Generate vulnerability ID
What does this MR do?
Customize JSON marshaling in order to add an id field to vulnerabilities. The id is the SHA-256 hash of a string that combines all the fields of the Issue struct, and that excludes id since it's not a struct field. Ideally the id should be a randomly generated UUID but right now it has to be predictable because of the current implementation of klar and gemnasium - see dedicated discussion.
- Bump minor of format version
- Add new
Issue.ID()function - Add new
idfield to JSON vulnerabilities, dynamically set toIssue.ID() - Add
Ref.ID, to be serialized asid - Provide helper function
NewRefto easily create references - Say about
CompareKeybeing deprecated, in the code comments
What are the relevant issue numbers?
gitlab-org/gitlab#36777 (closed)
Does this MR meet the acceptance criteria?
-
Changelog entry added - [-] Documentation created/updated for GitLab EE, if necessary
- [-] Documentation created/updated for this project, if necessary
- [-] Documentation reviewed by technical writer or follow-up review issue created
-
Tests added for this feature/bug; See integration tests - [-] Job definition updated, if necessary
-
Conforms to the code review guidelines -
Conforms to the Go guidelines -
Security reports checked/validated by reviewer
Edited by 🤖 GitLab Bot 🤖