Resolve no longer found vulnerabilities
What does this MR do?
When a vulnerability is no longer detected in the default branch, it should be marked as resolved. If the resolved vulnerability has an issue linked to it, the issue should also be closed. This MR adds this functionality to the security-triage-automation script:
-
--resolve-and-close
/-x
finds vulnerabilities that are no longer detected in the default branch and marks them as 'Resolved'. If the resolved vulnerability has a linked issue, close the issue.
Testing
Follow the script setup instructions, then pick a test vulnerability that is resolved in master that has a linked issue. I used this one: https://gitlab.com/serenafang/secrets/-/security/vulnerabilities/84158306
./main.rb -p serenafang/secrets -i serenafang/secrets vulnerability=84158306 --resolve-and-close
What are the relevant issue numbers?
Edited by Serena Fang