Skip to content
代码片段 群组 项目
未验证 提交 fa7e04d8 编辑于 作者: Piotr Skorupa's avatar Piotr Skorupa 提交者: GitLab
浏览文件

Merge branch 'update-semver_dialects' into 'master' 

Update semver_dialects gem version to 3.2.0

See merge request https://gitlab.com/gitlab-org/gitlab/-/merge_requests/157521



Merged-by: default avatarPiotr Skorupa <pskorupa@gitlab.com>
Approved-by: default avatarPiotr Skorupa <pskorupa@gitlab.com>
Co-authored-by: default avatarsmtan <smtan@gitlab.com>
Co-authored-by: default avatarIgor Frenkel <ifrenkel@gitlab.com>
上级 85da4f8c 9cfb70e0
No related branches found
No related tags found
无相关合并请求
隐藏空白变更内容
行内 左右并排
Gemfile.checksum
+ 1
1
浏览文件 @ fa7e04d8
...@@ -621,7 +621,7 @@ ...@@ -621,7 +621,7 @@
{"name":"sd_notify","version":"0.1.1","platform":"ruby","checksum":"cbc7ac6caa7cedd26b30a72b5eeb6f36050dc0752df263452ea24fb5a4ad3131"}, {"name":"sd_notify","version":"0.1.1","platform":"ruby","checksum":"cbc7ac6caa7cedd26b30a72b5eeb6f36050dc0752df263452ea24fb5a4ad3131"},
{"name":"seed-fu","version":"2.3.7","platform":"ruby","checksum":"f19673443e9af799b730e3d4eca6a89b39e5a36825015dffd00d02ea3365cf74"}, {"name":"seed-fu","version":"2.3.7","platform":"ruby","checksum":"f19673443e9af799b730e3d4eca6a89b39e5a36825015dffd00d02ea3365cf74"},
{"name":"selenium-webdriver","version":"4.21.1","platform":"ruby","checksum":"c30b64014532fc5156c60797985f839f36adbe60ff4653e7112b008dc1c83263"}, {"name":"selenium-webdriver","version":"4.21.1","platform":"ruby","checksum":"c30b64014532fc5156c60797985f839f36adbe60ff4653e7112b008dc1c83263"},
{"name":"semver_dialects","version":"3.0.2","platform":"ruby","checksum":"c1fb3c60e86416164ea7f2628655cb84686298f64f82e8951618c3dd7e8f93e3"}, {"name":"semver_dialects","version":"3.2.0","platform":"ruby","checksum":"11559c8bd77db40be1e9312598c94c1b1b1e2129785d030a19f0db4b11f5555f"},
{"name":"sentry-rails","version":"5.17.3","platform":"ruby","checksum":"017771c42d739c0ad2213a581ca9d005cf543227bc13662cd1ca9909f2429459"}, {"name":"sentry-rails","version":"5.17.3","platform":"ruby","checksum":"017771c42d739c0ad2213a581ca9d005cf543227bc13662cd1ca9909f2429459"},
{"name":"sentry-ruby","version":"5.17.3","platform":"ruby","checksum":"61791a4b0bb0f95cd87aceeaa1efa6d4ab34d64236c9d5df820478adfe2fbbfc"}, {"name":"sentry-ruby","version":"5.17.3","platform":"ruby","checksum":"61791a4b0bb0f95cd87aceeaa1efa6d4ab34d64236c9d5df820478adfe2fbbfc"},
{"name":"sentry-sidekiq","version":"5.17.3","platform":"ruby","checksum":"d0714a218999e41e38127d0c174e0ee62a32b069f92e85b544e0c2125eca2c58"}, {"name":"sentry-sidekiq","version":"5.17.3","platform":"ruby","checksum":"d0714a218999e41e38127d0c174e0ee62a32b069f92e85b544e0c2125eca2c58"},
......
Gemfile.lock
+ 1
1
浏览文件 @ fa7e04d8
...@@ -1651,7 +1651,7 @@ GEM ...@@ -1651,7 +1651,7 @@ GEM
rexml (~> 3.2, >= 3.2.5) rexml (~> 3.2, >= 3.2.5)
rubyzip (>= 1.2.2, < 3.0) rubyzip (>= 1.2.2, < 3.0)
websocket (~> 1.0) websocket (~> 1.0)
semver_dialects (3.0.2) semver_dialects (3.2.0)
deb_version (~> 1.0.1) deb_version (~> 1.0.1)
pastel (~> 0.8.0) pastel (~> 0.8.0)
thor (~> 1.3) thor (~> 1.3)
......
ee/app/models/package_metadata/advisory.rb
+ 8
0
浏览文件 @ fa7e04d8
...@@ -32,5 +32,13 @@ class Advisory < ApplicationRecord ...@@ -32,5 +32,13 @@ class Advisory < ApplicationRecord
end end
scope :with_affected_packages, -> { includes(:affected_packages) } scope :with_affected_packages, -> { includes(:affected_packages) }
def from_container_scanning?
source_xid == 'trivy-db'
end
def from_dependency_scanning?
source_xid == 'glad'
end
end end
end end
ee/lib/gitlab/vulnerability_scanning/advisory_scanner.rb
+ 2
2
浏览文件 @ fa7e04d8
...@@ -57,12 +57,12 @@ def execute ...@@ -57,12 +57,12 @@ def execute
private private
SUPPORTED_CONTAINER_SCANNING_PURL_TYPES = %w[deb].freeze SUPPORTED_CONTAINER_SCANNING_PURL_TYPES = %w[deb rpm].freeze
attr_reader :advisory, :possibly_affected_sbom_occurrences_count, :known_affected_sbom_occurrences_count attr_reader :advisory, :possibly_affected_sbom_occurrences_count, :known_affected_sbom_occurrences_count
def affected_packages def affected_packages
if advisory.source_xid == 'trivy-db' if advisory.from_container_scanning?
return advisory.affected_packages.filter do |affected_package| return advisory.affected_packages.filter do |affected_package|
SUPPORTED_CONTAINER_SCANNING_PURL_TYPES.include?(affected_package.purl_type) SUPPORTED_CONTAINER_SCANNING_PURL_TYPES.include?(affected_package.purl_type)
end end
......
ee/spec/lib/gitlab/vulnerability_scanning/advisory_scanner_spec.rb
+ 7
1
浏览文件 @ fa7e04d8
...@@ -311,8 +311,14 @@ ...@@ -311,8 +311,14 @@
purl_type: 'wolfi', advisory: advisory) purl_type: 'wolfi', advisory: advisory)
end end
let(:finder) { instance_spy(::Sbom::PossiblyAffectedOccurrencesFinder) }
before do
allow(::Sbom::PossiblyAffectedOccurrencesFinder).to receive(:new).and_return(finder)
end
it 'does not attempt to scan for advisory affecting package' do it 'does not attempt to scan for advisory affecting package' do
expect { described_class.scan_projects_for(affected_package.advisory) }.not_to raise_error expect(finder).to have_received(:execute_in_batches).exactly(0).times
end end
end end
end end
......
ee/spec/models/package_metadata/advisory_spec.rb
+ 32
0
浏览文件 @ fa7e04d8
...@@ -94,4 +94,36 @@ ...@@ -94,4 +94,36 @@
end end
end end
end end
describe '#from_container_scanning?' do
subject { advisory.from_container_scanning? }
context 'when source_xid is trivy-db' do
let(:advisory) { build(:pm_advisory, source_xid: 'trivy-db') }
it { is_expected.to be true }
end
context 'when source_xid is not trivy-db' do
let(:advisory) { build(:pm_advisory, source_xid: 'glad') }
it { is_expected.to be false }
end
end
describe '#from_dependency_scanning?' do
subject { advisory.from_dependency_scanning? }
context 'when source_xid is glad' do
let(:advisory) { build(:pm_advisory, source_xid: 'glad') }
it { is_expected.to be true }
end
context 'when source_xid is not glad' do
let(:advisory) { build(:pm_advisory, source_xid: 'trivy-db') }
it { is_expected.to be false }
end
end
end end
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册