Bump report to v4.1.3
What does this MR do?
In the Updates to the 15-x-x schema with %16.0 deprecations, we did not update our SARIF conversion logic to output the title
field in place of message
. This is resulting in vulnerability titles like <code data-sourcepos="4:263-4:293">CWE-89 in SQLiteRoleProvider.cs</code> instead of the more descriptive message
field "Sensitive cookie without 'HttpOnly' flag"
In report!69 (merged) we update sarif.go
to output Message
as Title
. This MR bumps report to v4.1.3.
What are the relevant issue numbers?
gitlab-org/gitlab#414742 (closed)
Does this MR meet the acceptance criteria?
-
Changelog entry added -
Documentation created/updated for GitLab EE, if necessary -
Documentation created/updated for this project, if necessary -
Documentation reviewed by technical writer or follow-up review issue created -
Tests updated/added for this feature/bug -
Job definition updated, if necessary -
Conforms to the code review guidelines -
Conforms to the Go guidelines -
Security reports checked/validated by reviewer
Edited by Lucas Charles