diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2020-04-13 21:09:38 +0000 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2020-04-13 21:09:38 +0000 |
| commit | 602ea42669779ec431bcaeb41fd95e079b1a7021 (patch) | |
| tree | 25e074ca0914fca832b826e200aa0612e45564ec /doc/development | |
| parent | 6ce0f44c6b2c2af48c7ef4fef97913d054088deb (diff) | |
| download | gitlab-ce-602ea42669779ec431bcaeb41fd95e079b1a7021.tar.gz | |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'doc/development')
| -rw-r--r-- | doc/development/integrations/secure.md | 21 | ||||
| -rw-r--r-- | doc/development/reusing_abstractions.md | 2 |
2 files changed, 20 insertions, 3 deletions
diff --git a/doc/development/integrations/secure.md b/doc/development/integrations/secure.md index 69128cfb625..b38e45778fb 100644 --- a/doc/development/integrations/secure.md +++ b/doc/development/integrations/secure.md @@ -233,6 +233,12 @@ describes the Secure report format version. The `vulnerabilities` field of the report is an array of vulnerability objects. +#### ID + +The `id` field is the unique identifier of the vulnerability. +It is used to reference a fixed vulnerability from a [remediation objects](#remediations). +We recommend that you generate a UUID and use it as the `id` field's value. + #### Category The value of the `category` field matches the report type: @@ -467,6 +473,15 @@ The `remediations` field of the report is an array of remediation objects. Each remediation describes a patch that can be applied to automatically fix a set of vulnerabilities. -Currently, remediations rely on a deprecated field named `cve` to reference vulnerabilities, -so it is recommended not to use them until a new format has been defined. -See [issue #36777](https://gitlab.com/gitlab-org/gitlab/issues/36777). +#### Summary + +The `summary` field is an overview of how the vulnerabilities can be fixed. + +#### Fixed vulnerabilities + +The `fixes` field is an array of objects that reference the vulnerabilities fixed by the +remediation. `fixes[].id` contains a fixed vulnerability's unique identifier. + +#### Diff + +The `diff` field is a base64-encoded remediation code diff, compatible with [`git apply`](https://git-scm.com/docs/git-format-patch#_discussion). diff --git a/doc/development/reusing_abstractions.md b/doc/development/reusing_abstractions.md index fce144f8dc2..8711bac69e0 100644 --- a/doc/development/reusing_abstractions.md +++ b/doc/development/reusing_abstractions.md @@ -127,6 +127,8 @@ Everything in `lib/api`. Everything that resides in `app/services`. +In Service classes the use of `execute` and `#execute` is preferred over `call` and `#call`. + #### ServiceResponse Service classes usually have an `execute` method, which can return a |