompliance, missed:16.8, priority1, sectionsec, typemaintenance, workflowready for development %16.9
- gitlab-org/gitlab#429591 (closed) Split streaming submitButtonDisabled computed prop into multiple props devopsgovern, frontend, groupcompliance, missed:16.7, missed:16.8, priority4, sectionsec, typemaintenance, workflowready for development %16.9
- gitlab-org/gitlab#425424 Architecture design workflow for audit events migration to ClickHouse devopsgovern, frontend, groupcompliance, missed:16.5, missed:16.6, missed:16.7, missed:16.8, sectionsec, typemaintenance, workflowready for development %16.9
- gitlab-org/gitlab#425422 (closed) Default branch protection drop down devopsgovern, frontend, groupcompliance, missed:16.6, sectionsec, typefeature, workflowin dev %16.9
-
gitlab-org/gitlab#425242 (closed) [Feature Flag] Enable
compliance_framework_report_ui
devopsgovern, feature flag, ~"goal::complete", groupcompliance, missed:16.6, missed:16.7, sectionsec, typemaintenance, workflowready for development %16.9 - gitlab-org/gitlab#424447 (closed) [Feature flag] Rollout: Enable Compliance Violation CSV Export devopsgovern, feature flag, ~"goal::development", groupcompliance, missed:16.7, missed:16.8, priority1, sectionsec, typemaintenance, workflowready for development %16.9
- gitlab-org/gitlab#424179 (closed) Documentation for API changes for group/project filters backend, devopsgovern, documentation, ~"goal::complete", groupcompliance, missed:16.4, missed:16.5, missed:16.6, missed:16.7, missed:16.8, priority3, sectionsec, typefeature, workflowready for development %16.9
- gitlab-org/gitlab#423397 Replace constant with string literals in streaming audit events specs devopsgovern, frontend, groupcompliance, missed:16.7, missed:16.8, priority4, sectionsec, typefeature, workflowready for development %16.9
- gitlab-org/gitlab#422607 (closed) Load testing ClickHouse staging devopsgovern, ~"goal::complete", groupcompliance, missed:16.4, missed:16.5, missed:16.6, missed:16.8, sectionsec, typefeature, workflowin dev %16.9
- gitlab-org/gitlab#421634 Switch streaming specs to use findByText devopsgovern, frontend, groupcompliance, maintenancerefactor, missed:16.7, missed:16.8, sectionsec, typemaintenance, workflowready for development %16.9
- testcases#4135 (closed) E2E test for SAML SSO authentication for merge request password approval QA, Quality, devopsgovern, groupcompliance, priority1, sectionsec, test, typemaintenance, workflowin dev %16.9
- gitlab-org/gitlab#413735 (closed) Adherence Report Grouping results UX, devopsgovern, documentation, frontend, ~"goal::development", groupcompliance, missed:16.6, missed:16.7, missed:16.8, priority1, sectionsec, typefeature, workflowin dev %16.9
- gitlab-org/gitlab#412450 (closed) Follow up: Clean up redundant tests in audit worker automation:ml, automation:ml wrong, devopsgovern, ~"goal::complete", groupcompliance, missed:16.4, missed:16.6, priority3, sectionsec, typemaintenance, workflowready for development %17.0
-
gitlab-org/gitlab#408315 [default branch protection] remove and drop
default_branch_protection
column Next Up, backend, breaking change, devopsgovern, documentation, groupcompliance, maintenanceremoval, sectionsec, typemaintenance, workflowready for development %17.0 -
gitlab-org/gitlab#408314 (closed) [default branch protection] deprecate
default_branch_protection
Next Up, backend, devopsgovern, featureenhancement, ~"goal::complete", groupcompliance, missed:16.3, missed:16.4, missed:16.5, missed:16.6, missed:16.7, missed:16.8, sectionsec, typefeature, workflowready for development %16.9 -
gitlab-org/gitlab#408152 (closed) [default branch protection] Update
ProtectDefaultBranchService
to use new settings column Next Up, automation:ml, automation:ml wrong, backend, devopsgovern, ~"goal::complete", groupcompliance, missed:16.4, missed:16.6, missed:16.7, missed:16.8, priority2, sectionsec, typefeature, workflowin dev %16.9 -
gitlab-org/gitlab#404405 (closed) Data migration strategy for moving
audit_events
from PG to Clickhouse automation:ml, devopsgovern, ~"goal::planning", groupcompliance, maintenancerefactor, missed:16.4, missed:16.7, missed:16.8, sectionsec, typemaintenance, workflowin dev %16.9 - gitlab-org/gitlab#389467 (closed) Remove Required Pipeline Configuration Category:Continuous Integration, GitLab Ultimate, Technical Writing, breaking change, deprecation, devopsgovern, documentation, groupcompliance, sectionsec, typemaintenance, workflowready for development %17.0
- gitlab-org/gitlab#377758 (confidential) ~"(confidential)" %"(confidential)"
- gitlab-org/gitlab#377756 (confidential) ~"(confidential)" %"(confidential)"
- gitlab-org/gitlab#377633 (confidential) ~"(confidential)" %"(confidential)"
- gitlab-org/gitlab#377625 (confidential) ~"(confidential)" %"(confidential)"
- gitlab-org/gitlab#377621 (confidential) ~"(confidential)" %"(confidential)"
-
gitlab-org/gitlab#374110 (closed) Add event type information for audit events using AuditEventService in
CI Runner
Category:Audit Events, GitLab Ultimate, Hacktoberfest, Next Up, [deprecated] Accepting merge requests, backend, devopsgovern, documentation, ~"goal::complete", groupcompliance, missed:16.6, missed:16.7, missed:16.8, priority2, sectionsec, typefeature, workflowin dev %16.9 - gitlab-org/gitlab#8056 Add project avatar and description changes to audit events Category:Audit Events, Enterprise Edition, Manage [DEPRECATED], [deprecated] Accepting merge requests, audit_eventsworkflow_or_cosmetic_changes, backend, customer, devopsgovern, estimationneeded, featureenhancement, groupcompliance, missed:16.5, missed:16.6, missed:16.7, missed:16.8, priority4, sectionsec, typefeature, workflowin dev %16.9
groupcomposition analysis
Group:- gitlab-org/gitlab#439162 (closed) Remove License Scanning CI templates Category:Software Composition Analysis, breaking change, devopssecure, groupcomposition analysis, maintenanceremoval, sectionsec, typemaintenance, workflowready for development %17.0
- gitlab-org/gitlab#439114 (closed) Audit semver_dialects tests Category:Container Scanning, Category:Software Composition Analysis, backend, devopssecure, groupcomposition analysis, maintenancepipelines, sectionsec, typemaintenance, workflowready for development %16.10
- gitlab-org/gitlab#438860 (closed) Add expectations to semver_dialects based on discrepancies with vrange Category:Dependency Scanning [DEPRECATED], Category:Software Composition Analysis, GitLab Ultimate, SCA:Dependency Scanning, WorkingGroupContinuousScanning, backend, devopssecure, featureenhancement, groupcomposition analysis, sectionsec, typefeature, workflowin dev %16.9
- gitlab-org/gitlab#438226 (closed) Remove deprecated Dependency Scanning jobs Category:Software Composition Analysis, backend, breaking change, devopssecure, groupcomposition analysis, maintenanceremoval, sectionsec, typemaintenance, workflowready for development %17.0
- gitlab-org/gitlab#438123 (closed) Secure analyzers major version update for 17.0 Category:Container Scanning, Category:DAST, Category:Fuzz Testing, Category:SAST, Category:Secret Detection, Category:Software Composition Analysis, GitLab Free, GitLab Premium, GitLab Ultimate, backend, deprecation, devopssecure, groupcomposition analysis, maintenanceremoval, sectionsec, typemaintenance, workflowin dev %16.9
-
gitlab-org/gitlab#437162 (closed) [Feature flag] Enable
container_scanning_continuous_vulnerability_scans
Category:Container Scanning, Category:Software Composition Analysis, devopssecure, feature flag, featureconsolidation, groupcomposition analysis, sectionsec, typefeature, workflowready for development %16.9 - gitlab-org/gitlab#435432 (closed) [Feature flag] Cleanup security_auto_fix backend, devopssecure, feature flag, frontend, groupcomposition analysis, maintenanceremoval, sectionsec, typemaintenance, workflowready for development %16.9
- gitlab-org/gitlab#435105 (closed) Fix GitLab CycloneDX taxonomy documentation devopssecure, docs-only, documentation, featureenhancement, groupcomposition analysis, sectionsec, typefeature, workflowready for development %16.9
- gitlab-org/gitlab#434143 Spike: Replace Gemnasium with open source native CDX SBOM generators Category:Software Composition Analysis, SCA:Dependency Scanning, automation:ml, devopssecure, groupcomposition analysis, sectionsec, spike, typefeature, workflowready for development %16.11
- gitlab-org/gitlab#433543 (closed) Update cyclonedx 1.5 override Category:Container Scanning, backend, devopssecure, featureaddition, groupcomposition analysis, missed:16.7, missed:16.8, sectionsec, typefeature, workflowin dev %16.9
- gitlab-org/gitlab#433385 (closed) Expose vendor assessment of an advisory in Container Scanning results Category:Container Scanning, Enterprise Edition, GitLab Ultimate, backend, devopssecure, featureenhancement, groupcomposition analysis, internal customer, missed:16.8, sectionsec, typefeature, workflowready for development %16.9
- gitlab-org/gitlab#431752 (closed) Add yarn v4 support in Dependency Scanning CA PM Priority, automation:ml, automation:self-triage-encouraged, backend, devopssecure, featureenhancement, groupcomposition analysis, release post item, sectionsec, typefeature, workflowready for development %16.11
- gitlab-org/gitlab#429886 Read Package Metadata using the license-db load balancer instead of using GCP ruby storage library Category:Software Composition Analysis, Enterprise Edition, backend, devopssecure, featureaddition, groupcomposition analysis, missed:16.7, missed:16.8, sectionsec, typefeature, workflowready for development %16.9
- gitlab-org/gitlab#432273 Operational Container Scanning: allow maximum number of concurrent namespace scans to be configured Category:Container Scanning, customer, devopssecure, featureenhancement, groupcomposition analysis, sectionsec, typefeature, workflowready for development %16.11
- gitlab-org/gitlab#428486 (closed) Remove unused gitlab:dependency_scanning metadata properties Category:Software Composition Analysis, Enterprise Edition, GitLab Ultimate, SCA:Dependency Scanning, backend, breaking change, devopssecure, groupcomposition analysis, maintenanceremoval, sectionsec, typemaintenance, workflowready for development %17.0
- gitlab-org/gitlab#426817 (closed) Match Container Scanning SBOM components against new Operating System security advisories Category:Container Scanning, Category:Software Composition Analysis, Deliverable, Enterprise Edition, GitLab Ultimate, SCA:Dependency Scanning, WorkingGroupContinuousScanning, backend, devopssecure, discoto, featureenhancement, groupcomposition analysis, missed-deliverable, missed:16.6, missed:16.7, missed:16.8, sectionsec, typefeature, workflowin dev %16.9
- gitlab-org/gitlab#425753 (closed) [Feature flag] Cleanup of dependency_scanning_on_advisory_ingestion Category:Software Composition Analysis, GitLab Ultimate, SCA:Dependency Scanning, backend, devopssecure, feature flag, groupcomposition analysis, maintenanceremoval, sectionsec, typemaintenance, workflowready for development %16.9
- gitlab-org/gitlab#410635 Determine Java version when DS_JAVA_VERSION is not set Category:Software Composition Analysis, GitLab Ultimate, backend, devopssecure, documentation, featureenhancement, groupcomposition analysis, missed:16.7, missed:16.8, sectionsec, typefeature, workflowready for development %16.9
groupstatic analysis
Group:- gitlab-org/gitlab#439128 (closed) Pre-receive SD runbook updates Category:Secret Detection, Deliverable, devopssecure, documentation, groupstatic analysis, sectionsec, workflowin dev %16.9
- gitlab-org/gitlab#439055 (closed) Identify potential blockers for .com support backend, customer, devopssecure, groupstatic analysis, sectionsec, typeignore, workflowin dev %16.9
- gitlab-org/gitlab#439005 (closed) Embed Semgrep Community Rule javascript/exec/rule-child_process.yml Category:SAST, SASTRuleset, devopssecure, featureenhancement, groupstatic analysis, sectionsec, typefeature, workflowin dev %16.9
- gitlab-org/gitlab#438855 (closed) Embed Semgrep Community Rule python/django/security/injection/sql/sql-injection-rawsql Category:SAST, SASTRuleset, devopssecure, featureenhancement, groupstatic analysis, sectionsec, typefeature, workflowin dev %16.9
- gitlab-org/gitlab#435929 (closed) Enhance sast-rule csharp/xss/rule-Xss.yml Category:SAST, SASTRuleset, devopssecure, featureenhancement, groupstatic analysis, sectionsec, typefeature, workflowin dev %16.9
- gitlab-org/gitlab#435918 (closed) Enhance sast-rule javascript/xss/rule-xss_rule-mustache-escape.yml Category:SAST, SASTRuleset, devopssecure, featureenhancement, groupstatic analysis, sectionsec, typefeature, workflowin dev %16.9
- gitlab-org/gitlab#434268 (closed) Enhance sast-rule python/escaping/rule-use_of_mako_templates.yml Category:SAST, SASTRuleset, devopssecure, featureenhancement, groupstatic analysis, sectionsec, typefeature, workflowin dev %16.9
- gitlab-org/gitlab#433065 (closed) Enhance sast-rule java/xml/rule-XsltTransform.yml Category:SAST, SASTRuleset, automation:ml, automation:ml wrong, devopssecure, featureenhancement, groupstatic analysis, missed:16.8, sectionsec, typefeature, workflowin dev %16.9
- gitlab-org/gitlab#433064 (closed) Enhance sast-rule java/xml/rule-XmlDecoder.yml Category:SAST, SASTRuleset, automation:ml, automation:ml wrong, devopssecure, featureenhancement, groupstatic analysis, sectionsec, typefeature, workflowin dev %16.9
- gitlab-org/gitlab#433062 (closed) Enhance sast-rule java/templateinjection/rule-TemplateInjection.yml Category:SAST, SASTRuleset, automation:ml, automation:ml wrong, devopssecure, featureenhancement, groupstatic analysis, missed:16.8, sectionsec, typefeature, workflowin dev %16.9
- gitlab-org/gitlab#433055 (closed) Enhance sast-rule java/inject/rule-CustomInjection.yml Category:SAST, SASTRuleset, automation:ml, automation:ml wrong, devopssecure, featureenhancement, groupstatic analysis, sectionsec, typefeature, workflowin dev %16.9
- gitlab-org/gitlab#433054 (closed) Enhance sast-rule java/inject/rule-CLRFInjectionLogs.yml Category:SAST, SASTRuleset, automation:ml, automation:ml wrong, devopssecure, featureenhancement, groupstatic analysis, sectionsec, typefeature, workflowin dev %16.9
- gitlab-org/gitlab#433052 (closed) Enhance sast-rule java/file/rule-FilenameUtils.yml Category:SAST, SASTRuleset, automation:ml, automation:ml wrong, devopssecure, featureenhancement, groupstatic analysis, sectionsec, typefeature, workflowin dev %16.9
- gitlab-org/gitlab#433049 (closed) Enhance sast-rule java/crypto/rule-WeakTLSProtocol.yml Category:SAST, SASTRuleset, automation:ml, automation:ml wrong, devopssecure, featureenhancement, groupstatic analysis, sectionsec, typefeature, workflowin dev %16.9
- gitlab-org/gitlab#431766 (closed) Document Pre-receive SD MVC Category:Secret Detection, devopssecure, documentation, groupstatic analysis, missed:16.8, sectionsec, typeignore, workflowin dev %16.9
- gitlab-org/gitlab#427023 (closed) Complete production readiness for an experiment Category:Secret Detection, Deliverable, backend, devopssecure, featureaddition, groupstatic analysis, missed-deliverable, missed:16.8, sectionsec, typefeature, workflowin dev %16.9
- gitlab-org/gitlab#425357 (closed) Add IDE loading state when security scans are in progress Deliverable, UX, devopssecure, featureenhancement, frontend, groupstatic analysis, sectionsec, typefeature, workflowin dev %16.9
- https://gitlab.com/gitlab-org/gitlab/-/issues/420829 (confidential) ~"(confidential)" %"(confidential)"
- https://gitlab.com/gitlab-org/gitlab/-/issues/387832 (confidential) ~"(confidential)" %"(confidential)"
- gitlab-org/gitlab#364060 (closed) Migrate phpcs-security-audit coverage to Semgrep-based analyzer Category:SAST, [deprecated] Accepting merge requests, customer, devopssecure, featureconsolidation, groupstatic analysis, sectionsec, typefeature, workflowin dev %16.9
groupthreat insights
Group:- gitlab-org/gitlab#439691 (closed) Allow security reports to be read for pipelines blocked by manual jobs Category:Software Bill of Materials, Deliverable, Threat InsightsNavy, backend, devopsgovern, groupthreat insights, sectionsec, typefeature, workflowin dev %16.9
- gitlab-org/gitlab#438743 (closed) Export Dependency List from /explore/dependencies Category:Permissions, devopsgovern, featureenhancement, groupthreat insights, priority1, sectionsec, severity3, typefeature, workflowready for development %16.10
-
gitlab-org/gitlab#438260 (closed) Change
VERSIONS_TO_REMOVE_IN_17_0
constant toVERSIONS_TO_REMOVE_IN_18_0
Category:Vulnerability Management, backend, devopsgovern, groupthreat insights, sectionsec, typemaintenance, workflowready for development %17.0 -
gitlab-org/gitlab#437673 (closed) Adjust security report ingestion logic to set
traversal_ids
andarchived
columns for new records Category:Vulnerability Management, backend, devopsgovern, groupthreat insights, maintenanceperformance, sectionsec, typemaintenance, workflowready for development %16.9 -
gitlab-org/gitlab#437637 (closed) Adjust SBOM ingestion logic to set
traversal_ids
andarchived
columns for new records Category:Dependency Management, backend, devopsgovern, groupthreat insights, maintenanceperformance, sectionsec, typemaintenance, workflowready for development %16.9 -
gitlab-org/gitlab#437636 (closed) Implement logic to reset
traversal_ids
andarchived
columns of thesbom_occurrences
table Category:Dependency Management, backend, devopsgovern, groupthreat insights, maintenanceperformance, sectionsec, typemaintenance, workflowin dev %16.9 -
gitlab-org/gitlab#437635 (closed) Add
traversal_ids
andarchived
columns to thesbom_occurrences
table Category:Dependency Management, backend, database, devopsgovern, groupthreat insights, maintenanceperformance, sectionsec, typemaintenance, workflowin dev %16.9 - gitlab-org/gitlab#437129 (closed) Make finding_id NOT NULL database, devopsgovern, groupthreat insights, maintenancerefactor, sectionsec, typemaintenance, workflowin dev %16.9
- gitlab-org/gitlab#433364 (closed) [Frontend] Add Severity filter to the filtered search component Deliverable, Threat InsightsNavy, devopsgovern, featureaddition, frontend, groupthreat insights, sectionsec, typefeature, workflowready for development %16.9
- gitlab-org/gitlab#433363 (closed) [Frontend] Add Status filter to the filtered search component Deliverable, Threat InsightsNavy, devopsgovern, featureaddition, frontend, groupthreat insights, sectionsec, typefeature, workflowin dev %16.9
- gitlab-org/gitlab#432998 Follow-up from "Add dismissal descriptions to vulnerability report pages" Threat InsightsNavy, backend, devopsgovern, groupthreat insights, ready to pull, sectionsec, typemaintenance, workflowready for development %16.9
- gitlab-org/gitlab#432776 (closed) Add error message if no code supplied for resolve vulnerability Deliverable, Threat InsightsNavy, backend, devopsgovern, featureaddition, groupthreat insights, ready to pull, sectionsec, typefeature, workflowready for development %16.9
- gitlab-org/gitlab#429534 (closed) Add remediation badge to vulnerability report page Deliverable, Technical Writing, Threat InsightsNavy, UI text, devopsgovern, featureaddition, frontend, groupthreat insights, sectionsec, twfinished, typefeature, workflowin dev %16.9
- gitlab-org/gitlab#429352 (closed) Spike: Add "Tool with Scanner" for Group Vulnerability Deliverable, Threat InsightsNavy, backend, devopsgovern, featureenhancement, frontend, groupthreat insights, missed-deliverable, missed:16.6, missed:16.7, missed:16.8, sectionsec, typefeature, workflowin dev %16.9
- gitlab-org/gitlab#426662 Create index on security_findings for LATERAL finder query automation:ml, devopsgovern, groupthreat insights, maintenanceperformance, missed:16.5, missed:16.6, missed:16.7, missed:16.8, sectionsec, typemaintenance, workflowin dev %16.9
-
gitlab-org/gitlab#424727 (closed) [Feature flag] Enable
group_level_dependencies_filtering
Deliverable, Threat InsightsTangerine, automation:ml, devopsgovern, feature flag, featureaddition, groupthreat insights, missed-deliverable, missed:16.6, missed:16.7, sectionsec, typefeature, workflowready for development %16.9 -
gitlab-org/gitlab#417536
extractSecurityReportArtifacts
is not tested insecurity_reports/utils.js
Category:Vulnerability Management, Threat InsightsNavy, automation:ml, devopsgovern, frontend, groupthreat insights, maintenancetest-gap, missed:16.2, missed:16.3, missed:16.4, missed:16.5, missed:16.6, missed:16.7, missed:16.8, sectionsec, typemaintenance, workflowready for development %16.9 -
gitlab-org/gitlab#416424 (closed) Remove the usage of the
confidence
attribute for findings backend, devopsgovern, groupthreat insights, maintenanceremoval, sectionsec, typemaintenance, workflowready for development %17.0 -
gitlab-org/gitlab#409963 (closed) Run migration to set
finding_data
for security_findings Category:Vulnerability Management, backend, database, devopsgovern, groupthreat insights, missed:16.0, missed:16.1, missed:16.2, missed:16.3, missed:16.4, missed:16.5, missed:16.6, missed:16.7, missed:16.8, sectionsec, typemaintenance, workflowin dev %16.9 - gitlab-org/gitlab#406653 (closed) Remove temporary index created in gitlab-org/gitlab#405032 (closed) Category:Vulnerability Management, Community contribution, backend, devopsgovern, groupthreat insights, sectionsec, typemaintenance, workflowready for development %16.8
- gitlab-org/gitlab#395015 Feature specs for Vulnerability state transitions Category:Vulnerability Management, backend, devopsgovern, groupthreat insights, maintenancetest-gap, missed:16.2, missed:16.3, missed:16.4, missed:16.5, missed:16.6, missed:16.7, missed:16.8, sectionsec, typemaintenance, workflowin dev %16.9
- gitlab-org/gitlab#383507 (closed) Install gitlab-security_report_schemas gem Threat InsightsTangerine, backend, devopsgovern, groupthreat insights, maintenanceworkflow, missed:16.5, missed:16.6, missed:16.7, missed:16.8, sectionsec, typemaintenance, workflowready for development %16.9
- gitlab-org/gitlab#381302 Update Security::FindingsFinder to use keyset pagination and filter by partition number Threat InsightsTangerine, backend, devopsgovern, groupthreat insights, maintenanceperformance, missed:16.6, missed:16.7, missed:16.8, sectionsec, typemaintenance, workflowready for development %16.9
-
gitlab-org/gitlab#360480 (closed) Add
sort
parameter tosecurityReportFindings
GraphQL query Deliverable, backend, devopsgovern, groupthreat insights, maintenancerefactor, sectionsec, typemaintenance, workflowready for development %16.9
Job URL: https://gitlab.com/gitlab-org/quality/triage-ops/-/jobs/6093041965
This report was generated from this policy