diff options
Diffstat (limited to 'lib/gitlab/ci/reports/security/finding.rb')
| -rw-r--r-- | lib/gitlab/ci/reports/security/finding.rb | 25 |
1 files changed, 22 insertions, 3 deletions
diff --git a/lib/gitlab/ci/reports/security/finding.rb b/lib/gitlab/ci/reports/security/finding.rb index 47ec82ac86c..69fb8474cde 100644 --- a/lib/gitlab/ci/reports/security/finding.rb +++ b/lib/gitlab/ci/reports/security/finding.rb @@ -122,9 +122,11 @@ module Gitlab end def keys - @keys ||= identifiers.reject(&:type_identifier?).map do |identifier| - FindingKey.new(location_fingerprint: location&.fingerprint, identifier_fingerprint: identifier.fingerprint) - end + @keys ||= identifiers.reject(&:type_identifier?).flat_map do |identifier| + location_fingerprints.map do |location_fingerprint| + FindingKey.new(location_fingerprint: location_fingerprint, identifier_fingerprint: identifier.fingerprint) + end + end.push(uuid) end def primary_identifier_fingerprint @@ -171,11 +173,28 @@ module Gitlab original_data['location'] end + # Returns either the max priority signature hex + # or the location fingerprint + def location_fingerprint + location_fingerprints.first + end + private def generate_project_fingerprint Digest::SHA1.hexdigest(compare_key) end + + def location_fingerprints + @location_fingerprints ||= signature_hexes << location&.fingerprint + end + + # Returns the signature hexes in reverse priority order + def signature_hexes + return [] unless @vulnerability_finding_signatures_enabled && signatures.present? + + signatures.sort_by(&:priority).map(&:signature_hex).reverse + end end end end |