You need to sign in or sign up before continuing.
Generate vulnerability ID
What does this MR do?
Customize JSON marshaling in order to add an id field to vulnerabilities. The id is the SHA-256 hash of a string that combines all the fields of the Issue struct, and that excludes id since it's not a struct field. Ideally the id should be a randomly generated UUID but right now it has to be predictable because of the current implementation of klar and gemnasium - see dedicated discussion.
- Bump minor of format version
- Add new
Issue.ID()function - Add new
idfield to JSON vulnerabilities, dynamically set toIssue.ID() - Add
Ref.ID, to be serialized asid - Provide helper function
NewRefto easily create references - Say about
CompareKeybeing deprecated, in the code comments
What are the relevant issue numbers?
gitlab-org/gitlab#36777 (closed)
Does this MR meet the acceptance criteria?
-
Changelog entry added - [-] Documentation created/updated for GitLab EE, if necessary
- [-] Documentation created/updated for this project, if necessary
- [-] Documentation reviewed by technical writer or follow-up review issue created
-
Tests added for this feature/bug; See integration tests - [-] Job definition updated, if necessary
-
Conforms to the code review guidelines -
Conforms to the Go guidelines -
Security reports checked/validated by reviewer
Edited by 🤖 GitLab Bot 🤖