diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2020-05-09 00:09:47 +0300 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2020-05-09 00:09:47 +0300 |
| commit | 66108e3b34cdba3eab53e07fdde76f799c0edc9b (patch) | |
| tree | 1ada683cd997f7e68c69d014e90c24e2a630049e /doc | |
| parent | c0c1433fa5a9f31c8eb4292d13de744aa74e9e83 (diff) | |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/api/graphql/reference/gitlab_schema.graphql | 191 | ||||
| -rw-r--r-- | doc/api/graphql/reference/gitlab_schema.json | 541 | ||||
| -rw-r--r-- | doc/api/graphql/reference/index.md | 70 | ||||
| -rw-r--r-- | doc/api/packages.md | 1 |
4 files changed, 796 insertions, 7 deletions
diff --git a/doc/api/graphql/reference/gitlab_schema.graphql b/doc/api/graphql/reference/gitlab_schema.graphql index 9f08e8ebf58..89b3bbac938 100644 --- a/doc/api/graphql/reference/gitlab_schema.graphql +++ b/doc/api/graphql/reference/gitlab_schema.graphql @@ -6221,6 +6221,7 @@ type Mutation { mergeRequestSetSubscription(input: MergeRequestSetSubscriptionInput!): MergeRequestSetSubscriptionPayload mergeRequestSetWip(input: MergeRequestSetWipInput!): MergeRequestSetWipPayload removeAwardEmoji(input: RemoveAwardEmojiInput!): RemoveAwardEmojiPayload + removeProjectFromSecurityDashboard(input: RemoveProjectFromSecurityDashboardInput!): RemoveProjectFromSecurityDashboardPayload todoMarkDone(input: TodoMarkDoneInput!): TodoMarkDonePayload todoRestore(input: TodoRestoreInput!): TodoRestorePayload todoRestoreMany(input: TodoRestoreManyInput!): TodoRestoreManyPayload @@ -8089,6 +8090,41 @@ type Query { ): Project """ + Find projects visible to the current user + """ + projects( + """ + Returns the elements in the list that come after the specified cursor. + """ + after: String + + """ + Returns the elements in the list that come before the specified cursor. + """ + before: String + + """ + Returns the first _n_ elements from the list. + """ + first: Int + + """ + Returns the last _n_ elements from the list. + """ + last: Int + + """ + Limit projects that the current user is a member of + """ + membership: Boolean + + """ + Search criteria + """ + search: String + ): ProjectConnection + + """ Find Snippets visible to the current user """ snippets( @@ -8366,6 +8402,36 @@ type RemoveAwardEmojiPayload { errors: [String!]! } +""" +Autogenerated input type of RemoveProjectFromSecurityDashboard +""" +input RemoveProjectFromSecurityDashboardInput { + """ + A unique identifier for the client performing the mutation. + """ + clientMutationId: String + + """ + ID of the project to remove from the Instance Security Dashboard + """ + projectId: ID! +} + +""" +Autogenerated return type of RemoveProjectFromSecurityDashboard +""" +type RemoveProjectFromSecurityDashboardPayload { + """ + A unique identifier for the client performing the mutation. + """ + clientMutationId: String + + """ + Reasons why the mutation failed. + """ + errors: [String!]! +} + type Repository { """ Indicates repository has no visible content @@ -10669,10 +10735,9 @@ type Vulnerability { id: ID! """ - The JSON location metadata for the vulnerability. Its format depends on the - type of the security scan that found the vulnerability + Location metadata for the vulnerability. Its fields depend on the type of security scan that found the vulnerability """ - location: JSON + location: VulnerabilityLocation """ The project on which the vulnerability was found @@ -10746,6 +10811,101 @@ type VulnerabilityEdge { } """ +Represents a vulnerability location. The fields with data will depend on the vulnerability report type +""" +union VulnerabilityLocation = VulnerabilityLocationContainerScanning | VulnerabilityLocationDast | VulnerabilityLocationDependencyScanning | VulnerabilityLocationSast + +""" +Represents the location of a vulnerability found by a container security scan +""" +type VulnerabilityLocationContainerScanning { + """ + Dependency containing the vulnerability + """ + dependency: VulnerableDependency + + """ + Name of the vulnerable container image + """ + image: String + + """ + Operating system that runs on the vulnerable container image + """ + operatingSystem: String +} + +""" +Represents the location of a vulnerability found by a DAST scan +""" +type VulnerabilityLocationDast { + """ + Domain name of the vulnerable request + """ + hostname: String + + """ + Query parameter for the URL on which the vulnerability occurred + """ + param: String + + """ + URL path and query string of the vulnerable request + """ + path: String + + """ + HTTP method of the vulnerable request + """ + requestMethod: String +} + +""" +Represents the location of a vulnerability found by a dependency security scan +""" +type VulnerabilityLocationDependencyScanning { + """ + Dependency containing the vulnerability + """ + dependency: VulnerableDependency + + """ + Path to the vulnerable file + """ + file: String +} + +""" +Represents the location of a vulnerability found by a SAST scan +""" +type VulnerabilityLocationSast { + """ + Number of the last relevant line in the vulnerable file + """ + endLine: String + + """ + Path to the vulnerable file + """ + file: String + + """ + Number of the first relevant line in the vulnerable file + """ + startLine: String + + """ + Class containing the vulnerability + """ + vulnerableClass: String + + """ + Method containing the vulnerability + """ + vulnerableMethod: String +} + +""" Check permissions for the current user on a vulnerability """ type VulnerabilityPermissions { @@ -10855,4 +11015,29 @@ enum VulnerabilityState { DETECTED DISMISSED RESOLVED +} + +""" +Represents a vulnerable dependency. Used in vulnerability location data +""" +type VulnerableDependency { + """ + The package associated with the vulnerable dependency + """ + package: VulnerablePackage + + """ + The version of the vulnerable dependency + """ + version: String +} + +""" +Represents a vulnerable package. Used in vulnerability dependency data +""" +type VulnerablePackage { + """ + The name of the vulnerable package + """ + name: String }
\ No newline at end of file diff --git a/doc/api/graphql/reference/gitlab_schema.json b/doc/api/graphql/reference/gitlab_schema.json index 1b6d719acd6..3e845667e80 100644 --- a/doc/api/graphql/reference/gitlab_schema.json +++ b/doc/api/graphql/reference/gitlab_schema.json @@ -18272,6 +18272,33 @@ "deprecationReason": null }, { + "name": "removeProjectFromSecurityDashboard", + "description": null, + "args": [ + { + "name": "input", + "description": null, + "type": { + "kind": "NON_NULL", + "name": null, + "ofType": { + "kind": "INPUT_OBJECT", + "name": "RemoveProjectFromSecurityDashboardInput", + "ofType": null + } + }, + "defaultValue": null + } + ], + "type": { + "kind": "OBJECT", + "name": "RemoveProjectFromSecurityDashboardPayload", + "ofType": null + }, + "isDeprecated": false, + "deprecationReason": null + }, + { "name": "todoMarkDone", "description": null, "args": [ @@ -23888,6 +23915,79 @@ "deprecationReason": null }, { + "name": "projects", + "description": "Find projects visible to the current user", + "args": [ + { + "name": "membership", + "description": "Limit projects that the current user is a member of", + "type": { + "kind": "SCALAR", + "name": "Boolean", + "ofType": null + }, + "defaultValue": null + }, + { + "name": "search", + "description": "Search criteria", + "type": { + "kind": "SCALAR", + "name": "String", + "ofType": null + }, + "defaultValue": null + }, + { + "name": "after", + "description": "Returns the elements in the list that come after the specified cursor.", + "type": { + "kind": "SCALAR", + "name": "String", + "ofType": null + }, + "defaultValue": null + }, + { + "name": "before", + "description": "Returns the elements in the list that come before the specified cursor.", + "type": { + "kind": "SCALAR", + "name": "String", + "ofType": null + }, + "defaultValue": null + }, + { + "name": "first", + "description": "Returns the first _n_ elements from the list.", + "type": { + "kind": "SCALAR", + "name": "Int", + "ofType": null + }, + "defaultValue": null + }, + { + "name": "last", + "description": "Returns the last _n_ elements from the list.", + "type": { + "kind": "SCALAR", + "name": "Int", + "ofType": null + }, + "defaultValue": null + } + ], + "type": { + "kind": "OBJECT", + "name": "ProjectConnection", + "ofType": null + }, + "isDeprecated": false, + "deprecationReason": null + }, + { "name": "snippets", "description": "Find Snippets visible to the current user", "args": [ @@ -24615,6 +24715,94 @@ "possibleTypes": null }, { + "kind": "INPUT_OBJECT", + "name": "RemoveProjectFromSecurityDashboardInput", + "description": "Autogenerated input type of RemoveProjectFromSecurityDashboard", + "fields": null, + "inputFields": [ + { + "name": "projectId", + "description": "ID of the project to remove from the Instance Security Dashboard", + "type": { + "kind": "NON_NULL", + "name": null, + "ofType": { + "kind": "SCALAR", + "name": "ID", + "ofType": null + } + }, + "defaultValue": null + }, + { + "name": "clientMutationId", + "description": "A unique identifier for the client performing the mutation.", + "type": { + "kind": "SCALAR", + "name": "String", + "ofType": null + }, + "defaultValue": null + } + ], + "interfaces": null, + "enumValues": null, + "possibleTypes": null + }, + { + "kind": "OBJECT", + "name": "RemoveProjectFromSecurityDashboardPayload", + "description": "Autogenerated return type of RemoveProjectFromSecurityDashboard", + "fields": [ + { + "name": "clientMutationId", + "description": "A unique identifier for the client performing the mutation.", + "args": [ + + ], + "type": { + "kind": "SCALAR", + "name": "String", + "ofType": null + }, + "isDeprecated": false, + "deprecationReason": null + }, + { + "name": "errors", + "description": "Reasons why the mutation failed.", + "args": [ + + ], + "type": { + "kind": "NON_NULL", + "name": null, + "ofType": { + "kind": "LIST", + "name": null, + "ofType": { + "kind": "NON_NULL", + "name": null, + "ofType": { + "kind": "SCALAR", + "name": "String", + "ofType": null + } + } + } + }, + "isDeprecated": false, + "deprecationReason": null + } + ], + "inputFields": null, + "interfaces": [ + + ], + "enumValues": null, + "possibleTypes": null + }, + { "kind": "OBJECT", "name": "Repository", "description": null, @@ -31744,13 +31932,13 @@ }, { "name": "location", - "description": "The JSON location metadata for the vulnerability. Its format depends on the type of the security scan that found the vulnerability", + "description": "Location metadata for the vulnerability. Its fields depend on the type of security scan that found the vulnerability", "args": [ ], "type": { - "kind": "SCALAR", - "name": "JSON", + "kind": "UNION", + "name": "VulnerabilityLocation", "ofType": null }, "isDeprecated": false, @@ -31979,6 +32167,285 @@ "possibleTypes": null }, { + "kind": "UNION", + "name": "VulnerabilityLocation", + "description": "Represents a vulnerability location. The fields with data will depend on the vulnerability report type", + "fields": null, + "inputFields": null, + "interfaces": null, + "enumValues": null, + "possibleTypes": [ + { + "kind": "OBJECT", + "name": "VulnerabilityLocationContainerScanning", + "ofType": null + }, + { + "kind": "OBJECT", + "name": "VulnerabilityLocationDast", + "ofType": null + }, + { + "kind": "OBJECT", + "name": "VulnerabilityLocationDependencyScanning", + "ofType": null + }, + { + "kind": "OBJECT", + "name": "VulnerabilityLocationSast", + "ofType": null + } + ] + }, + { + "kind": "OBJECT", + "name": "VulnerabilityLocationContainerScanning", + "description": "Represents the location of a vulnerability found by a container security scan", + "fields": [ + { + "name": "dependency", + "description": "Dependency containing the vulnerability", + "args": [ + + ], + "type": { + "kind": "OBJECT", + "name": "VulnerableDependency", + "ofType": null + }, + "isDeprecated": false, + "deprecationReason": null + }, + { + "name": "image", + "description": "Name of the vulnerable container image", + "args": [ + + ], + "type": { + "kind": "SCALAR", + "name": "String", + "ofType": null + }, + "isDeprecated": false, + "deprecationReason": null + }, + { + "name": "operatingSystem", + "description": "Operating system that runs on the vulnerable container image", + "args": [ + + ], + "type": { + "kind": "SCALAR", + "name": "String", + "ofType": null + }, + "isDeprecated": false, + "deprecationReason": null + } + ], + "inputFields": null, + "interfaces": [ + + ], + "enumValues": null, + "possibleTypes": null + }, + { + "kind": "OBJECT", + "name": "VulnerabilityLocationDast", + "description": "Represents the location of a vulnerability found by a DAST scan", + "fields": [ + { + "name": "hostname", + "description": "Domain name of the vulnerable request", + "args": [ + + ], + "type": { + "kind": "SCALAR", + "name": "String", + "ofType": null + }, + "isDeprecated": false, + "deprecationReason": null + }, + { + "name": "param", + "description": "Query parameter for the URL on which the vulnerability occurred", + "args": [ + + ], + "type": { + "kind": "SCALAR", + "name": "String", + "ofType": null + }, + "isDeprecated": false, + "deprecationReason": null + }, + { + "name": "path", + "description": "URL path and query string of the vulnerable request", + "args": [ + + ], + "type": { + "kind": "SCALAR", + "name": "String", + "ofType": null + }, + "isDeprecated": false, + "deprecationReason": null + }, + { + "name": "requestMethod", + "description": "HTTP method of the vulnerable request", + "args": [ + + ], + "type": { + "kind": "SCALAR", + "name": "String", + "ofType": null + }, + "isDeprecated": false, + "deprecationReason": null + } + ], + "inputFields": null, + "interfaces": [ + + ], + "enumValues": null, + "possibleTypes": null + }, + { + "kind": "OBJECT", + "name": "VulnerabilityLocationDependencyScanning", + "description": "Represents the location of a vulnerability found by a dependency security scan", + "fields": [ + { + "name": "dependency", + "description": "Dependency containing the vulnerability", + "args": [ + + ], + "type": { + "kind": "OBJECT", + "name": "VulnerableDependency", + "ofType": null + }, + "isDeprecated": false, + "deprecationReason": null + }, + { + "name": "file", + "description": "Path to the vulnerable file", + "args": [ + + ], + "type": { + "kind": "SCALAR", + "name": "String", + "ofType": null + }, + "isDeprecated": false, + "deprecationReason": null + } + ], + "inputFields": null, + "interfaces": [ + + ], + "enumValues": null, + "possibleTypes": null + }, + { + "kind": "OBJECT", + "name": "VulnerabilityLocationSast", + "description": "Represents the location of a vulnerability found by a SAST scan", + "fields": [ + { + "name": "endLine", + "description": "Number of the last relevant line in the vulnerable file", + "args": [ + + ], + "type": { + "kind": "SCALAR", + "name": "String", + "ofType": null + }, + "isDeprecated": false, + "deprecationReason": null + }, + { + "name": "file", + "description": "Path to the vulnerable file", + "args": [ + + ], + "type": { + "kind": "SCALAR", + "name": "String", + "ofType": null + }, + "isDeprecated": false, + "deprecationReason": null + }, + { + "name": "startLine", + "description": "Number of the first relevant line in the vulnerable file", + "args": [ + + ], + "type": { + "kind": "SCALAR", + "name": "String", + "ofType": null + }, + "isDeprecated": false, + "deprecationReason": null + }, + { + "name": "vulnerableClass", + "description": "Class containing the vulnerability", + "args": [ + + ], + "type": { + "kind": "SCALAR", + "name": "String", + "ofType": null + }, + "isDeprecated": false, + "deprecationReason": null + }, + { + "name": "vulnerableMethod", + "description": "Method containing the vulnerability", + "args": [ + + ], + "type": { + "kind": "SCALAR", + "name": "String", + "ofType": null + }, + "isDeprecated": false, + "deprecationReason": null + } + ], + "inputFields": null, + "interfaces": [ + + ], + "enumValues": null, + "possibleTypes": null + }, + { "kind": "OBJECT", "name": "VulnerabilityPermissions", "description": "Check permissions for the current user on a vulnerability", @@ -32351,6 +32818,74 @@ }, { "kind": "OBJECT", + "name": "VulnerableDependency", + "description": "Represents a vulnerable dependency. Used in vulnerability location data", + "fields": [ + { + "name": "package", + "description": "The package associated with the vulnerable dependency", + "args": [ + + ], + "type": { + "kind": "OBJECT", + "name": "VulnerablePackage", + "ofType": null + }, + "isDeprecated": false, + "deprecationReason": null + }, + { + "name": "version", + "description": "The version of the vulnerable dependency", + "args": [ + + ], + "type": { + "kind": "SCALAR", + "name": "String", + "ofType": null + }, + "isDeprecated": false, + "deprecationReason": null + } + ], + "inputFields": null, + "interfaces": [ + + ], + "enumValues": null, + "possibleTypes": null + }, + { + "kind": "OBJECT", + "name": "VulnerablePackage", + "description": "Represents a vulnerable package. Used in vulnerability dependency data", + "fields": [ + { + "name": "name", + "description": "The name of the vulnerable package", + "args": [ + + ], + "type": { + "kind": "SCALAR", + "name": "String", + "ofType": null + }, + "isDeprecated": false, + "deprecationReason": null + } + ], + "inputFields": null, + "interfaces": [ + + ], + "enumValues": null, + "possibleTypes": null + }, + { + "kind": "OBJECT", "name": "__Directive", "description": "A Directive provides a way to describe alternate runtime execution and type validation behavior in a GraphQL document.\n\nIn some cases, you need to provide options to alter GraphQL's execution behavior in ways field arguments will not suffice, such as conditionally including or skipping a field. Directives provide this by describing additional information to the executor.", "fields": [ diff --git a/doc/api/graphql/reference/index.md b/doc/api/graphql/reference/index.md index 3259ce316e7..3ca7164bff5 100644 --- a/doc/api/graphql/reference/index.md +++ b/doc/api/graphql/reference/index.md @@ -1180,6 +1180,15 @@ Autogenerated return type of RemoveAwardEmoji | `clientMutationId` | String | A unique identifier for the client performing the mutation. | | `errors` | String! => Array | Reasons why the mutation failed. | +## RemoveProjectFromSecurityDashboardPayload + +Autogenerated return type of RemoveProjectFromSecurityDashboard + +| Name | Type | Description | +| --- | ---- | ---------- | +| `clientMutationId` | String | A unique identifier for the client performing the mutation. | +| `errors` | String! => Array | Reasons why the mutation failed. | + ## Repository | Name | Type | Description | @@ -1632,7 +1641,7 @@ Represents a vulnerability. | --- | ---- | ---------- | | `description` | String | Description of the vulnerability | | `id` | ID! | GraphQL ID of the vulnerability | -| `location` | JSON | The JSON location metadata for the vulnerability. Its format depends on the type of the security scan that found the vulnerability | +| `location` | VulnerabilityLocation | Location metadata for the vulnerability. Its fields depend on the type of security scan that found the vulnerability | | `project` | Project | The project on which the vulnerability was found | | `reportType` | VulnerabilityReportType | Type of the security report that found the vulnerability (SAST, DEPENDENCY_SCANNING, CONTAINER_SCANNING, DAST) | | `severity` | VulnerabilitySeverity | Severity of the vulnerability (INFO, UNKNOWN, LOW, MEDIUM, HIGH, CRITICAL) | @@ -1641,6 +1650,48 @@ Represents a vulnerability. | `userPermissions` | VulnerabilityPermissions! | Permissions for the current user on the resource | | `vulnerabilityPath` | String | URL to the vulnerability's details page | +## VulnerabilityLocationContainerScanning + +Represents the location of a vulnerability found by a container security scan + +| Name | Type | Description | +| --- | ---- | ---------- | +| `dependency` | VulnerableDependency | Dependency containing the vulnerability | +| `image` | String | Name of the vulnerable container image | +| `operatingSystem` | String | Operating system that runs on the vulnerable container image | + +## VulnerabilityLocationDast + +Represents the location of a vulnerability found by a DAST scan + +| Name | Type | Description | +| --- | ---- | ---------- | +| `hostname` | String | Domain name of the vulnerable request | +| `param` | String | Query parameter for the URL on which the vulnerability occurred | +| `path` | String | URL path and query string of the vulnerable request | +| `requestMethod` | String | HTTP method of the vulnerable request | + +## VulnerabilityLocationDependencyScanning + +Represents the location of a vulnerability found by a dependency security scan + +| Name | Type | Description | +| --- | ---- | ---------- | +| `dependency` | VulnerableDependency | Dependency containing the vulnerability | +| `file` | String | Path to the vulnerable file | + +## VulnerabilityLocationSast + +Represents the location of a vulnerability found by a SAST scan + +| Name | Type | Description | +| --- | ---- | ---------- | +| `endLine` | String | Number of the last relevant line in the vulnerable file | +| `file` | String | Path to the vulnerable file | +| `startLine` | String | Number of the first relevant line in the vulnerable file | +| `vulnerableClass` | String | Class containing the vulnerability | +| `vulnerableMethod` | String | Method containing the vulnerability | + ## VulnerabilityPermissions Check permissions for the current user on a vulnerability @@ -1668,3 +1719,20 @@ Represents vulnerability counts by severity | `low` | Int | Number of vulnerabilities of LOW severity of the project | | `medium` | Int | Number of vulnerabilities of MEDIUM severity of the project | | `unknown` | Int | Number of vulnerabilities of UNKNOWN severity of the project | + +## VulnerableDependency + +Represents a vulnerable dependency. Used in vulnerability location data + +| Name | Type | Description | +| --- | ---- | ---------- | +| `package` | VulnerablePackage | The package associated with the vulnerable dependency | +| `version` | String | The version of the vulnerable dependency | + +## VulnerablePackage + +Represents a vulnerable package. Used in vulnerability dependency data + +| Name | Type | Description | +| --- | ---- | ---------- | +| `name` | String | The name of the vulnerable package | diff --git a/doc/api/packages.md b/doc/api/packages.md index 8671de006d2..c68c16e92a7 100644 --- a/doc/api/packages.md +++ b/doc/api/packages.md @@ -68,6 +68,7 @@ GET /groups/:id/packages | `order_by`| string | no | The field to use as order. One of `created_at` (default), `name`, `version`, `type`, or `project_path`. | | `sort` | string | no | The direction of the order, either `asc` (default) for ascending order or `desc` for descending order. | | `package_type` | string | no | Filter the returned packages by type. One of `conan`, `maven`, `npm`, `pypi` or `nuget`. (_Introduced in GitLab 12.9_) | +| `package_name` | string | no | Filter the project packages with a fuzzy search by name. (_[Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/30980) in GitLab 13.0_) ```shell curl --header "PRIVATE-TOKEN: <your_access_token>" https://gitlab.example.com/api/v4/groups/:id/packages?exclude_subgroups=true |