diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2023-04-12 12:14:57 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2023-04-12 12:14:57 +0300 |
commit | 60e7627c998b74d48df10b9a7759d6038a1f139c (patch) | |
tree | 9b643b2e776ea868f4e1546cf1f1fd40bbb10e0f /app | |
parent | 913af9b06edd2eff6cba93b1daca6c061b93be91 (diff) |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'app')
9 files changed, 116 insertions, 20 deletions
diff --git a/app/assets/javascripts/issues/show/components/description.vue b/app/assets/javascripts/issues/show/components/description.vue index 6412a13e3e6..3721f224d5e 100644 --- a/app/assets/javascripts/issues/show/components/description.vue +++ b/app/assets/javascripts/issues/show/components/description.vue @@ -132,7 +132,10 @@ export default { }, watch: { descriptionHtml(newDescription, oldDescription) { - if (!this.initialUpdate && newDescription !== oldDescription) { + if ( + !this.initialUpdate && + this.stripClientState(newDescription) !== this.stripClientState(oldDescription) + ) { this.animateChange(); } else { this.initialUpdate = false; @@ -321,6 +324,9 @@ export default { listItem.append(element); } }, + stripClientState(description) { + return description.replaceAll('<details open="true">', '<details>'); + }, async createTask({ taskTitle, taskDescription, oldDescription }) { try { const { title, description } = extractTaskTitleAndDescription(taskTitle, taskDescription); diff --git a/app/assets/javascripts/security_configuration/components/constants.js b/app/assets/javascripts/security_configuration/components/constants.js index 6beb6cd4d34..1d5ff5eb16f 100644 --- a/app/assets/javascripts/security_configuration/components/constants.js +++ b/app/assets/javascripts/security_configuration/components/constants.js @@ -6,6 +6,7 @@ import { REPORT_TYPE_SAST_IAC, REPORT_TYPE_DAST, REPORT_TYPE_DAST_PROFILES, + REPORT_TYPE_BREACH_AND_ATTACK_SIMULATION, REPORT_TYPE_SECRET_DETECTION, REPORT_TYPE_DEPENDENCY_SCANNING, REPORT_TYPE_CONTAINER_SCANNING, @@ -67,6 +68,30 @@ export const DAST_PROFILES_DESCRIPTION = s__( ); export const DAST_PROFILES_CONFIG_TEXT = s__('SecurityConfiguration|Manage profiles'); +export const BAS_BADGE_TEXT = s__('SecurityConfiguration|Incubating feature'); +export const BAS_BADGE_TOOLTIP = s__( + 'SecurityConfiguration|Breach and Attack Simulation is an incubating feature extending existing security testing by simulating adversary activity.', +); +export const BAS_DESCRIPTION = s__( + 'SecurityConfiguration|Simulate breach and attack scenarios against your running application by attempting to detect and exploit known vulnerabilities.', +); +export const BAS_HELP_PATH = helpPagePath( + 'user/application_security/breach_and_attack_simulation/index', +); +export const BAS_NAME = s__('SecurityConfiguration|Breach and Attack Simulation (BAS)'); +export const BAS_SHORT_NAME = s__('SecurityConfiguration|BAS'); + +export const BAS_DAST_FEATURE_FLAG_DESCRIPTION = s__( + 'SecurityConfiguration|Enable incubating Breach and Attack Simulation focused features such as callback attacks in your DAST scans.', +); +export const BAS_DAST_FEATURE_FLAG_HELP_PATH = helpPagePath( + 'user/application_security/breach_and_attack_simulation/index', + { anchor: 'extend-dynamic-application-security-testing-dast' }, +); +export const BAS_DAST_FEATURE_FLAG_NAME = s__( + 'SecurityConfiguration|Out-of-Band Application Security Testing (OAST)', +); + export const SECRET_DETECTION_NAME = __('Secret Detection'); export const SECRET_DETECTION_DESCRIPTION = __( 'Analyze your source code and git history for secrets.', @@ -142,6 +167,7 @@ export const SCANNER_NAMES_MAP = { COVERAGE_FUZZING: COVERAGE_FUZZING_NAME, SECRET_DETECTION: SECRET_DETECTION_NAME, DEPENDENCY_SCANNING: DEPENDENCY_SCANNING_NAME, + BAS: BAS_SHORT_NAME, GENERIC: s__('ciReport|Manually added'), }; @@ -223,6 +249,25 @@ export const securityFeatures = [ configurationText: CORPUS_MANAGEMENT_CONFIG_TEXT, }, }, + { + anchor: 'bas', + badge: { + alwaysDisplay: true, + text: BAS_BADGE_TEXT, + tooltipText: BAS_BADGE_TOOLTIP, + variant: 'info', + }, + description: BAS_DESCRIPTION, + name: BAS_NAME, + helpPath: BAS_HELP_PATH, + secondary: { + configurationHelpPath: BAS_DAST_FEATURE_FLAG_HELP_PATH, + description: BAS_DAST_FEATURE_FLAG_DESCRIPTION, + name: BAS_DAST_FEATURE_FLAG_NAME, + }, + shortName: BAS_SHORT_NAME, + type: REPORT_TYPE_BREACH_AND_ATTACK_SIMULATION, + }, ]; export const complianceFeatures = [ diff --git a/app/assets/javascripts/security_configuration/components/feature_card.vue b/app/assets/javascripts/security_configuration/components/feature_card.vue index 19b412d66ca..d1b705fe2fc 100644 --- a/app/assets/javascripts/security_configuration/components/feature_card.vue +++ b/app/assets/javascripts/security_configuration/components/feature_card.vue @@ -1,7 +1,10 @@ <script> import { GlButton, GlCard, GlIcon, GlLink } from '@gitlab/ui'; import { __, s__, sprintf } from '~/locale'; -import { REPORT_TYPE_SAST_IAC } from '~/vue_shared/security_reports/constants'; +import { + REPORT_TYPE_BREACH_AND_ATTACK_SIMULATION, + REPORT_TYPE_SAST_IAC, +} from '~/vue_shared/security_reports/constants'; import ManageViaMr from '~/vue_shared/security_configuration/components/manage_via_mr.vue'; import FeatureCardBadge from './feature_card_badge.vue'; @@ -68,8 +71,7 @@ export default { }; }, hasSecondary() { - const { name, description, configurationText } = this.feature.secondary ?? {}; - return Boolean(name && description && configurationText); + return Boolean(this.feature.secondary); }, // This condition is a temporary hack to not display any wrong information // until this BE Bug is fixed: https://gitlab.com/gitlab-org/gitlab/-/issues/350307. @@ -78,7 +80,17 @@ export default { return this.feature.type !== REPORT_TYPE_SAST_IAC; }, hasBadge() { - return Boolean(this.available && this.feature.badge?.text); + const shouldDisplay = this.available || this.feature.badge?.alwaysDisplay; + return Boolean(shouldDisplay && this.feature.badge?.text); + }, + hasEnabledStatus() { + return ( + this.isNotSastIACTemporaryHack && + this.feature.type !== REPORT_TYPE_BREACH_AND_ATTACK_SIMULATION + ); + }, + showSecondaryConfigurationHelpPath() { + return Boolean(this.available && this.feature.secondary?.configurationHelpPath); }, }, methods: { @@ -118,19 +130,25 @@ export default { :badge-href="feature.badge.badgeHref" /> - <template v-if="enabled"> - <span> - <gl-icon name="check-circle-filled" /> - <span class="gl-text-green-700">{{ $options.i18n.enabled }}</span> - </span> - </template> - - <template v-else-if="available"> - <span>{{ $options.i18n.notEnabled }}</span> + <template v-if="hasEnabledStatus"> + <template v-if="enabled"> + <span> + <gl-icon name="check-circle-filled" /> + <span class="gl-text-green-700">{{ $options.i18n.enabled }}</span> + </span> + </template> + + <template v-else-if="available"> + <span>{{ $options.i18n.notEnabled }}</span> + </template> + + <template v-else> + {{ $options.i18n.availableWith }} + </template> </template> - <template v-else> - {{ $options.i18n.availableWith }} + <template v-else-if="!available"> + <span>{{ $options.i18n.availableWith }}</span> </template> </div> </div> @@ -186,6 +204,16 @@ export default { > {{ feature.secondary.configurationText }} </gl-button> + + <gl-button + v-else-if="showSecondaryConfigurationHelpPath" + icon="external-link" + :href="feature.secondary.configurationHelpPath" + category="secondary" + class="gl-mt-5" + > + {{ $options.i18n.configurationGuide }} + </gl-button> </div> </gl-card> </template> diff --git a/app/assets/javascripts/sidebar/components/labels/labels_select_widget/constants.js b/app/assets/javascripts/sidebar/components/labels/labels_select_widget/constants.js index 852ef0c6283..881d84a7d6e 100644 --- a/app/assets/javascripts/sidebar/components/labels/labels_select_widget/constants.js +++ b/app/assets/javascripts/sidebar/components/labels/labels_select_widget/constants.js @@ -1,5 +1,6 @@ export const SCOPED_LABEL_DELIMITER = '::'; export const DEBOUNCE_DROPDOWN_DELAY = 200; +export const DEFAULT_LABEL_COLOR = '#6699cc'; export const DropdownVariant = { Sidebar: 'sidebar', diff --git a/app/assets/javascripts/sidebar/components/labels/labels_select_widget/dropdown_contents_create_view.vue b/app/assets/javascripts/sidebar/components/labels/labels_select_widget/dropdown_contents_create_view.vue index 1174ec3f01e..30eeb0fbe31 100644 --- a/app/assets/javascripts/sidebar/components/labels/labels_select_widget/dropdown_contents_create_view.vue +++ b/app/assets/javascripts/sidebar/components/labels/labels_select_widget/dropdown_contents_create_view.vue @@ -13,6 +13,7 @@ import { WORKSPACE_GROUP } from '~/issues/constants'; import { __ } from '~/locale'; import { workspaceLabelsQueries } from '../../../constants'; import createLabelMutation from './graphql/create_label.mutation.graphql'; +import { DEFAULT_LABEL_COLOR } from './constants'; const errorMessage = __('Error creating label.'); @@ -44,11 +45,16 @@ export default { type: String, required: true, }, + searchKey: { + type: String, + required: false, + default: '', + }, }, data() { return { - labelTitle: '', - selectedColor: '', + labelTitle: this.searchKey, + selectedColor: DEFAULT_LABEL_COLOR, labelCreateInProgress: false, error: undefined, }; diff --git a/app/assets/javascripts/vue_shared/security_reports/constants.js b/app/assets/javascripts/vue_shared/security_reports/constants.js index fafbd02634f..597268a40d3 100644 --- a/app/assets/javascripts/vue_shared/security_reports/constants.js +++ b/app/assets/javascripts/vue_shared/security_reports/constants.js @@ -20,6 +20,7 @@ export const REPORT_TYPE_SAST = 'sast'; export const REPORT_TYPE_SAST_IAC = 'sast_iac'; export const REPORT_TYPE_DAST = 'dast'; export const REPORT_TYPE_DAST_PROFILES = 'dast_profiles'; +export const REPORT_TYPE_BREACH_AND_ATTACK_SIMULATION = 'breach_and_attack_simulation'; export const REPORT_TYPE_SECRET_DETECTION = 'secret_detection'; export const REPORT_TYPE_DEPENDENCY_SCANNING = 'dependency_scanning'; export const REPORT_TYPE_CONTAINER_SCANNING = 'container_scanning'; diff --git a/app/finders/security/security_jobs_finder.rb b/app/finders/security/security_jobs_finder.rb index 5754492cfa7..8cfb699a62a 100644 --- a/app/finders/security/security_jobs_finder.rb +++ b/app/finders/security/security_jobs_finder.rb @@ -13,7 +13,7 @@ module Security class SecurityJobsFinder < JobsFinder def self.allowed_job_types - [:sast, :sast_iac, :dast, :dependency_scanning, :container_scanning, :secret_detection, :coverage_fuzzing, :api_fuzzing, :cluster_image_scanning] + [:sast, :sast_iac, :breach_and_attack_simulation, :dast, :dependency_scanning, :container_scanning, :secret_detection, :coverage_fuzzing, :api_fuzzing, :cluster_image_scanning] end end end diff --git a/app/graphql/types/permission_types/work_item.rb b/app/graphql/types/permission_types/work_item.rb index f35f42001e0..9f8f9e4f2b9 100644 --- a/app/graphql/types/permission_types/work_item.rb +++ b/app/graphql/types/permission_types/work_item.rb @@ -6,7 +6,8 @@ module Types graphql_name 'WorkItemPermissions' description 'Check permissions for the current user on a work item' - abilities :read_work_item, :update_work_item, :delete_work_item, :admin_work_item + abilities :read_work_item, :update_work_item, :delete_work_item, + :admin_work_item, :admin_parent_link end end end diff --git a/app/models/ci/catalog/resource.rb b/app/models/ci/catalog/resource.rb index 837f1352b4d..bb4584aacae 100644 --- a/app/models/ci/catalog/resource.rb +++ b/app/models/ci/catalog/resource.rb @@ -15,6 +15,14 @@ module Ci scope :for_projects, ->(project_ids) { where(project_id: project_ids) } delegate :avatar_path, :description, :name, to: :project + + def versions + project.releases.order_released_desc + end + + def latest_version + versions.first + end end end end |