Change message to title in sarif.go
What does this MR do?
In the Updates to the 15-x-x schema with %16.0 deprecations, we did not update our SARIF conversion logic to output the title
field in place of message
. This is resulting in vulnerability titles like <code data-sourcepos="3:263-3:293">CWE-89 in SQLiteRoleProvider.cs</code> instead of the more descriptive message
field "Sensitive cookie without 'HttpOnly' flag"
This MR updates sarif.go
to output Message
as Title
What are the relevant issue numbers?
gitlab-org/gitlab#414742 (closed)
Does this MR meet the acceptance criteria?
-
Changelog entry added -
Documentation created/updated for GitLab EE, if necessary -
Documentation created/updated for this project, if necessary -
Documentation reviewed by technical writer or follow-up review issue created -
Tests added for this feature/bug -
Job definition updated, if necessary -
Ensure the report version matches the equivalent schema version -
Conforms to the code review guidelines -
Conforms to the Go guidelines -
Security reports checked/validated by reviewer
Edited by Serena Fang