diff options
author | Kamil Trzciński <ayufan@ayufan.eu> | 2018-10-15 12:17:21 +0200 |
---|---|---|
committer | Kamil Trzciński <ayufan@ayufan.eu> | 2018-10-16 13:51:49 +0200 |
commit | 15cd91c71a57a0b84af620181a64b26d5aec8237 (patch) | |
tree | ecc0f8ed9b7d508b442c111faa199e52fa382924 /spec/fixtures/security-reports/feature-branch/gl-dependency-scanning-report.json | |
parent | 63cd88c668130d22f4a3d708894d0283a5941319 (diff) | |
download | gitlab-ce-use-raw-file-format.tar.gz |
Make all legacy security reports to use raw formatuse-raw-file-format
- This introduces and uses `:raw` format for all legacy reports,
the ones that do not have yet proper parsers on Backend
- Raw format is needed to make Frontend be able to parse reports,
without the need of decompressing,
- This also extends fixtures to seed security reports with database,
even though parser code is part of EE
Diffstat (limited to 'spec/fixtures/security-reports/feature-branch/gl-dependency-scanning-report.json')
-rw-r--r-- | spec/fixtures/security-reports/feature-branch/gl-dependency-scanning-report.json | 46 |
1 files changed, 46 insertions, 0 deletions
diff --git a/spec/fixtures/security-reports/feature-branch/gl-dependency-scanning-report.json b/spec/fixtures/security-reports/feature-branch/gl-dependency-scanning-report.json new file mode 100644 index 00000000000..4b47e259c0f --- /dev/null +++ b/spec/fixtures/security-reports/feature-branch/gl-dependency-scanning-report.json @@ -0,0 +1,46 @@ +[ + { + "priority": "Unknown", + "file": "pom.xml", + "cve": "CVE-2012-4387", + "url": "http://struts.apache.org/docs/s2-011.html", + "message": "Long parameter name DoS for org.apache.struts/struts2-core", + "tools": [ + "gemnasium" + ], + "tool": "gemnasium" + }, + { + "priority": "Unknown", + "file": "pom.xml", + "cve": "CVE-2013-1966", + "url": "http://struts.apache.org/docs/s2-014.html", + "message": "Remote command execution due to flaw in the includeParams attribute of URL and Anchor tags for org.apache.struts/struts2-core", + "tools": [ + "gemnasium" + ], + "tool": "gemnasium" + }, + { + "priority": "Unknown", + "file": "pom.xml", + "cve": "CVE-2013-2115", + "url": "http://struts.apache.org/docs/s2-014.html", + "message": "Remote command execution due to flaw in the includeParams attribute of URL and Anchor tags for org.apache.struts/struts2-core", + "tools": [ + "gemnasium" + ], + "tool": "gemnasium" + }, + { + "priority": "Unknown", + "file": "pom.xml", + "cve": "CVE-2013-2134", + "url": "http://struts.apache.org/docs/s2-015.html", + "message": "Arbitrary OGNL code execution via unsanitized wildcard matching for org.apache.struts/struts2-core", + "tools": [ + "gemnasium" + ], + "tool": "gemnasium" + } +] |