From f635fbdef61acdb9505eabb36709c45296cb6831 Mon Sep 17 00:00:00 2001 From: Filipa Lacerda Date: Fri, 21 Dec 2018 16:03:09 +0000 Subject: [PATCH 01/63] Fixes if case to render author info in releases --- app/assets/javascripts/releases/components/release_block.vue | 2 +- spec/javascripts/releases/components/release_block_spec.js | 4 ++++ 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/app/assets/javascripts/releases/components/release_block.vue b/app/assets/javascripts/releases/components/release_block.vue index 34b97826cdb..4295fef8f0a 100644 --- a/app/assets/javascripts/releases/components/release_block.vue +++ b/app/assets/javascripts/releases/components/release_block.vue @@ -45,7 +45,7 @@ export default { return this.release.author || {}; }, hasAuthor() { - return _.isEmpty(this.author); + return !_.isEmpty(this.author); }, }, }; diff --git a/spec/javascripts/releases/components/release_block_spec.js b/spec/javascripts/releases/components/release_block_spec.js index 29420216bc4..1268cdad08d 100644 --- a/spec/javascripts/releases/components/release_block_spec.js +++ b/spec/javascripts/releases/components/release_block_spec.js @@ -133,4 +133,8 @@ describe('Release block', () => { release.assets.links[0].name, ); }); + + it('renders author avatar', () => { + expect(vm.$el.querySelector('.user-avatar-link')).not.toBeNull(); + }); }); -- GitLab From e6f1209ebf87c61e36c1efdb304dbf9d32d6cbb9 Mon Sep 17 00:00:00 2001 From: Phil Hughes Date: Fri, 21 Dec 2018 17:22:59 +0000 Subject: [PATCH 02/63] Fixes diff sugestions removing dashes from diff Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/55634 --- .../javascripts/vue_shared/components/markdown/field.vue | 3 +-- .../vue_shared/components/markdown/suggestions.vue | 3 +-- changelogs/unreleased/suggestion-dashes.yml | 5 +++++ .../vue_shared/components/markdown/suggestions_spec.js | 4 ++-- 4 files changed, 9 insertions(+), 6 deletions(-) create mode 100644 changelogs/unreleased/suggestion-dashes.yml diff --git a/app/assets/javascripts/vue_shared/components/markdown/field.vue b/app/assets/javascripts/vue_shared/components/markdown/field.vue index 2f7ed4a982c..937a2847a58 100644 --- a/app/assets/javascripts/vue_shared/components/markdown/field.vue +++ b/app/assets/javascripts/vue_shared/components/markdown/field.vue @@ -89,7 +89,6 @@ export default { return this.referencedUsers.length >= referencedUsersThreshold; }, lineContent() { - const FIRST_CHAR_REGEX = /^(\+|-)/; const [firstSuggestion] = this.suggestions; if (firstSuggestion) { return firstSuggestion.from_content; @@ -99,7 +98,7 @@ export default { const { rich_text: richText, text } = this.line; if (text) { - return text.replace(FIRST_CHAR_REGEX, ''); + return text; } return _.unescape(stripHtml(richText).replace(/\n/g, '')); diff --git a/app/assets/javascripts/vue_shared/components/markdown/suggestions.vue b/app/assets/javascripts/vue_shared/components/markdown/suggestions.vue index 7c6dbee3e19..721f0276ac8 100644 --- a/app/assets/javascripts/vue_shared/components/markdown/suggestions.vue +++ b/app/assets/javascripts/vue_shared/components/markdown/suggestions.vue @@ -82,13 +82,12 @@ export default { // extracts the suggested lines from the markdown // calculates a line number for each line - const FIRST_CHAR_REGEX = /^(\+|-)/; const newLines = suggestionEl.querySelectorAll('.line'); const fromLine = this.suggestions.length ? this.suggestions[0].from_line : this.fromLine; const lines = []; newLines.forEach((line, i) => { - const content = `${line.innerText.replace(FIRST_CHAR_REGEX, '')}\n`; + const content = `${line.innerText}\n`; const lineNumber = fromLine + i; lines.push({ content, lineNumber }); }); diff --git a/changelogs/unreleased/suggestion-dashes.yml b/changelogs/unreleased/suggestion-dashes.yml new file mode 100644 index 00000000000..e99ab30b263 --- /dev/null +++ b/changelogs/unreleased/suggestion-dashes.yml @@ -0,0 +1,5 @@ +--- +title: Fixed diff suggestions removing dashes +merge_request: +author: +type: fixed diff --git a/spec/javascripts/vue_shared/components/markdown/suggestions_spec.js b/spec/javascripts/vue_shared/components/markdown/suggestions_spec.js index ab1b747c360..423cd6dee0f 100644 --- a/spec/javascripts/vue_shared/components/markdown/suggestions_spec.js +++ b/spec/javascripts/vue_shared/components/markdown/suggestions_spec.js @@ -29,7 +29,7 @@ const generateLine = content => { const generateMockLines = () => { const line1 = generateLine('Line 1'); const line2 = generateLine('Line 2'); - const line3 = generateLine('Line 3'); + const line3 = generateLine('- Line 3'); const container = document.createElement('div'); container.appendChild(line1); @@ -80,7 +80,7 @@ describe('Suggestion component', () => { const expectedReturn = [ { content: 'Line 1\n', lineNumber: 1 }, { content: 'Line 2\n', lineNumber: 2 }, - { content: 'Line 3\n', lineNumber: 3 }, + { content: '- Line 3\n', lineNumber: 3 }, ]; expect(vm.extractNewLines(generateMockLines())).toEqual(expectedReturn); -- GitLab From 38a10e387021024e35d1985aebe3d50591d9a6c9 Mon Sep 17 00:00:00 2001 From: Mark Lapierre Date: Fri, 21 Dec 2018 18:30:52 +0000 Subject: [PATCH 03/63] Exit as error if job fails If a script is waiting for a job to be done and that job fails, exit with an error status so that the script doesn't continue with a prerequisite in an invalid state. --- scripts/review_apps/review-apps.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/scripts/review_apps/review-apps.sh b/scripts/review_apps/review-apps.sh index 9e52366f800..118a7c7f638 100755 --- a/scripts/review_apps/review-apps.sh +++ b/scripts/review_apps/review-apps.sh @@ -344,6 +344,7 @@ function wait_for_job_to_be_done() { if [[ "${job_status}" == "failed" ]]; then echo "The '${job_name}' failed." + exit 1 elif [[ "${job_status}" == "manual" ]]; then echo "The '${job_name}' is manual." else -- GitLab From 4cab5195715ba06e5b33ab83de1b2c1e3d3f2cf8 Mon Sep 17 00:00:00 2001 From: Takuya Noguchi Date: Sat, 22 Dec 2018 21:42:17 +0900 Subject: [PATCH 04/63] Remove app/views/shared/issuable/_filter.html.haml This partial template was unintentionally re-introduced in !21438. Signed-off-by: Takuya Noguchi --- app/views/shared/issuable/_filter.html.haml | 32 ------------------- ...iews-shared-issuable-_filter-html-haml.yml | 5 +++ 2 files changed, 5 insertions(+), 32 deletions(-) delete mode 100644 app/views/shared/issuable/_filter.html.haml create mode 100644 changelogs/unreleased/55670-remove-app-views-shared-issuable-_filter-html-haml.yml diff --git a/app/views/shared/issuable/_filter.html.haml b/app/views/shared/issuable/_filter.html.haml deleted file mode 100644 index 2ca4657851c..00000000000 --- a/app/views/shared/issuable/_filter.html.haml +++ /dev/null @@ -1,32 +0,0 @@ -.issues-filters - .issues-details-filters.row-content-block.second-block - = form_tag page_filter_path(without: [:assignee_id, :author_id, :milestone_title, :label_name, :search]), method: :get, class: 'filter-form js-filter-form' do - - if params[:search].present? - = hidden_field_tag :search, params[:search] - .issues-other-filters - .filter-item.inline - - if params[:author_id].present? - = hidden_field_tag(:author_id, params[:author_id]) - = dropdown_tag(user_dropdown_label(params[:author_id], "Author"), options: { toggle_class: "js-user-search js-filter-submit js-author-search", title: "Filter by author", filter: true, dropdown_class: "dropdown-menu-user dropdown-menu-selectable dropdown-menu-author js-filter-submit", - placeholder: "Search authors", data: { any_user: "Any Author", first_user: current_user&.username, current_user: true, project_id: @project&.id, group_id: @group&.id, selected: params[:author_id], field_name: "author_id", default_label: "Author" } }) - - .filter-item.inline - - if params[:assignee_id].present? - = hidden_field_tag(:assignee_id, params[:assignee_id]) - = dropdown_tag(user_dropdown_label(params[:assignee_id], "Assignee"), options: { toggle_class: "js-user-search js-filter-submit js-assignee-search", title: "Filter by assignee", filter: true, dropdown_class: "dropdown-menu-user dropdown-menu-selectable dropdown-menu-assignee js-filter-submit", - placeholder: "Search assignee", data: { any_user: "Any Assignee", first_user: current_user&.username, null_user: true, current_user: true, project_id: @project&.id, group_id: @group&.id, selected: params[:assignee_id], field_name: "assignee_id", default_label: "Assignee" } }) - - .filter-item.inline.milestone-filter - = render "shared/issuable/milestone_dropdown", selected: finder.milestones.try(:first), name: :milestone_title, show_any: true, show_upcoming: true, show_started: true - - .filter-item.inline.labels-filter - = render "shared/issuable/label_dropdown", selected: selected_labels, use_id: false, selected_toggle: params[:label_name], data_options: { field_name: "label_name[]" } - - - unless @no_filters_set - .float-right - = render 'shared/issuable/sort_dropdown' - - - has_labels = @labels && @labels.any? - .row-content-block.second-block.filtered-labels{ class: ("hidden" unless has_labels) } - - if has_labels - = render 'shared/labels_row', labels: @labels diff --git a/changelogs/unreleased/55670-remove-app-views-shared-issuable-_filter-html-haml.yml b/changelogs/unreleased/55670-remove-app-views-shared-issuable-_filter-html-haml.yml new file mode 100644 index 00000000000..9d37f798250 --- /dev/null +++ b/changelogs/unreleased/55670-remove-app-views-shared-issuable-_filter-html-haml.yml @@ -0,0 +1,5 @@ +--- +title: Remove app/views/shared/issuable/_filter.html.haml +merge_request: 24008 +author: Takuya Noguchi +type: other -- GitLab From b9da281cb1cf122b044af81f0120ace826fb2505 Mon Sep 17 00:00:00 2001 From: rubenmoya Date: Wed, 26 Dec 2018 20:49:11 +0100 Subject: [PATCH 05/63] Add assignableLabelsEndpoint to issue after createing it --- app/assets/javascripts/boards/models/list.js | 1 + 1 file changed, 1 insertion(+) diff --git a/app/assets/javascripts/boards/models/list.js b/app/assets/javascripts/boards/models/list.js index dd3feedbc0e..9f6d9a853da 100644 --- a/app/assets/javascripts/boards/models/list.js +++ b/app/assets/javascripts/boards/models/list.js @@ -244,6 +244,7 @@ class List { issue.project = data.project; issue.path = data.real_path; issue.referencePath = data.reference_path; + issue.assignableLabelsEndpoint = data.assignable_labels_endpoint; if (this.issuesSize > 1) { const moveBeforeId = this.issues[1].id; -- GitLab From ca84c8e2fd4898965e71e19e8343603404c28fe7 Mon Sep 17 00:00:00 2001 From: rubenmoya Date: Wed, 26 Dec 2018 20:56:33 +0100 Subject: [PATCH 06/63] Add changelog entry --- changelogs/unreleased/54311-fix-board-add-label.yml | 5 +++++ 1 file changed, 5 insertions(+) create mode 100644 changelogs/unreleased/54311-fix-board-add-label.yml diff --git a/changelogs/unreleased/54311-fix-board-add-label.yml b/changelogs/unreleased/54311-fix-board-add-label.yml new file mode 100644 index 00000000000..8fd8f7a0381 --- /dev/null +++ b/changelogs/unreleased/54311-fix-board-add-label.yml @@ -0,0 +1,5 @@ +--- +title: Fix error when creating labels in a new issue in the boards page +merge_request: 24039 +author: Ruben Moya +type: fixed -- GitLab From d8a3f33995ea87e59dcd783a3173c000ce46bbd8 Mon Sep 17 00:00:00 2001 From: Achilleas Pipinellis Date: Fri, 16 Nov 2018 15:14:38 +0100 Subject: [PATCH 07/63] Make the Pages permission setting more clear --- .../shared/permissions/components/settings_panel.vue | 4 ++-- app/helpers/projects_helper.rb | 2 +- ...ect-s-permission-should-be-named-pages-access-control.yml | 5 +++++ 3 files changed, 8 insertions(+), 3 deletions(-) create mode 100644 changelogs/unreleased/54142-pages-in-project-s-permission-should-be-named-pages-access-control.yml diff --git a/app/assets/javascripts/pages/projects/shared/permissions/components/settings_panel.vue b/app/assets/javascripts/pages/projects/shared/permissions/components/settings_panel.vue index 08c7719dcf2..19d9903c988 100644 --- a/app/assets/javascripts/pages/projects/shared/permissions/components/settings_panel.vue +++ b/app/assets/javascripts/pages/projects/shared/permissions/components/settings_panel.vue @@ -325,8 +325,8 @@ export default { Date: Sat, 29 Dec 2018 11:31:49 +0000 Subject: [PATCH 08/63] [fix] correct typo in repo_by_url.md --- doc/user/project/import/repo_by_url.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/user/project/import/repo_by_url.md b/doc/user/project/import/repo_by_url.md index f43e384de88..c20b1cb7f5e 100644 --- a/doc/user/project/import/repo_by_url.md +++ b/doc/user/project/import/repo_by_url.md @@ -6,7 +6,7 @@ You can import your existing repositories by providing the Git URL: 1. Switch to the **Import project** tab 1. Click on the **Repo by URL** button 1. Fill in the "Git repository URL" and the remaining project fields -1. Click **Create project** to being the import process +1. Click **Create project** to begin the import process 1. Once complete, you will be redirected to your newly created project ![Import project by repo URL](img/import_projects_from_repo_url.png) -- GitLab From d36b022fae66fc0841335b73b6c7e1a4ecbcaa6e Mon Sep 17 00:00:00 2001 From: Jasper Maes Date: Thu, 3 Jan 2019 19:23:37 +0100 Subject: [PATCH 09/63] Fix deprecation: returning false in Active Record and Active Model callbacks will not implicitly halt a callback chain --- app/models/list.rb | 2 +- changelogs/unreleased/deprecated-callback-false.yml | 6 ++++++ config/initializers/new_framework_defaults.rb | 3 --- 3 files changed, 7 insertions(+), 4 deletions(-) create mode 100644 changelogs/unreleased/deprecated-callback-false.yml diff --git a/app/models/list.rb b/app/models/list.rb index 029685be927..682af761ba0 100644 --- a/app/models/list.rb +++ b/app/models/list.rb @@ -54,6 +54,6 @@ class List < ActiveRecord::Base private def can_be_destroyed - destroyable? + throw(:abort) unless destroyable? end end diff --git a/changelogs/unreleased/deprecated-callback-false.yml b/changelogs/unreleased/deprecated-callback-false.yml new file mode 100644 index 00000000000..6ba01a75ab9 --- /dev/null +++ b/changelogs/unreleased/deprecated-callback-false.yml @@ -0,0 +1,6 @@ +--- +title: 'Fix deprecation: returning false in Active Record and Active Model callbacks + will not implicitly halt a callback chain' +merge_request: 24134 +author: Jasper Maes +type: other diff --git a/config/initializers/new_framework_defaults.rb b/config/initializers/new_framework_defaults.rb index 5adb9f7a4b4..a1e0667bc6f 100644 --- a/config/initializers/new_framework_defaults.rb +++ b/config/initializers/new_framework_defaults.rb @@ -22,6 +22,3 @@ ActiveSupport.to_time_preserves_timezone = false # Require `belongs_to` associations by default. Previous versions had false. Rails.application.config.active_record.belongs_to_required_by_default = false - -# Do not halt callback chains when a callback returns false. Previous versions had true. -ActiveSupport.halt_callback_chains_on_return_false = true -- GitLab From 0d9b801a5ff9d98948954da61569668a57dde99a Mon Sep 17 00:00:00 2001 From: Shinya Maeda Date: Wed, 2 Jan 2019 15:39:45 +0900 Subject: [PATCH 10/63] Refactor the logic of updating head pipelines Sort out some logic --- app/models/ci/pipeline.rb | 12 ++++++++ app/models/merge_request.rb | 18 +++++++++--- app/services/merge_requests/create_service.rb | 16 +--------- ..._head_pipeline_for_merge_request_worker.rb | 21 ++------------ .../user-update-head-pipeline-worker.yml | 5 ++++ spec/models/merge_request_spec.rb | 28 ++++++++++++++++++ .../ci/create_pipeline_service_spec.rb | 3 +- .../merge_requests/create_service_spec.rb | 29 ++++++++++++++----- ..._pipeline_for_merge_request_worker_spec.rb | 10 +++---- 9 files changed, 90 insertions(+), 52 deletions(-) create mode 100644 changelogs/unreleased/user-update-head-pipeline-worker.yml diff --git a/app/models/ci/pipeline.rb b/app/models/ci/pipeline.rb index 1f5017cc3c3..8b95e83635b 100644 --- a/app/models/ci/pipeline.rb +++ b/app/models/ci/pipeline.rb @@ -178,6 +178,14 @@ module Ci scope :for_user, -> (user) { where(user: user) } + scope :for_merge_request, -> (merge_request, ref, sha) do + ## + # We have to filter out unrelated MR pipelines, in case, + # there are two merge requests from the same source branch + where(merge_request: [nil, merge_request], ref: ref, sha: sha) + .sort_by_merge_request_pipelines + end + # Returns the pipelines in descending order (= newest first), optionally # limited to a number of references. # @@ -265,6 +273,10 @@ module Ci sources.reject { |source| source == "external" }.values end + def self.latest_for_merge_request(merge_request, ref, sha) + for_merge_request(merge_request, ref, sha).first + end + def self.ci_sources_values config_sources.values_at(:repository_source, :auto_devops_source, :unknown_source) end diff --git a/app/models/merge_request.rb b/app/models/merge_request.rb index 6092c56b925..ebd1f22ebc7 100644 --- a/app/models/merge_request.rb +++ b/app/models/merge_request.rb @@ -1092,10 +1092,15 @@ class MergeRequest < ActiveRecord::Base def all_pipelines(shas: all_commit_shas) return Ci::Pipeline.none unless source_project - @all_pipelines ||= source_project.ci_pipelines - .where(sha: shas, ref: source_branch) - .where(merge_request: [nil, self]) - .sort_by_merge_request_pipelines + @all_pipelines ||= + source_project.ci_pipelines + .for_merge_request(self, source_branch, all_commit_shas) + end + + def update_head_pipeline + self.head_pipeline = find_actual_head_pipeline + + update_column(:head_pipeline_id, head_pipeline.id) if head_pipeline_id_changed? end def merge_request_pipeline_exists? @@ -1295,6 +1300,11 @@ class MergeRequest < ActiveRecord::Base .find_by(sha: diff_base_sha) end + def find_actual_head_pipeline + source_project&.ci_pipelines + &.latest_for_merge_request(self, source_branch, diff_head_sha) + end + def discussions_rendered_on_frontend? true end diff --git a/app/services/merge_requests/create_service.rb b/app/services/merge_requests/create_service.rb index 7bb9fa60515..02c2388c05c 100644 --- a/app/services/merge_requests/create_service.rb +++ b/app/services/merge_requests/create_service.rb @@ -26,7 +26,7 @@ module MergeRequests todo_service.new_merge_request(issuable, current_user) issuable.cache_merge_request_closes_issues!(current_user) create_merge_request_pipeline(issuable, current_user) - update_merge_requests_head_pipeline(issuable) + issuable.update_head_pipeline super end @@ -45,20 +45,6 @@ module MergeRequests private - def update_merge_requests_head_pipeline(merge_request) - pipeline = head_pipeline_for(merge_request) - merge_request.update(head_pipeline_id: pipeline.id) if pipeline - end - - def head_pipeline_for(merge_request) - return unless merge_request.source_project - - sha = merge_request.source_branch_sha - return unless sha - - merge_request.all_pipelines(shas: sha).first - end - def set_projects! # @project is used to determine whether the user can set the merge request's # assignee, milestone and labels. Whether they can depends on their diff --git a/app/workers/update_head_pipeline_for_merge_request_worker.rb b/app/workers/update_head_pipeline_for_merge_request_worker.rb index e8494ffa002..4ec2b9d8fbe 100644 --- a/app/workers/update_head_pipeline_for_merge_request_worker.rb +++ b/app/workers/update_head_pipeline_for_merge_request_worker.rb @@ -7,25 +7,8 @@ class UpdateHeadPipelineForMergeRequestWorker queue_namespace :pipeline_processing def perform(merge_request_id) - merge_request = MergeRequest.find(merge_request_id) - - sha = merge_request.diff_head_sha - pipeline = merge_request.all_pipelines(shas: sha).first - - return unless pipeline && pipeline.latest? - - if merge_request.diff_head_sha != pipeline.sha - log_error_message_for(merge_request) - - return + MergeRequest.find_by_id(merge_request_id).try do |merge_request| + merge_request.update_head_pipeline end - - merge_request.update_attribute(:head_pipeline_id, pipeline.id) - end - - def log_error_message_for(merge_request) - Rails.logger.error( - "Outdated head pipeline for active merge request: id=#{merge_request.id}, source_branch=#{merge_request.source_branch}, diff_head_sha=#{merge_request.diff_head_sha}" - ) end end diff --git a/changelogs/unreleased/user-update-head-pipeline-worker.yml b/changelogs/unreleased/user-update-head-pipeline-worker.yml new file mode 100644 index 00000000000..2c8088dd78a --- /dev/null +++ b/changelogs/unreleased/user-update-head-pipeline-worker.yml @@ -0,0 +1,5 @@ +--- +title: Refactor the logic of updating head pipelines for merge requests +merge_request: 23437 +author: +type: other diff --git a/spec/models/merge_request_spec.rb b/spec/models/merge_request_spec.rb index 4cc3a6a3644..96d49e86dab 100644 --- a/spec/models/merge_request_spec.rb +++ b/spec/models/merge_request_spec.rb @@ -1372,6 +1372,34 @@ describe MergeRequest do end end + describe '#update_head_pipeline' do + subject { merge_request.update_head_pipeline } + + let(:merge_request) { create(:merge_request) } + + context 'when there is a pipeline with the diff head sha' do + let!(:pipeline) do + create(:ci_empty_pipeline, + project: merge_request.project, + sha: merge_request.diff_head_sha, + ref: merge_request.source_branch) + end + + it 'updates the head pipeline' do + expect { subject } + .to change { merge_request.reload.head_pipeline } + .from(nil).to(pipeline) + end + end + + context 'when there are no pipelines with the diff head sha' do + it 'does not update the head pipeline' do + expect { subject } + .not_to change { merge_request.reload.head_pipeline } + end + end + end + describe '#has_test_reports?' do subject { merge_request.has_test_reports? } diff --git a/spec/services/ci/create_pipeline_service_spec.rb b/spec/services/ci/create_pipeline_service_spec.rb index 87b60387c52..8497e90bd8b 100644 --- a/spec/services/ci/create_pipeline_service_spec.rb +++ b/spec/services/ci/create_pipeline_service_spec.rb @@ -143,7 +143,8 @@ describe Ci::CreatePipelineService do target_branch: "branch_1", source_project: project) - allow_any_instance_of(Ci::Pipeline).to receive(:latest?).and_return(false) + allow_any_instance_of(MergeRequest) + .to receive(:find_actual_head_pipeline) { } execute_service diff --git a/spec/services/merge_requests/create_service_spec.rb b/spec/services/merge_requests/create_service_spec.rb index 5a3ecb1019b..308f99dc0da 100644 --- a/spec/services/merge_requests/create_service_spec.rb +++ b/spec/services/merge_requests/create_service_spec.rb @@ -128,9 +128,9 @@ describe MergeRequests::CreateService do end context 'when head pipelines already exist for merge request source branch' do - let(:sha) { project.commit(opts[:source_branch]).id } - let!(:pipeline_1) { create(:ci_pipeline, project: project, ref: opts[:source_branch], project_id: project.id, sha: sha) } - let!(:pipeline_2) { create(:ci_pipeline, project: project, ref: opts[:source_branch], project_id: project.id, sha: sha) } + let(:shas) { project.repository.commits(opts[:source_branch], limit: 2).map(&:id) } + let!(:pipeline_1) { create(:ci_pipeline, project: project, ref: opts[:source_branch], project_id: project.id, sha: shas[1]) } + let!(:pipeline_2) { create(:ci_pipeline, project: project, ref: opts[:source_branch], project_id: project.id, sha: shas[0]) } let!(:pipeline_3) { create(:ci_pipeline, project: project, ref: "other_branch", project_id: project.id) } before do @@ -144,17 +144,30 @@ describe MergeRequests::CreateService do it 'sets head pipeline' do merge_request = service.execute - expect(merge_request.head_pipeline).to eq(pipeline_2) + expect(merge_request.reload.head_pipeline).to eq(pipeline_2) expect(merge_request).to be_persisted end - context 'when merge request head commit sha does not match pipeline sha' do - it 'sets the head pipeline correctly' do - pipeline_2.update(sha: 1234) + context 'when the new pipeline is associated with an old sha' do + let!(:pipeline_1) { create(:ci_pipeline, project: project, ref: opts[:source_branch], project_id: project.id, sha: shas[0]) } + let!(:pipeline_2) { create(:ci_pipeline, project: project, ref: opts[:source_branch], project_id: project.id, sha: shas[1]) } + it 'sets an old pipeline with associated with the latest sha as the head pipeline' do merge_request = service.execute - expect(merge_request.head_pipeline).to eq(pipeline_1) + expect(merge_request.reload.head_pipeline).to eq(pipeline_1) + expect(merge_request).to be_persisted + end + end + + context 'when there are no pipelines with the diff head sha' do + let!(:pipeline_1) { create(:ci_pipeline, project: project, ref: opts[:source_branch], project_id: project.id, sha: shas[1]) } + let!(:pipeline_2) { create(:ci_pipeline, project: project, ref: opts[:source_branch], project_id: project.id, sha: shas[1]) } + + it 'does not set the head pipeline' do + merge_request = service.execute + + expect(merge_request.reload.head_pipeline).to be_nil expect(merge_request).to be_persisted end end diff --git a/spec/workers/update_head_pipeline_for_merge_request_worker_spec.rb b/spec/workers/update_head_pipeline_for_merge_request_worker_spec.rb index a2bc264b0f6..963237ceadf 100644 --- a/spec/workers/update_head_pipeline_for_merge_request_worker_spec.rb +++ b/spec/workers/update_head_pipeline_for_merge_request_worker_spec.rb @@ -21,17 +21,17 @@ describe UpdateHeadPipelineForMergeRequestWorker do merge_request.merge_request_diff.update(head_commit_sha: 'different_sha') end - it 'does not update head_pipeline_id' do - expect { subject.perform(merge_request.id) }.not_to raise_error - - expect(merge_request.reload.head_pipeline_id).to eq(nil) + it 'does not update head pipeline' do + expect { subject.perform(merge_request.id) } + .not_to change { merge_request.reload.head_pipeline_id } end end end context 'when pipeline does not exist for the source project and branch' do it 'does not update the head_pipeline_id of the merge_request' do - expect { subject.perform(merge_request.id) }.not_to change { merge_request.reload.head_pipeline_id } + expect { subject.perform(merge_request.id) } + .not_to change { merge_request.reload.head_pipeline_id } end end -- GitLab From b6a9dce14e340bcc8dbd41fb6ba97b30b37e8657 Mon Sep 17 00:00:00 2001 From: Shinya Maeda Date: Wed, 2 Jan 2019 15:51:59 +0900 Subject: [PATCH 11/63] Make find_actual_head_pipeline private method a --- app/models/merge_request.rb | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/app/models/merge_request.rb b/app/models/merge_request.rb index ebd1f22ebc7..613860ec31a 100644 --- a/app/models/merge_request.rb +++ b/app/models/merge_request.rb @@ -1300,11 +1300,6 @@ class MergeRequest < ActiveRecord::Base .find_by(sha: diff_base_sha) end - def find_actual_head_pipeline - source_project&.ci_pipelines - &.latest_for_merge_request(self, source_branch, diff_head_sha) - end - def discussions_rendered_on_frontend? true end @@ -1348,4 +1343,11 @@ class MergeRequest < ActiveRecord::Base source_project.repository.squash_in_progress?(id) end + + private + + def find_actual_head_pipeline + source_project&.ci_pipelines + &.latest_for_merge_request(self, source_branch, diff_head_sha) + end end -- GitLab From c6b7954bca9562d42797b8f9f5c3da6f4657cccc Mon Sep 17 00:00:00 2001 From: Shinya Maeda Date: Fri, 4 Jan 2019 19:39:26 +0900 Subject: [PATCH 12/63] Update changelog number --- changelogs/unreleased/user-update-head-pipeline-worker.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/changelogs/unreleased/user-update-head-pipeline-worker.yml b/changelogs/unreleased/user-update-head-pipeline-worker.yml index 2c8088dd78a..fd88697f239 100644 --- a/changelogs/unreleased/user-update-head-pipeline-worker.yml +++ b/changelogs/unreleased/user-update-head-pipeline-worker.yml @@ -1,5 +1,5 @@ --- title: Refactor the logic of updating head pipelines for merge requests -merge_request: 23437 +merge_request: 23502 author: type: other -- GitLab From 4ab0b33db6f328fc68394fd3af992052f883401e Mon Sep 17 00:00:00 2001 From: Shinya Maeda Date: Fri, 4 Jan 2019 19:47:39 +0900 Subject: [PATCH 13/63] Clarify comments about for_merge_request --- app/models/ci/pipeline.rb | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/app/models/ci/pipeline.rb b/app/models/ci/pipeline.rb index 8b95e83635b..5b446e649a9 100644 --- a/app/models/ci/pipeline.rb +++ b/app/models/ci/pipeline.rb @@ -180,8 +180,9 @@ module Ci scope :for_merge_request, -> (merge_request, ref, sha) do ## - # We have to filter out unrelated MR pipelines, in case, - # there are two merge requests from the same source branch + # We have to filter out unrelated MR pipelines. + # When merge request is empty, it selects general pipelines, such as push sourced pipelines. + # When merge request is matched, it selects MR pipelines. where(merge_request: [nil, merge_request], ref: ref, sha: sha) .sort_by_merge_request_pipelines end -- GitLab From 0e078d1a8acb4d40ebdc7e1570df6be42cd97e1f Mon Sep 17 00:00:00 2001 From: Achilleas Pipinellis Date: Thu, 27 Dec 2018 10:03:08 +0100 Subject: [PATCH 14/63] Replace look-alike token with '' Replace all '9koXpg98eAheJpvBs5tK' occurrences with '' in API docs. --- doc/api/README.md | 20 ++++---- doc/api/access_requests.md | 16 +++--- doc/api/applications.md | 6 +-- doc/api/award_emoji.md | 16 +++--- doc/api/boards.md | 14 +++--- doc/api/branches.md | 14 +++--- doc/api/broadcast_messages.md | 10 ++-- doc/api/commits.md | 24 ++++----- doc/api/custom_attributes.md | 8 +-- doc/api/deploy_key_multiple_projects.md | 8 +-- doc/api/deploy_keys.md | 14 +++--- doc/api/deployments.md | 4 +- doc/api/discussions.md | 54 ++++++++++----------- doc/api/environments.md | 10 ++-- doc/api/events.md | 6 +-- doc/api/features.md | 4 +- doc/api/graphql/index.md | 2 +- doc/api/group_badges.md | 12 ++--- doc/api/group_boards.md | 14 +++--- doc/api/group_level_variables.md | 10 ++-- doc/api/group_milestones.md | 2 +- doc/api/groups.md | 6 +-- doc/api/issues.md | 40 +++++++-------- doc/api/jobs.md | 26 +++++----- doc/api/labels.md | 12 ++--- doc/api/members.md | 24 ++++----- doc/api/merge_requests.md | 26 +++++----- doc/api/milestones.md | 2 +- doc/api/namespaces.md | 8 +-- doc/api/notes.md | 28 +++++------ doc/api/notification_settings.md | 12 ++--- doc/api/pages_domains.md | 18 +++---- doc/api/pipeline_triggers.md | 12 ++--- doc/api/pipelines.md | 12 ++--- doc/api/project_badges.md | 12 ++--- doc/api/project_import_export.md | 12 ++--- doc/api/project_level_variables.md | 10 ++-- doc/api/project_snippets.md | 2 +- doc/api/projects.md | 18 +++---- doc/api/protected_branches.md | 8 +-- doc/api/protected_tags.md | 8 +-- doc/api/repositories.md | 2 +- doc/api/repository_files.md | 12 ++--- doc/api/repository_submodules.md | 2 +- doc/api/resource_label_events.md | 8 +-- doc/api/runners.md | 18 +++---- doc/api/search.md | 34 ++++++------- doc/api/services.md | 2 +- doc/api/settings.md | 4 +- doc/api/sidekiq_metrics.md | 8 +-- doc/api/snippets.md | 10 ++-- doc/api/suggestions.md | 2 +- doc/api/system_hooks.md | 8 +-- doc/api/tags.md | 2 +- doc/api/templates/licenses.md | 2 +- doc/api/todos.md | 7 ++- doc/api/users.md | 30 ++++++------ doc/api/version.md | 2 +- doc/api/wikis.md | 12 ++--- doc/development/documentation/styleguide.md | 20 ++++---- 60 files changed, 374 insertions(+), 375 deletions(-) diff --git a/doc/api/README.md b/doc/api/README.md index fd5e88cb9d5..d481d0699e7 100644 --- a/doc/api/README.md +++ b/doc/api/README.md @@ -194,13 +194,13 @@ You can use a [personal access token][pat] to authenticate with the API by passi Example of using the personal access token in a parameter: ```shell -curl https://gitlab.example.com/api/v4/projects?private_token=9koXpg98eAheJpvBs5tK +curl https://gitlab.example.com/api/v4/projects?private_token= ``` Example of using the personal access token in a header: ```shell -curl --header "Private-Token: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects +curl --header "Private-Token: " https://gitlab.example.com/api/v4/projects ``` Read more about [personal access tokens][pat]. @@ -319,22 +319,22 @@ Example of a valid API call and a request using cURL with sudo request, providing a username: ``` -GET /projects?private_token=9koXpg98eAheJpvBs5tK&sudo=username +GET /projects?private_token=&sudo=username ``` ```shell -curl --header "Private-Token: 9koXpg98eAheJpvBs5tK" --header "Sudo: username" "https://gitlab.example.com/api/v4/projects" +curl --header "Private-Token: " --header "Sudo: username" "https://gitlab.example.com/api/v4/projects" ``` Example of a valid API call and a request using cURL with sudo request, providing an ID: ``` -GET /projects?private_token=9koXpg98eAheJpvBs5tK&sudo=23 +GET /projects?private_token=&sudo=23 ``` ```shell -curl --header "Private-Token: 9koXpg98eAheJpvBs5tK" --header "Sudo: 23" "https://gitlab.example.com/api/v4/projects" +curl --header "Private-Token: " --header "Sudo: 23" "https://gitlab.example.com/api/v4/projects" ``` ## Status codes @@ -383,7 +383,7 @@ resources you can pass the following parameters: In the example below, we list 50 [namespaces](namespaces.md) per page. ```bash -curl --request PUT --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/namespaces?per_page=50 +curl --request PUT --header "PRIVATE-TOKEN: " "https://gitlab.example.com/api/v4/namespaces?per_page=50 ``` ### Pagination Link header @@ -397,7 +397,7 @@ and we request the second page (`page=2`) of [comments](notes.md) of the issue with ID `8` which belongs to the project with ID `8`: ```bash -curl --head --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/8/issues/8/notes?per_page=3&page=2 +curl --head --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/8/issues/8/notes?per_page=3&page=2 ``` The response will then be: @@ -465,7 +465,7 @@ We can call the API with `array` and `hash` types parameters as shown below: `import_sources` is a parameter of type `array`: ```bash -curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" \ +curl --request POST --header "PRIVATE-TOKEN: " \ -d "import_sources[]=github" \ -d "import_sources[]=bitbucket" \ "https://gitlab.example.com/api/v4/some_endpoint @@ -476,7 +476,7 @@ curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" \ `override_params` is a parameter of type `hash`: ```bash -curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" \ +curl --request POST --header "PRIVATE-TOKEN: " \ --form "namespace=email" \ --form "path=impapi" \ --form "file=@/path/to/somefile.txt" diff --git a/doc/api/access_requests.md b/doc/api/access_requests.md index 4b2014ca843..973c3968d90 100644 --- a/doc/api/access_requests.md +++ b/doc/api/access_requests.md @@ -28,8 +28,8 @@ GET /projects/:id/access_requests | `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/groups/:id/access_requests -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/:id/access_requests +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/groups/:id/access_requests +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/:id/access_requests ``` Example response: @@ -69,8 +69,8 @@ POST /projects/:id/access_requests | `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | ```bash -curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/groups/:id/access_requests -curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/:id/access_requests +curl --request POST --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/groups/:id/access_requests +curl --request POST --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/:id/access_requests ``` Example response: @@ -102,8 +102,8 @@ PUT /projects/:id/access_requests/:user_id/approve | `access_level` | integer | no | A valid access level (defaults: `30`, developer access level) | ```bash -curl --request PUT --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/groups/:id/access_requests/:user_id/approve?access_level=20 -curl --request PUT --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/:id/access_requests/:user_id/approve?access_level=20 +curl --request PUT --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/groups/:id/access_requests/:user_id/approve?access_level=20 +curl --request PUT --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/:id/access_requests/:user_id/approve?access_level=20 ``` Example response: @@ -134,6 +134,6 @@ DELETE /projects/:id/access_requests/:user_id | `user_id` | integer | yes | The user ID of the access requester | ```bash -curl --request DELETE --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/groups/:id/access_requests/:user_id -curl --request DELETE --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/:id/access_requests/:user_id +curl --request DELETE --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/groups/:id/access_requests/:user_id +curl --request DELETE --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/:id/access_requests/:user_id ``` diff --git a/doc/api/applications.md b/doc/api/applications.md index d74a3cdf5c1..7f95c136168 100644 --- a/doc/api/applications.md +++ b/doc/api/applications.md @@ -23,7 +23,7 @@ POST /applications | `scopes` | string | yes | The scopes of the application | ```bash -curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" --data "name=MyApplication&redirect_uri=http://redirect.uri&scopes=" https://gitlab.example.com/api/v4/applications +curl --request POST --header "PRIVATE-TOKEN: " --data "name=MyApplication&redirect_uri=http://redirect.uri&scopes=" https://gitlab.example.com/api/v4/applications ``` Example response: @@ -47,7 +47,7 @@ GET /applications ``` ```bash -curl --request GET --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/applications +curl --request GET --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/applications ``` Example response: @@ -80,5 +80,5 @@ Parameters: - `id` (required) - The id of the application (not the application_id) ```bash -curl --request DELETE --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/applications/:id +curl --request DELETE --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/applications/:id ``` diff --git a/doc/api/award_emoji.md b/doc/api/award_emoji.md index 3f9542d6653..41e39c31069 100644 --- a/doc/api/award_emoji.md +++ b/doc/api/award_emoji.md @@ -27,7 +27,7 @@ Parameters: | `awardable_id` | integer | yes | The ID (`iid` for merge requests/issues, `id` for snippets) of an awardable | ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/1/issues/80/award_emoji +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/1/issues/80/award_emoji ``` Example Response: @@ -88,7 +88,7 @@ Parameters: | `award_id` | integer | yes | The ID of the award emoji | ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/1/issues/80/award_emoji/1 +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/1/issues/80/award_emoji/1 ``` Example Response: @@ -131,7 +131,7 @@ Parameters: | `name` | string | yes | The name of the emoji, without colons | ```bash -curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/1/issues/80/award_emoji?name=blowfish +curl --request POST --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/1/issues/80/award_emoji?name=blowfish ``` Example Response: @@ -175,7 +175,7 @@ Parameters: | `award_id` | integer | yes | The ID of an award_emoji | ```bash -curl --request DELETE --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/1/issues/80/award_emoji/344 +curl --request DELETE --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/1/issues/80/award_emoji/344 ``` ## Award Emoji on Notes @@ -201,7 +201,7 @@ Parameters: ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/1/issues/80/notes/1/award_emoji +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/1/issues/80/notes/1/award_emoji ``` Example Response: @@ -243,7 +243,7 @@ Parameters: | `award_id` | integer | yes | The ID of the award emoji | ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/1/issues/80/notes/1/award_emoji/2 +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/1/issues/80/notes/1/award_emoji/2 ``` Example Response: @@ -283,7 +283,7 @@ Parameters: | `name` | string | yes | The name of the emoji, without colons | ```bash -curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/1/issues/80/notes/1/award_emoji?name=rocket +curl --request POST --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/1/issues/80/notes/1/award_emoji?name=rocket ``` Example Response: @@ -326,7 +326,7 @@ Parameters: | `award_id` | integer | yes | The ID of an award_emoji | ```bash -curl --request DELETE --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/1/issues/80/award_emoji/345 +curl --request DELETE --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/1/issues/80/award_emoji/345 ``` [ce-4575]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/4575 diff --git a/doc/api/boards.md b/doc/api/boards.md index 5f006f4f012..2a2622736c3 100644 --- a/doc/api/boards.md +++ b/doc/api/boards.md @@ -18,7 +18,7 @@ GET /projects/:id/boards | `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/boards +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/5/boards ``` Example response: @@ -87,7 +87,7 @@ GET /projects/:id/boards/:board_id | `board_id` | integer | yes | The ID of a board | ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/boards/1 +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/5/boards/1 ``` Example response: @@ -156,7 +156,7 @@ GET /projects/:id/boards/:board_id/lists | `board_id` | integer | yes | The ID of a board | ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/boards/1/lists +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/5/boards/1/lists ``` Example response: @@ -208,7 +208,7 @@ GET /projects/:id/boards/:board_id/lists/:list_id | `list_id`| integer | yes | The ID of a board's list | ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/boards/1/lists/1 +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/5/boards/1/lists/1 ``` Example response: @@ -240,7 +240,7 @@ POST /projects/:id/boards/:board_id/lists | `label_id` | integer | yes | The ID of a label | ```bash -curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/boards/1/lists?label_id=5 +curl --request POST --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/5/boards/1/lists?label_id=5 ``` Example response: @@ -273,7 +273,7 @@ PUT /projects/:id/boards/:board_id/lists/:list_id | `position` | integer | yes | The position of the list | ```bash -curl --request PUT --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/boards/1/lists/1?position=2 +curl --request PUT --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/5/boards/1/lists/1?position=2 ``` Example response: @@ -305,5 +305,5 @@ DELETE /projects/:id/boards/:board_id/lists/:list_id | `list_id` | integer | yes | The ID of a board's list | ```bash -curl --request DELETE --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/boards/1/lists/1 +curl --request DELETE --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/5/boards/1/lists/1 ``` diff --git a/doc/api/branches.md b/doc/api/branches.md index 4abf0639eb0..3b55154887d 100644 --- a/doc/api/branches.md +++ b/doc/api/branches.md @@ -16,7 +16,7 @@ GET /projects/:id/repository/branches | `search` | string | no | Return list of branches matching the search criteria. | ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/repository/branches +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/5/repository/branches ``` Example response: @@ -66,7 +66,7 @@ GET /projects/:id/repository/branches/:branch | `branch` | string | yes | The name of the branch | ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/repository/branches/master +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/5/repository/branches/master ``` Example response: @@ -111,7 +111,7 @@ PUT /projects/:id/repository/branches/:branch/protect ``` ```bash -curl --request PUT --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/repository/branches/master/protect?developers_can_push=true&developers_can_merge=true +curl --request PUT --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/5/repository/branches/master/protect?developers_can_push=true&developers_can_merge=true ``` | Attribute | Type | Required | Description | @@ -163,7 +163,7 @@ PUT /projects/:id/repository/branches/:branch/unprotect ``` ```bash -curl --request PUT --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/repository/branches/master/unprotect +curl --request PUT --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/5/repository/branches/master/unprotect ``` | Attribute | Type | Required | Description | @@ -213,7 +213,7 @@ POST /projects/:id/repository/branches | `ref` | string | yes | The branch name or commit SHA to create branch from | ```bash -curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/projects/5/repository/branches?branch=newbranch&ref=master" +curl --request POST --header "PRIVATE-TOKEN: " "https://gitlab.example.com/api/v4/projects/5/repository/branches?branch=newbranch&ref=master" ``` Example response: @@ -259,7 +259,7 @@ DELETE /projects/:id/repository/branches/:branch In case of an error, an explaining message is provided. ```bash -curl --request DELETE --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/projects/5/repository/branches/newbranch" +curl --request DELETE --header "PRIVATE-TOKEN: " "https://gitlab.example.com/api/v4/projects/5/repository/branches/newbranch" ``` ## Delete merged branches @@ -278,5 +278,5 @@ DELETE /projects/:id/repository/merged_branches ```bash -curl --request DELETE --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/projects/5/repository/merged_branches" +curl --request DELETE --header "PRIVATE-TOKEN: " "https://gitlab.example.com/api/v4/projects/5/repository/merged_branches" ``` diff --git a/doc/api/broadcast_messages.md b/doc/api/broadcast_messages.md index a8a248a17f4..fe370682308 100644 --- a/doc/api/broadcast_messages.md +++ b/doc/api/broadcast_messages.md @@ -13,7 +13,7 @@ GET /broadcast_messages ``` ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/broadcast_messages +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/broadcast_messages ``` Example response: @@ -43,7 +43,7 @@ GET /broadcast_messages/:id | `id` | integer | yes | Broadcast message ID | ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/broadcast_messages/1 +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/broadcast_messages/1 ``` Example response: @@ -75,7 +75,7 @@ POST /broadcast_messages | `font` | string | no | Foreground color hex code | ```bash -curl --data "message=Deploy in progress&color=#cecece" --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/broadcast_messages +curl --data "message=Deploy in progress&color=#cecece" --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/broadcast_messages ``` Example response: @@ -108,7 +108,7 @@ PUT /broadcast_messages/:id | `font` | string | no | Foreground color hex code | ```bash -curl --request PUT --data "message=Update message&color=#000" --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/broadcast_messages/1 +curl --request PUT --data "message=Update message&color=#000" --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/broadcast_messages/1 ``` Example response: @@ -136,5 +136,5 @@ DELETE /broadcast_messages/:id | `id` | integer | yes | Broadcast message ID | ```bash -curl --request DELETE --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/broadcast_messages/1 +curl --request DELETE --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/broadcast_messages/1 ``` diff --git a/doc/api/commits.md b/doc/api/commits.md index 6c16216429d..14742f034e0 100644 --- a/doc/api/commits.md +++ b/doc/api/commits.md @@ -20,7 +20,7 @@ GET /projects/:id/repository/commits ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/projects/5/repository/commits" +curl --header "PRIVATE-TOKEN: " "https://gitlab.example.com/api/v4/projects/5/repository/commits" ``` Example response: @@ -127,7 +127,7 @@ PAYLOAD=$(cat << 'JSON' } JSON ) -curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" --header "Content-Type: application/json" --data "$PAYLOAD" https://gitlab.example.com/api/v4/projects/1/repository/commits +curl --request POST --header "PRIVATE-TOKEN: " --header "Content-Type: application/json" --data "$PAYLOAD" https://gitlab.example.com/api/v4/projects/1/repository/commits ``` Example response: @@ -173,7 +173,7 @@ Parameters: | `stats` | boolean | no | Include commit stats. Default is true | ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/projects/5/repository/commits/master +curl --header "PRIVATE-TOKEN: " "https://gitlab.example.com/api/v4/projects/5/repository/commits/master ``` Example response: @@ -229,7 +229,7 @@ Parameters: | `type` | string | no | The scope of commits. Possible values `branch`, `tag`, `all`. Default is `all`. | ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/projects/5/repository/commits/5937ac0a7beb003549fc5fd26fc247adbce4a52e/refs?type=all" +curl --header "PRIVATE-TOKEN: " "https://gitlab.example.com/api/v4/projects/5/repository/commits/5937ac0a7beb003549fc5fd26fc247adbce4a52e/refs?type=all" ``` Example response: @@ -263,7 +263,7 @@ Parameters: | `branch` | string | yes | The name of the branch | ```bash -curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" --form "branch=master" "https://gitlab.example.com/api/v4/projects/5/repository/commits/master/cherry_pick" +curl --request POST --header "PRIVATE-TOKEN: " --form "branch=master" "https://gitlab.example.com/api/v4/projects/5/repository/commits/master/cherry_pick" ``` Example response: @@ -307,7 +307,7 @@ Parameters: | `branch` | string | yes | Target branch name | ```bash -curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" --form "branch=master" "https://gitlab.example.com/api/v4/projects/5/repository/commits/a738f717824ff53aebad8b090c1b79a14f2bd9e8/revert" +curl --request POST --header "PRIVATE-TOKEN: " --form "branch=master" "https://gitlab.example.com/api/v4/projects/5/repository/commits/a738f717824ff53aebad8b090c1b79a14f2bd9e8/revert" ``` Example response: @@ -345,7 +345,7 @@ Parameters: | `sha` | string | yes | The commit hash or name of a repository branch or tag | ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/projects/5/repository/commits/master/diff" +curl --header "PRIVATE-TOKEN: " "https://gitlab.example.com/api/v4/projects/5/repository/commits/master/diff" ``` Example response: @@ -381,7 +381,7 @@ Parameters: | `sha` | string | yes | The commit hash or name of a repository branch or tag | ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/projects/5/repository/commits/master/comments" +curl --header "PRIVATE-TOKEN: " "https://gitlab.example.com/api/v4/projects/5/repository/commits/master/comments" ``` Example response: @@ -434,7 +434,7 @@ POST /projects/:id/repository/commits/:sha/comments | `line_type` | string | no | The line type. Takes `new` or `old` as arguments | ```bash -curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" --form "note=Nice picture man\!" --form "path=dudeism.md" --form "line=11" --form "line_type=new" https://gitlab.example.com/api/v4/projects/17/repository/commits/18f3e63d05582537db6d183d9d557be09e1f90c8/comments +curl --request POST --header "PRIVATE-TOKEN: " --form "note=Nice picture man\!" --form "path=dudeism.md" --form "line=11" --form "line_type=new" https://gitlab.example.com/api/v4/projects/17/repository/commits/18f3e63d05582537db6d183d9d557be09e1f90c8/comments ``` Example response: @@ -480,7 +480,7 @@ GET /projects/:id/repository/commits/:sha/statuses | `all` | boolean | no | Return all statuses, not only the latest ones ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/projects/17/repository/commits/18f3e63d05582537db6d183d9d557be09e1f90c8/statuses +curl --header "PRIVATE-TOKEN: " "https://gitlab.example.com/api/v4/projects/17/repository/commits/18f3e63d05582537db6d183d9d557be09e1f90c8/statuses ``` Example response: @@ -556,7 +556,7 @@ POST /projects/:id/statuses/:sha | `coverage` | float | no | The total code coverage ```bash -curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/projects/17/statuses/18f3e63d05582537db6d183d9d557be09e1f90c8?state=success" +curl --request POST --header "PRIVATE-TOKEN: " "https://gitlab.example.com/api/v4/projects/17/statuses/18f3e63d05582537db6d183d9d557be09e1f90c8?state=success" ``` Example response: @@ -603,7 +603,7 @@ GET /projects/:id/repository/commits/:sha/merge_requests ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/projects/5/repository/commits/af5b13261899fb2c0db30abdd0af8b07cb44fdc5/merge_requests" +curl --header "PRIVATE-TOKEN: " "https://gitlab.example.com/api/v4/projects/5/repository/commits/af5b13261899fb2c0db30abdd0af8b07cb44fdc5/merge_requests" ``` Example response: diff --git a/doc/api/custom_attributes.md b/doc/api/custom_attributes.md index 91d1b0e1520..d270b804ad5 100644 --- a/doc/api/custom_attributes.md +++ b/doc/api/custom_attributes.md @@ -20,7 +20,7 @@ GET /projects/:id/custom_attributes | `id` | integer | yes | The ID of a resource | ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/users/42/custom_attributes +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/users/42/custom_attributes ``` Example response: @@ -54,7 +54,7 @@ GET /projects/:id/custom_attributes/:key | `key` | string | yes | The key of the custom attribute | ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/users/42/custom_attributes/location +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/users/42/custom_attributes/location ``` Example response: @@ -84,7 +84,7 @@ PUT /projects/:id/custom_attributes/:key | `value` | string | yes | The value of the custom attribute | ```bash -curl --request PUT --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" --data "value=Greenland" https://gitlab.example.com/api/v4/users/42/custom_attributes/location +curl --request PUT --header "PRIVATE-TOKEN: " --data "value=Greenland" https://gitlab.example.com/api/v4/users/42/custom_attributes/location ``` Example response: @@ -112,5 +112,5 @@ DELETE /projects/:id/custom_attributes/:key | `key` | string | yes | The key of the custom attribute | ```bash -curl --request DELETE --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/users/42/custom_attributes/location +curl --request DELETE --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/users/42/custom_attributes/location ``` diff --git a/doc/api/deploy_key_multiple_projects.md b/doc/api/deploy_key_multiple_projects.md index 127f9a196de..0c9e3e66cae 100644 --- a/doc/api/deploy_key_multiple_projects.md +++ b/doc/api/deploy_key_multiple_projects.md @@ -7,23 +7,23 @@ First, find the ID of the projects you're interested in, by either listing all projects: ``` -curl --header 'PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK' https://gitlab.example.com/api/v4/projects +curl --header 'PRIVATE-TOKEN: ' https://gitlab.example.com/api/v4/projects ``` Or finding the ID of a group and then listing all projects in that group: ``` -curl --header 'PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK' https://gitlab.example.com/api/v4/groups +curl --header 'PRIVATE-TOKEN: ' https://gitlab.example.com/api/v4/groups # For group 1234: -curl --header 'PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK' https://gitlab.example.com/api/v4/groups/1234 +curl --header 'PRIVATE-TOKEN: ' https://gitlab.example.com/api/v4/groups/1234 ``` With those IDs, add the same deploy key to all: ``` for project_id in 321 456 987; do - curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" --header "Content-Type: application/json" \ + curl --request POST --header "PRIVATE-TOKEN: " --header "Content-Type: application/json" \ --data '{"title": "my key", "key": "ssh-rsa AAAA..."}' https://gitlab.example.com/api/v4/projects/${project_id}/deploy_keys done ``` diff --git a/doc/api/deploy_keys.md b/doc/api/deploy_keys.md index 698fa22a438..1d7523fcc3d 100644 --- a/doc/api/deploy_keys.md +++ b/doc/api/deploy_keys.md @@ -9,7 +9,7 @@ GET /deploy_keys ``` ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/deploy_keys" +curl --header "PRIVATE-TOKEN: " "https://gitlab.example.com/api/v4/deploy_keys" ``` Example response: @@ -44,7 +44,7 @@ GET /projects/:id/deploy_keys | `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/projects/5/deploy_keys" +curl --header "PRIVATE-TOKEN: " "https://gitlab.example.com/api/v4/projects/5/deploy_keys" ``` Example response: @@ -84,7 +84,7 @@ Parameters: | `key_id` | integer | yes | The ID of the deploy key | ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/projects/5/deploy_keys/11" +curl --header "PRIVATE-TOKEN: " "https://gitlab.example.com/api/v4/projects/5/deploy_keys/11" ``` Example response: @@ -118,7 +118,7 @@ POST /projects/:id/deploy_keys | `can_push` | boolean | no | Can deploy key push to the project's repository | ```bash -curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" --header "Content-Type: application/json" --data '{"title": "My deploy key", "key": "ssh-rsa AAAA...", "can_push": "true"}' "https://gitlab.example.com/api/v4/projects/5/deploy_keys/" +curl --request POST --header "PRIVATE-TOKEN: " --header "Content-Type: application/json" --data '{"title": "My deploy key", "key": "ssh-rsa AAAA...", "can_push": "true"}' "https://gitlab.example.com/api/v4/projects/5/deploy_keys/" ``` Example response: @@ -148,7 +148,7 @@ PUT /projects/:id/deploy_keys/:key_id | `can_push` | boolean | no | Can deploy key push to the project's repository | ```bash -curl --request PUT --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" --header "Content-Type: application/json" --data '{"title": "New deploy key", "can_push": true}' "https://gitlab.example.com/api/v4/projects/5/deploy_keys/11" +curl --request PUT --header "PRIVATE-TOKEN: " --header "Content-Type: application/json" --data '{"title": "New deploy key", "can_push": true}' "https://gitlab.example.com/api/v4/projects/5/deploy_keys/11" ``` Example response: @@ -177,7 +177,7 @@ DELETE /projects/:id/deploy_keys/:key_id | `key_id` | integer | yes | The ID of the deploy key | ```bash -curl --request DELETE --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/projects/5/deploy_keys/13" +curl --request DELETE --header "PRIVATE-TOKEN: " "https://gitlab.example.com/api/v4/projects/5/deploy_keys/13" ``` ## Enable a deploy key @@ -185,7 +185,7 @@ curl --request DELETE --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gi Enables a deploy key for a project so this can be used. Returns the enabled key, with a status code 201 when successful. ```bash -curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/deploy_keys/13/enable +curl --request POST --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/5/deploy_keys/13/enable ``` | Attribute | Type | Required | Description | diff --git a/doc/api/deployments.md b/doc/api/deployments.md index 1963b0a21de..0a67f134d54 100644 --- a/doc/api/deployments.md +++ b/doc/api/deployments.md @@ -15,7 +15,7 @@ GET /projects/:id/deployments | `sort` | string | no | Return deployments sorted in `asc` or `desc` order. Default is `asc` | ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/projects/1/deployments" +curl --header "PRIVATE-TOKEN: " "https://gitlab.example.com/api/v4/projects/1/deployments" ``` Example of response @@ -155,7 +155,7 @@ GET /projects/:id/deployments/:deployment_id | `deployment_id` | integer | yes | The ID of the deployment | ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/projects/1/deployments/1" +curl --header "PRIVATE-TOKEN: " "https://gitlab.example.com/api/v4/projects/1/deployments/1" ``` Example of response diff --git a/doc/api/discussions.md b/doc/api/discussions.md index 3538a577c8e..79090ea5254 100644 --- a/doc/api/discussions.md +++ b/doc/api/discussions.md @@ -97,7 +97,7 @@ GET /projects/:id/issues/:issue_iid/discussions ``` ```bash -curl --request GET --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/issues/11/discussions +curl --request GET --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/5/issues/11/discussions ``` ### Get single issue discussion @@ -117,7 +117,7 @@ Parameters: | `discussion_id` | integer | yes | The ID of a discussion | ```bash -curl --request GET --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/issues/11/discussions/6a9c1750b37d513a43987b574953fceb50b03ce7 +curl --request GET --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/5/issues/11/discussions/6a9c1750b37d513a43987b574953fceb50b03ce7 ``` ### Create new issue discussion @@ -139,7 +139,7 @@ Parameters: | `created_at` | string | no | Date time string, ISO 8601 formatted, e.g. 2016-03-11T03:45:40Z (requires admin or project/group owner rights) | ```bash -curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/issues/11/discussions?body=comment +curl --request POST --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/5/issues/11/discussions?body=comment ``` ### Add note to existing issue discussion @@ -162,7 +162,7 @@ Parameters: | `created_at` | string | no | Date time string, ISO 8601 formatted, e.g. 2016-03-11T03:45:40Z (requires admin or project/group owner rights) | ```bash -curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/issues/11/discussions/6a9c1750b37d513a43987b574953fceb50b03ce7/notes?body=comment +curl --request POST --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/5/issues/11/discussions/6a9c1750b37d513a43987b574953fceb50b03ce7/notes?body=comment ``` ### Modify existing issue discussion note @@ -184,7 +184,7 @@ Parameters: | `body` | string | yes | The content of a discussion | ```bash -curl --request PUT --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/issues/11/discussions/6a9c1750b37d513a43987b574953fceb50b03ce7/notes/1108?body=comment +curl --request PUT --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/5/issues/11/discussions/6a9c1750b37d513a43987b574953fceb50b03ce7/notes/1108?body=comment ``` ### Delete an issue discussion note @@ -205,7 +205,7 @@ Parameters: | `note_id` | integer | yes | The ID of a discussion note | ```bash -curl --request DELETE --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/issues/11/discussions/636 +curl --request DELETE --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/5/issues/11/discussions/636 ``` ## Snippets @@ -303,7 +303,7 @@ GET /projects/:id/snippets/:snippet_id/discussions ``` ```bash -curl --request GET --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/snippets/11/discussions +curl --request GET --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/5/snippets/11/discussions ``` ### Get single snippet discussion @@ -323,7 +323,7 @@ Parameters: | `discussion_id` | integer | yes | The ID of a discussion | ```bash -curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/snippets/11/discussions/6a9c1750b37d513a43987b574953fceb50b03ce7 +curl --request POST --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/5/snippets/11/discussions/6a9c1750b37d513a43987b574953fceb50b03ce7 ``` ### Create new snippet discussion @@ -345,7 +345,7 @@ Parameters: | `created_at` | string | no | Date time string, ISO 8601 formatted, e.g. 2016-03-11T03:45:40Z (requires admin or project/group owner rights) | ```bash -curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/snippets/11/discussions?body=comment +curl --request POST --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/5/snippets/11/discussions?body=comment ``` ### Add note to existing snippet discussion @@ -368,7 +368,7 @@ Parameters: | `created_at` | string | no | Date time string, ISO 8601 formatted, e.g. 2016-03-11T03:45:40Z (requires admin or project/group owner rights) | ```bash -curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/snippets/11/discussions/6a9c1750b37d513a43987b574953fceb50b03ce7/notes?body=comment +curl --request POST --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/5/snippets/11/discussions/6a9c1750b37d513a43987b574953fceb50b03ce7/notes?body=comment ``` ### Modify existing snippet discussion note @@ -390,7 +390,7 @@ Parameters: | `body` | string | yes | The content of a discussion | ```bash -curl --request PUT --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/snippets/11/discussions/6a9c1750b37d513a43987b574953fceb50b03ce7/notes/1108?body=comment +curl --request PUT --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/5/snippets/11/discussions/6a9c1750b37d513a43987b574953fceb50b03ce7/notes/1108?body=comment ``` ### Delete an snippet discussion note @@ -411,7 +411,7 @@ Parameters: | `note_id` | integer | yes | The ID of a discussion note | ```bash -curl --request DELETE --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/snippets/11/discussions/636 +curl --request DELETE --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/5/snippets/11/discussions/636 ``` ## Merge requests @@ -562,7 +562,7 @@ Diff comments contain also position: ``` ```bash -curl --request GET --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/merge_requests/11/discussions +curl --request GET --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/5/merge_requests/11/discussions ``` ### Get single merge request discussion @@ -582,7 +582,7 @@ Parameters: | `discussion_id` | integer | yes | The ID of a discussion | ```bash -curl --request GET --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/merge_requests/11/discussions/6a9c1750b37d513a43987b574953fceb50b03ce7 +curl --request GET --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/5/merge_requests/11/discussions/6a9c1750b37d513a43987b574953fceb50b03ce7 ``` ### Create new merge request discussion @@ -617,7 +617,7 @@ Parameters: | `position[y]` | integer | no | Y coordinate (for 'image' diff notes) | ```bash -curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/merge_requests/11/discussions?body=comment +curl --request POST --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/5/merge_requests/11/discussions?body=comment ``` ### Resolve a merge request discussion @@ -638,7 +638,7 @@ Parameters: | `resolved` | boolean | yes | Resolve/unresolve the discussion | ```bash -curl --request PUT --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/merge_requests/11/discussions/6a9c1750b37d513a43987b574953fceb50b03ce7?resolved=true +curl --request PUT --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/5/merge_requests/11/discussions/6a9c1750b37d513a43987b574953fceb50b03ce7?resolved=true ``` @@ -662,7 +662,7 @@ Parameters: | `created_at` | string | no | Date time string, ISO 8601 formatted, e.g. 2016-03-11T03:45:40Z (requires admin or project/group owner rights) | ```bash -curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/merge_requests/11/discussions/6a9c1750b37d513a43987b574953fceb50b03ce7/notes?body=comment +curl --request POST --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/5/merge_requests/11/discussions/6a9c1750b37d513a43987b574953fceb50b03ce7/notes?body=comment ``` ### Modify an existing merge request discussion note @@ -685,13 +685,13 @@ Parameters: | `resolved` | boolean | no | Resolve/unresolve the note (exactly one of `body` or `resolved` must be set | ```bash -curl --request PUT --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/merge_requests/11/discussions/6a9c1750b37d513a43987b574953fceb50b03ce7/notes/1108?body=comment +curl --request PUT --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/5/merge_requests/11/discussions/6a9c1750b37d513a43987b574953fceb50b03ce7/notes/1108?body=comment ``` Resolving a note: ```bash -curl --request PUT --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/merge_requests/11/discussions/6a9c1750b37d513a43987b574953fceb50b03ce7/notes/1108?resolved=true +curl --request PUT --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/5/merge_requests/11/discussions/6a9c1750b37d513a43987b574953fceb50b03ce7/notes/1108?resolved=true ``` ### Delete a merge request discussion note @@ -712,7 +712,7 @@ Parameters: | `note_id` | integer | yes | The ID of a discussion note | ```bash -curl --request DELETE --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/merge_requests/11/discussions/636 +curl --request DELETE --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/5/merge_requests/11/discussions/636 ``` ## Commits @@ -855,7 +855,7 @@ Diff comments contain also position: ``` ```bash -curl --request GET --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/commits/11/discussions +curl --request GET --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/5/commits/11/discussions ``` ### Get single commit discussion @@ -875,7 +875,7 @@ Parameters: | `discussion_id` | integer | yes | The ID of a discussion | ```bash -curl --request GET --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/commits/11/discussions/6a9c1750b37d513a43987b574953fceb50b03ce7 +curl --request GET --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/5/commits/11/discussions/6a9c1750b37d513a43987b574953fceb50b03ce7 ``` ### Create new commit discussion @@ -910,7 +910,7 @@ Parameters: | `position[y]` | integer | no | Y coordinate (for 'image' diff notes) | ```bash -curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/commits/11/discussions?body=comment +curl --request POST --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/5/commits/11/discussions?body=comment ``` ### Add note to existing commit discussion @@ -933,7 +933,7 @@ Parameters: | `created_at` | string | no | Date time string, ISO 8601 formatted, e.g. 2016-03-11T03:45:40Z (requires admin or project/group owner rights) | ```bash -curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/commits/11/discussions/6a9c1750b37d513a43987b574953fceb50b03ce7/notes?body=comment +curl --request POST --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/5/commits/11/discussions/6a9c1750b37d513a43987b574953fceb50b03ce7/notes?body=comment ``` ### Modify an existing commit discussion note @@ -955,13 +955,13 @@ Parameters: | `body` | string | no | The content of a note | ```bash -curl --request PUT --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/commits/11/discussions/6a9c1750b37d513a43987b574953fceb50b03ce7/notes/1108?body=comment +curl --request PUT --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/5/commits/11/discussions/6a9c1750b37d513a43987b574953fceb50b03ce7/notes/1108?body=comment ``` Resolving a note: ```bash -curl --request PUT --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/commits/11/discussions/6a9c1750b37d513a43987b574953fceb50b03ce7/notes/1108?resolved=true +curl --request PUT --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/5/commits/11/discussions/6a9c1750b37d513a43987b574953fceb50b03ce7/notes/1108?resolved=true ``` ### Delete a commit discussion note @@ -982,5 +982,5 @@ Parameters: | `note_id` | integer | yes | The ID of a discussion note | ```bash -curl --request DELETE --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/commits/11/discussions/636 +curl --request DELETE --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/5/commits/11/discussions/636 ``` diff --git a/doc/api/environments.md b/doc/api/environments.md index 29da4590a59..4a38dd73747 100644 --- a/doc/api/environments.md +++ b/doc/api/environments.md @@ -13,7 +13,7 @@ GET /projects/:id/environments | `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/1/environments +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/1/environments ``` Example response: @@ -46,7 +46,7 @@ POST /projects/:id/environments | `external_url` | string | no | Place to link to for this environment | ```bash -curl --data "name=deploy&external_url=https://deploy.example.gitlab.com" --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/projects/1/environments" +curl --data "name=deploy&external_url=https://deploy.example.gitlab.com" --header "PRIVATE-TOKEN: " "https://gitlab.example.com/api/v4/projects/1/environments" ``` Example response: @@ -78,7 +78,7 @@ PUT /projects/:id/environments/:environments_id | `external_url` | string | no | The new external_url | ```bash -curl --request PUT --data "name=staging&external_url=https://staging.example.gitlab.com" --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/projects/1/environments/1" +curl --request PUT --data "name=staging&external_url=https://staging.example.gitlab.com" --header "PRIVATE-TOKEN: " "https://gitlab.example.com/api/v4/projects/1/environments/1" ``` Example response: @@ -106,7 +106,7 @@ DELETE /projects/:id/environments/:environment_id | `environment_id` | integer | yes | The ID of the environment | ```bash -curl --request DELETE --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/projects/1/environments/1" +curl --request DELETE --header "PRIVATE-TOKEN: " "https://gitlab.example.com/api/v4/projects/1/environments/1" ``` ## Stop an environment @@ -123,7 +123,7 @@ POST /projects/:id/environments/:environment_id/stop | `environment_id` | integer | yes | The ID of the environment | ```bash -curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/projects/1/environments/1/stop" +curl --request POST --header "PRIVATE-TOKEN: " "https://gitlab.example.com/api/v4/projects/1/environments/1/stop" ``` Example response: diff --git a/doc/api/events.md b/doc/api/events.md index e1c6b801a77..6dca8e52f69 100644 --- a/doc/api/events.md +++ b/doc/api/events.md @@ -71,7 +71,7 @@ Parameters: Example request: ``` -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/events?target_type=issue&action=created&after=2017-01-31&before=2017-03-01 +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/events?target_type=issue&action=created&after=2017-01-31&before=2017-03-01 ``` Example response: @@ -143,7 +143,7 @@ Parameters: | `sort` | string | no | Sort events in `asc` or `desc` order by `created_at`. Default is `desc` | ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/users/:id/events +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/users/:id/events ``` Example response: @@ -276,7 +276,7 @@ Parameters: Example request: ``` -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/:project_id/events?target_type=issue&action=created&after=2017-01-31&before=2017-03-01 +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/:project_id/events?target_type=issue&action=created&after=2017-01-31&before=2017-03-01 ``` Example response: diff --git a/doc/api/features.md b/doc/api/features.md index 6ee1c36ef5b..59f1005ef72 100644 --- a/doc/api/features.md +++ b/doc/api/features.md @@ -14,7 +14,7 @@ GET /features ``` ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/features +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/features ``` Example response: @@ -65,7 +65,7 @@ Note that you can enable or disable a feature for both a `feature_group` and a `user` with a single API call. ```bash -curl --data "value=30" --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/features/new_library +curl --data "value=30" --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/features/new_library ``` Example response: diff --git a/doc/api/graphql/index.md b/doc/api/graphql/index.md index 71922318227..ec48bf4940b 100644 --- a/doc/api/graphql/index.md +++ b/doc/api/graphql/index.md @@ -24,7 +24,7 @@ feature flag. You can enable the feature using the [features api][features-api] For example: ```shell -curl --data "value=100" --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/features/graphql +curl --data "value=100" --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/features/graphql ``` ## Available queries diff --git a/doc/api/group_badges.md b/doc/api/group_badges.md index f2353542a5c..f88689d80c6 100644 --- a/doc/api/group_badges.md +++ b/doc/api/group_badges.md @@ -28,7 +28,7 @@ GET /groups/:id/badges | `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user | ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/groups/:id/badges +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/groups/:id/badges ``` Example response: @@ -68,7 +68,7 @@ GET /groups/:id/badges/:badge_id | `badge_id` | integer | yes | The badge ID | ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/groups/:id/badges/:badge_id +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/groups/:id/badges/:badge_id ``` Example response: @@ -99,7 +99,7 @@ POST /groups/:id/badges | `image_url` | string | yes | URL of the badge image | ```bash -curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" --data "link_url=https://gitlab.com/gitlab-org/gitlab-ce/commits/master&image_url=https://shields.io/my/badge1&position=0" https://gitlab.example.com/api/v4/groups/:id/badges +curl --request POST --header "PRIVATE-TOKEN: " --data "link_url=https://gitlab.com/gitlab-org/gitlab-ce/commits/master&image_url=https://shields.io/my/badge1&position=0" https://gitlab.example.com/api/v4/groups/:id/badges ``` Example response: @@ -131,7 +131,7 @@ PUT /groups/:id/badges/:badge_id | `image_url` | string | no | URL of the badge image | ```bash -curl --request PUT --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/groups/:id/badges/:badge_id +curl --request PUT --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/groups/:id/badges/:badge_id ``` Example response: @@ -161,7 +161,7 @@ DELETE /groups/:id/badges/:badge_id | `badge_id` | integer | yes | The badge ID | ```bash -curl --request DELETE --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/groups/:id/badges/:badge_id +curl --request DELETE --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/groups/:id/badges/:badge_id ``` ## Preview a badge from a group @@ -179,7 +179,7 @@ GET /groups/:id/badges/render | `image_url` | string | yes | URL of the badge image | ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/groups/:id/badges/render?link_url=http%3A%2F%2Fexample.com%2Fci_status.svg%3Fproject%3D%25%7Bproject_path%7D%26ref%3D%25%7Bdefault_branch%7D&image_url=https%3A%2F%2Fshields.io%2Fmy%2Fbadge +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/groups/:id/badges/render?link_url=http%3A%2F%2Fexample.com%2Fci_status.svg%3Fproject%3D%25%7Bproject_path%7D%26ref%3D%25%7Bdefault_branch%7D&image_url=https%3A%2F%2Fshields.io%2Fmy%2Fbadge ``` Example response: diff --git a/doc/api/group_boards.md b/doc/api/group_boards.md index 373904e50c4..9b0ac23b41c 100644 --- a/doc/api/group_boards.md +++ b/doc/api/group_boards.md @@ -18,7 +18,7 @@ GET /groups/:id/boards | `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user | ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/groups/5/boards +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/groups/5/boards ``` Example response: @@ -75,7 +75,7 @@ GET /groups/:id/boards/:board_id | `board_id` | integer | yes | The ID of a board | ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/groups/5/boards/1 +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/groups/5/boards/1 ``` Example response: @@ -131,7 +131,7 @@ GET /groups/:id/boards/:board_id/lists | `board_id` | integer | yes | The ID of a board | ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/groups/5/boards/1/lists +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/groups/5/boards/1/lists ``` Example response: @@ -183,7 +183,7 @@ GET /groups/:id/boards/:board_id/lists/:list_id | `list_id` | integer | yes | The ID of a board's list | ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/groups/5/boards/1/lists/1 +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/groups/5/boards/1/lists/1 ``` Example response: @@ -215,7 +215,7 @@ POST /groups/:id/boards/:board_id/lists | `label_id` | integer | yes | The ID of a label | ```bash -curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/groups/5/boards/1/lists?label_id=5 +curl --request POST --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/groups/5/boards/1/lists?label_id=5 ``` Example response: @@ -248,7 +248,7 @@ PUT /groups/:id/boards/:board_id/lists/:list_id | `position` | integer | yes | The position of the list | ```bash -curl --request PUT --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/group/5/boards/1/lists/1?position=2 +curl --request PUT --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/group/5/boards/1/lists/1?position=2 ``` Example response: @@ -280,5 +280,5 @@ DELETE /groups/:id/boards/:board_id/lists/:list_id | `list_id` | integer | yes | The ID of a board's list | ```bash -curl --request DELETE --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/groups/5/boards/1/lists/1 +curl --request DELETE --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/groups/5/boards/1/lists/1 ``` diff --git a/doc/api/group_level_variables.md b/doc/api/group_level_variables.md index 33c6da08018..3551bfa3f8b 100644 --- a/doc/api/group_level_variables.md +++ b/doc/api/group_level_variables.md @@ -15,7 +15,7 @@ GET /groups/:id/variables | `id` | integer/string | yes | The ID of a group or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user | ``` -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/groups/1/variables" +curl --header "PRIVATE-TOKEN: " "https://gitlab.example.com/api/v4/groups/1/variables" ``` ```json @@ -45,7 +45,7 @@ GET /groups/:id/variables/:key | `key` | string | yes | The `key` of a variable | ``` -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/groups/1/variables/TEST_VARIABLE_1" +curl --header "PRIVATE-TOKEN: " "https://gitlab.example.com/api/v4/groups/1/variables/TEST_VARIABLE_1" ``` ```json @@ -71,7 +71,7 @@ POST /groups/:id/variables | `protected` | boolean | no | Whether the variable is protected | ``` -curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/groups/1/variables" --form "key=NEW_VARIABLE" --form "value=new value" +curl --request POST --header "PRIVATE-TOKEN: " "https://gitlab.example.com/api/v4/groups/1/variables" --form "key=NEW_VARIABLE" --form "value=new value" ``` ```json @@ -98,7 +98,7 @@ PUT /groups/:id/variables/:key | `protected` | boolean | no | Whether the variable is protected | ``` -curl --request PUT --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/groups/1/variables/NEW_VARIABLE" --form "value=updated value" +curl --request PUT --header "PRIVATE-TOKEN: " "https://gitlab.example.com/api/v4/groups/1/variables/NEW_VARIABLE" --form "value=updated value" ``` ```json @@ -123,7 +123,7 @@ DELETE /groups/:id/variables/:key | `key` | string | yes | The `key` of a variable | ``` -curl --request DELETE --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/groups/1/variables/VARIABLE_1" +curl --request DELETE --header "PRIVATE-TOKEN: " "https://gitlab.example.com/api/v4/groups/1/variables/VARIABLE_1" ``` [ce-34519]: https://gitlab.com/gitlab-org/gitlab-ce/issues/34519 diff --git a/doc/api/group_milestones.md b/doc/api/group_milestones.md index e396f4411e6..7be01ce9c6d 100644 --- a/doc/api/group_milestones.md +++ b/doc/api/group_milestones.md @@ -26,7 +26,7 @@ Parameters: | `search` | string | optional | Return only milestones with a title or description matching the provided string | ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/groups/5/milestones +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/groups/5/milestones ``` Example Response: diff --git a/doc/api/groups.md b/doc/api/groups.md index 59444a98086..2d9114c40ea 100644 --- a/doc/api/groups.md +++ b/doc/api/groups.md @@ -220,7 +220,7 @@ Parameters: | `with_projects` | boolean | no | Include details from projects that belong to the specified group (defaults to `true`). | ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/groups/4 +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/groups/4 ``` Example response: @@ -375,7 +375,7 @@ Example response: When adding the parameter `with_projects=false`, projects will not be returned. ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/groups/4?with_projects=false +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/groups/4?with_projects=false ``` Example response: @@ -452,7 +452,7 @@ PUT /groups/:id | `file_template_project_id` | integer | no | **(Premium)** The ID of a project to load custom file templates from | ```bash -curl --request PUT --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/groups/5?name=Experimental" +curl --request PUT --header "PRIVATE-TOKEN: " "https://gitlab.example.com/api/v4/groups/5?name=Experimental" ``` diff --git a/doc/api/issues.md b/doc/api/issues.md index 6a99c52234d..fb06119063f 100644 --- a/doc/api/issues.md +++ b/doc/api/issues.md @@ -52,7 +52,7 @@ GET /issues?my_reaction_emoji=star | `updated_before` | datetime | no | Return issues updated on or before the given time | ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/issues +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/issues ``` Example response: @@ -166,7 +166,7 @@ GET /groups/:id/issues?my_reaction_emoji=star ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/groups/4/issues +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/groups/4/issues ``` Example response: @@ -279,7 +279,7 @@ GET /projects/:id/issues?my_reaction_emoji=star | `updated_before` | datetime | no | Return issues updated on or before the given time | ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/4/issues +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/4/issues ``` Example response: @@ -373,7 +373,7 @@ GET /projects/:id/issues/:issue_iid | `issue_iid` | integer | yes | The internal ID of a project's issue | ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/4/issues/41 +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/4/issues/41 ``` Example response: @@ -476,7 +476,7 @@ POST /projects/:id/issues | `discussion_to_resolve` | string | no | The ID of a discussion to resolve. This will fill in the issue with a default description and mark the discussion as resolved. Use in combination with `merge_request_to_resolve_discussions_of`. | ```bash -curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/4/issues?title=Issues%20with%20auth&labels=bug +curl --request POST --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/4/issues?title=Issues%20with%20auth&labels=bug ``` Example response: @@ -558,7 +558,7 @@ PUT /projects/:id/issues/:issue_iid ```bash -curl --request PUT --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/4/issues/85?state_event=close +curl --request PUT --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/4/issues/85?state_event=close ``` Example response: @@ -635,7 +635,7 @@ DELETE /projects/:id/issues/:issue_iid | `issue_iid` | integer | yes | The internal ID of a project's issue | ```bash -curl --request DELETE --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/4/issues/85 +curl --request DELETE --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/4/issues/85 ``` ## Move an issue @@ -658,7 +658,7 @@ POST /projects/:id/issues/:issue_iid/move | `to_project_id` | integer | yes | The ID of the new project | ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" --form to_project_id=5 https://gitlab.example.com/api/v4/projects/4/issues/85/move +curl --header "PRIVATE-TOKEN: " --form to_project_id=5 https://gitlab.example.com/api/v4/projects/4/issues/85/move ``` Example response: @@ -740,7 +740,7 @@ POST /projects/:id/issues/:issue_iid/subscribe | `issue_iid` | integer | yes | The internal ID of a project's issue | ```bash -curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/issues/93/subscribe +curl --request POST --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/5/issues/93/subscribe ``` Example response: @@ -823,7 +823,7 @@ POST /projects/:id/issues/:issue_iid/unsubscribe | `issue_iid` | integer | yes | The internal ID of a project's issue | ```bash -curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/issues/93/unsubscribe +curl --request POST --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/5/issues/93/unsubscribe ``` Example response: @@ -882,7 +882,7 @@ POST /projects/:id/issues/:issue_iid/todo | `issue_iid` | integer | yes | The internal ID of a project's issue | ```bash -curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/issues/93/todo +curl --request POST --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/5/issues/93/todo ``` Example response: @@ -988,7 +988,7 @@ POST /projects/:id/issues/:issue_iid/time_estimate | `duration` | string | yes | The duration in human format. e.g: 3h30m | ```bash -curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/issues/93/time_estimate?duration=3h30m +curl --request POST --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/5/issues/93/time_estimate?duration=3h30m ``` Example response: @@ -1016,7 +1016,7 @@ POST /projects/:id/issues/:issue_iid/reset_time_estimate | `issue_iid` | integer | yes | The internal ID of a project's issue | ```bash -curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/issues/93/reset_time_estimate +curl --request POST --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/5/issues/93/reset_time_estimate ``` Example response: @@ -1045,7 +1045,7 @@ POST /projects/:id/issues/:issue_iid/add_spent_time | `duration` | string | yes | The duration in human format. e.g: 3h30m | ```bash -curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/issues/93/add_spent_time?duration=1h +curl --request POST --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/5/issues/93/add_spent_time?duration=1h ``` Example response: @@ -1073,7 +1073,7 @@ POST /projects/:id/issues/:issue_iid/reset_spent_time | `issue_iid` | integer | yes | The internal ID of a project's issue | ```bash -curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/issues/93/reset_spent_time +curl --request POST --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/5/issues/93/reset_spent_time ``` Example response: @@ -1099,7 +1099,7 @@ GET /projects/:id/issues/:issue_iid/time_stats | `issue_iid` | integer | yes | The internal ID of a project's issue | ```bash -curl --request GET --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/issues/93/time_stats +curl --request GET --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/5/issues/93/time_stats ``` Example response: @@ -1127,7 +1127,7 @@ GET /projects/:id/issues/:issue_id/related_merge_requests | `issue_iid` | integer | yes | The internal ID of a project's issue | ```sh -curl --request GET --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/1/issues/11/related_merge_requests +curl --request GET --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/1/issues/11/related_merge_requests ``` Example response: @@ -1214,7 +1214,7 @@ GET /projects/:id/issues/:issue_iid/closed_by | `issue_iid` | integer | yes | The internal ID of a project issue | ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/1/issues/11/closed_by +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/1/issues/11/closed_by ``` Example response: @@ -1281,7 +1281,7 @@ GET /projects/:id/issues/:issue_iid/participants | `issue_iid` | integer | yes | The internal ID of a project's issue | ```bash -curl --request GET --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/issues/93/participants +curl --request GET --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/5/issues/93/participants ``` Example response: @@ -1326,7 +1326,7 @@ GET /projects/:id/issues/:issue_iid/user_agent_detail | `issue_iid` | integer | yes | The internal ID of a project's issue | ```bash -curl --request GET --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/issues/93/user_agent_detail +curl --request GET --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/5/issues/93/user_agent_detail ``` Example response: diff --git a/doc/api/jobs.md b/doc/api/jobs.md index d2dd9c676e3..085e321b35f 100644 --- a/doc/api/jobs.md +++ b/doc/api/jobs.md @@ -14,7 +14,7 @@ GET /projects/:id/jobs | `scope` | string **or** array of strings | no | Scope of jobs to show. Either one of or an array of the following: `created`, `pending`, `running`, `failed`, `success`, `canceled`, `skipped`, or `manual`. All jobs are returned if `scope` is not provided. | ```sh -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" 'https://gitlab.example.com/api/v4/projects/1/jobs?scope[]=pending&scope[]=running' +curl --header "PRIVATE-TOKEN: " 'https://gitlab.example.com/api/v4/projects/1/jobs?scope[]=pending&scope[]=running' ``` Example of response @@ -147,7 +147,7 @@ GET /projects/:id/pipelines/:pipeline_id/jobs | `scope` | string **or** array of strings | no | Scope of jobs to show. Either one of or an array of the following: `created`, `pending`, `running`, `failed`, `success`, `canceled`, `skipped`, or `manual`. All jobs are returned if `scope` is not provided. | ```sh -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" 'https://gitlab.example.com/api/v4/projects/1/pipelines/6/jobs?scope[]=pending&scope[]=running' +curl --header "PRIVATE-TOKEN: " 'https://gitlab.example.com/api/v4/projects/1/pipelines/6/jobs?scope[]=pending&scope[]=running' ``` Example of response @@ -279,7 +279,7 @@ GET /projects/:id/jobs/:job_id | `job_id` | integer | yes | The ID of a job. | ```sh -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/projects/1/jobs/8" +curl --header "PRIVATE-TOKEN: " "https://gitlab.example.com/api/v4/projects/1/jobs/8" ``` Example of response @@ -356,7 +356,7 @@ GET /projects/:id/jobs/:job_id/artifacts Example requests: ```sh -curl --location --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/projects/1/jobs/8/artifacts" +curl --location --header "PRIVATE-TOKEN: " "https://gitlab.example.com/api/v4/projects/1/jobs/8/artifacts" ``` Possible response status codes: @@ -392,7 +392,7 @@ Parameters Example requests: ```sh -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/projects/1/jobs/artifacts/master/download?job=test" +curl --header "PRIVATE-TOKEN: " "https://gitlab.example.com/api/v4/projects/1/jobs/artifacts/master/download?job=test" ``` Possible response status codes: @@ -427,7 +427,7 @@ Parameters Example request: ```sh -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/projects/1/jobs/5/artifacts/some/release/file.pdf" +curl --header "PRIVATE-TOKEN: " "https://gitlab.example.com/api/v4/projects/1/jobs/5/artifacts/some/release/file.pdf" ``` Possible response status codes: @@ -462,7 +462,7 @@ Parameters: Example request: ```sh -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/projects/1/jobs/artifacts/master/raw/some/release/file.pdf?job=pdf" +curl --header "PRIVATE-TOKEN: " "https://gitlab.example.com/api/v4/projects/1/jobs/artifacts/master/raw/some/release/file.pdf?job=pdf" ``` Possible response status codes: @@ -487,7 +487,7 @@ GET /projects/:id/jobs/:job_id/trace | job_id | integer | yes | The ID of a job. | ```sh -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/projects/1/jobs/8/trace" +curl --header "PRIVATE-TOKEN: " "https://gitlab.example.com/api/v4/projects/1/jobs/8/trace" ``` Possible response status codes: @@ -511,7 +511,7 @@ POST /projects/:id/jobs/:job_id/cancel | `job_id` | integer | yes | The ID of a job. | ```sh -curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/projects/1/jobs/1/cancel" +curl --request POST --header "PRIVATE-TOKEN: " "https://gitlab.example.com/api/v4/projects/1/jobs/1/cancel" ``` Example of response @@ -559,7 +559,7 @@ POST /projects/:id/jobs/:job_id/retry | `job_id` | integer | yes | The ID of a job. | ```sh -curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/projects/1/jobs/1/retry" +curl --request POST --header "PRIVATE-TOKEN: " "https://gitlab.example.com/api/v4/projects/1/jobs/1/retry" ``` Example of response @@ -611,7 +611,7 @@ Parameters Example of request ```sh -curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/projects/1/jobs/1/erase" +curl --request POST --header "PRIVATE-TOKEN: " "https://gitlab.example.com/api/v4/projects/1/jobs/1/erase" ``` Example of response @@ -664,7 +664,7 @@ Parameters Example request: ```sh -curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/projects/1/jobs/1/artifacts/keep" +curl --request POST --header "PRIVATE-TOKEN: " "https://gitlab.example.com/api/v4/projects/1/jobs/1/artifacts/keep" ``` Example response: @@ -713,7 +713,7 @@ POST /projects/:id/jobs/:job_id/play | `job_id` | integer | yes | The ID of a job. | ```sh -curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/projects/1/jobs/1/play" +curl --request POST --header "PRIVATE-TOKEN: " "https://gitlab.example.com/api/v4/projects/1/jobs/1/play" ``` Example of response diff --git a/doc/api/labels.md b/doc/api/labels.md index ec93cf50e7a..aec1a2c7592 100644 --- a/doc/api/labels.md +++ b/doc/api/labels.md @@ -13,7 +13,7 @@ GET /projects/:id/labels | `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/1/labels +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/1/labels ``` Example response: @@ -95,7 +95,7 @@ POST /projects/:id/labels | `priority` | integer | no | The priority of the label. Must be greater or equal than zero or `null` to remove the priority. | ```bash -curl --data "name=feature&color=#5843AD" --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/projects/1/labels" +curl --data "name=feature&color=#5843AD" --header "PRIVATE-TOKEN: " "https://gitlab.example.com/api/v4/projects/1/labels" ``` Example response: @@ -128,7 +128,7 @@ DELETE /projects/:id/labels | `name` | string | yes | The name of the label | ```bash -curl --request DELETE --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/projects/1/labels?name=bug" +curl --request DELETE --header "PRIVATE-TOKEN: " "https://gitlab.example.com/api/v4/projects/1/labels?name=bug" ``` ## Edit an existing label @@ -151,7 +151,7 @@ PUT /projects/:id/labels ```bash -curl --request PUT --data "name=documentation&new_name=docs&color=#8E44AD&description=Documentation" --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/projects/1/labels" +curl --request PUT --data "name=documentation&new_name=docs&color=#8E44AD&description=Documentation" --header "PRIVATE-TOKEN: " "https://gitlab.example.com/api/v4/projects/1/labels" ``` Example response: @@ -186,7 +186,7 @@ POST /projects/:id/labels/:label_id/subscribe | `label_id` | integer or string | yes | The ID or title of a project's label | ```bash -curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/labels/1/subscribe +curl --request POST --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/5/labels/1/subscribe ``` Example response: @@ -221,5 +221,5 @@ POST /projects/:id/labels/:label_id/unsubscribe | `label_id` | integer or string | yes | The ID or title of a project's label | ```bash -curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/labels/1/unsubscribe +curl --request POST --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/5/labels/1/unsubscribe ``` diff --git a/doc/api/members.md b/doc/api/members.md index bb4fae35f52..0593d2c20ea 100644 --- a/doc/api/members.md +++ b/doc/api/members.md @@ -28,8 +28,8 @@ GET /projects/:id/members | `query` | string | no | A query string to search for members | ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/groups/:id/members -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/:id/members +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/groups/:id/members +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/:id/members ``` Example response: @@ -75,8 +75,8 @@ GET /projects/:id/members/all | `query` | string | no | A query string to search for members | ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/groups/:id/members/all -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/:id/members/all +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/groups/:id/members/all +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/:id/members/all ``` Example response: @@ -131,8 +131,8 @@ GET /projects/:id/members/:user_id | `user_id` | integer | yes | The user ID of the member | ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/groups/:id/members/:user_id -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/:id/members/:user_id +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/groups/:id/members/:user_id +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/:id/members/:user_id ``` Example response: @@ -167,8 +167,8 @@ POST /projects/:id/members | `expires_at` | string | no | A date string in the format YEAR-MONTH-DAY | ```bash -curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" --data "user_id=1&access_level=30" https://gitlab.example.com/api/v4/groups/:id/members -curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" --data "user_id=1&access_level=30" https://gitlab.example.com/api/v4/projects/:id/members +curl --request POST --header "PRIVATE-TOKEN: " --data "user_id=1&access_level=30" https://gitlab.example.com/api/v4/groups/:id/members +curl --request POST --header "PRIVATE-TOKEN: " --data "user_id=1&access_level=30" https://gitlab.example.com/api/v4/projects/:id/members ``` Example response: @@ -203,8 +203,8 @@ PUT /projects/:id/members/:user_id | `expires_at` | string | no | A date string in the format YEAR-MONTH-DAY | ```bash -curl --request PUT --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/groups/:id/members/:user_id?access_level=40 -curl --request PUT --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/:id/members/:user_id?access_level=40 +curl --request PUT --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/groups/:id/members/:user_id?access_level=40 +curl --request PUT --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/:id/members/:user_id?access_level=40 ``` Example response: @@ -237,8 +237,8 @@ DELETE /projects/:id/members/:user_id | `user_id` | integer | yes | The user ID of the member | ```bash -curl --request DELETE --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/groups/:id/members/:user_id -curl --request DELETE --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/:id/members/:user_id +curl --request DELETE --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/groups/:id/members/:user_id +curl --request DELETE --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/:id/members/:user_id ``` ## Give a group access to a project diff --git a/doc/api/merge_requests.md b/doc/api/merge_requests.md index 9ff6c73b1b6..c9b271eada3 100644 --- a/doc/api/merge_requests.md +++ b/doc/api/merge_requests.md @@ -967,7 +967,7 @@ DELETE /projects/:id/merge_requests/:merge_request_iid | `merge_request_iid` | integer | yes | The internal ID of the merge request | ```bash -curl --request DELETE --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/4/merge_requests/85 +curl --request DELETE --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/4/merge_requests/85 ``` ## Accept MR @@ -1230,7 +1230,7 @@ PUT /projects/:id/merge_requests/:merge_request_iid/rebase | `merge_request_iid` | integer | yes | The internal ID of the merge request | ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/76/merge_requests/1/rebase +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/76/merge_requests/1/rebase ``` This is an asynchronous request. The API will return an empty `202 Accepted` @@ -1286,7 +1286,7 @@ GET /projects/:id/merge_requests/:merge_request_iid/closes_issues | `merge_request_iid` | integer | yes | The internal ID of the merge request | ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/76/merge_requests/1/closes_issues +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/76/merge_requests/1/closes_issues ``` Example response when the GitLab issue tracker is used: @@ -1362,7 +1362,7 @@ POST /projects/:id/merge_requests/:merge_request_iid/subscribe | `merge_request_iid` | integer | yes | The internal ID of the merge request | ```bash -curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/merge_requests/17/subscribe +curl --request POST --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/5/merge_requests/17/subscribe ``` Example response: @@ -1483,7 +1483,7 @@ POST /projects/:id/merge_requests/:merge_request_iid/unsubscribe | `merge_request_iid` | integer | yes | The internal ID of the merge request | ```bash -curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/merge_requests/17/unsubscribe +curl --request POST --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/5/merge_requests/17/unsubscribe ``` Example response: @@ -1604,7 +1604,7 @@ POST /projects/:id/merge_requests/:merge_request_iid/todo | `merge_request_iid` | integer | yes | The internal ID of the merge request | ```bash -curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/merge_requests/27/todo +curl --request POST --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/5/merge_requests/27/todo ``` Example response: @@ -1707,7 +1707,7 @@ GET /projects/:id/merge_requests/:merge_request_iid/versions | `merge_request_iid` | integer | yes | The internal ID of the merge request | ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/1/merge_requests/1/versions +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/1/merge_requests/1/versions ``` Example response: @@ -1749,7 +1749,7 @@ GET /projects/:id/merge_requests/:merge_request_iid/versions/:version_id | `version_id` | integer | yes | The ID of the merge request diff version | ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/1/merge_requests/1/versions/1 +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/1/merge_requests/1/versions/1 ``` Example response: @@ -1816,7 +1816,7 @@ POST /projects/:id/merge_requests/:merge_request_iid/time_estimate | `duration` | string | yes | The duration in human format. e.g: 3h30m | ```bash -curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/merge_requests/93/time_estimate?duration=3h30m +curl --request POST --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/5/merge_requests/93/time_estimate?duration=3h30m ``` Example response: @@ -1844,7 +1844,7 @@ POST /projects/:id/merge_requests/:merge_request_iid/reset_time_estimate | `merge_request_iid` | integer | yes | The internal ID of a project's merge_request | ```bash -curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/merge_requests/93/reset_time_estimate +curl --request POST --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/5/merge_requests/93/reset_time_estimate ``` Example response: @@ -1873,7 +1873,7 @@ POST /projects/:id/merge_requests/:merge_request_iid/add_spent_time | `duration` | string | yes | The duration in human format. e.g: 3h30m | ```bash -curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/merge_requests/93/add_spent_time?duration=1h +curl --request POST --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/5/merge_requests/93/add_spent_time?duration=1h ``` Example response: @@ -1901,7 +1901,7 @@ POST /projects/:id/merge_requests/:merge_request_iid/reset_spent_time | `merge_request_iid` | integer | yes | The internal ID of a project's merge_request | ```bash -curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/merge_requests/93/reset_spent_time +curl --request POST --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/5/merge_requests/93/reset_spent_time ``` Example response: @@ -1927,7 +1927,7 @@ GET /projects/:id/merge_requests/:merge_request_iid/time_stats | `merge_request_iid` | integer | yes | The internal ID of the merge request | ```bash -curl --request GET --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/merge_requests/93/time_stats +curl --request GET --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/5/merge_requests/93/time_stats ``` Example response: diff --git a/doc/api/milestones.md b/doc/api/milestones.md index 7ac97edc7ae..fa8f8a0bcf0 100644 --- a/doc/api/milestones.md +++ b/doc/api/milestones.md @@ -23,7 +23,7 @@ Parameters: | `search` | string | optional | Return only milestones with a title or description matching the provided string | ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/milestones +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/5/milestones ``` Example Response: diff --git a/doc/api/namespaces.md b/doc/api/namespaces.md index 656bf07bb55..b8bc4c40124 100644 --- a/doc/api/namespaces.md +++ b/doc/api/namespaces.md @@ -19,7 +19,7 @@ GET /namespaces Example request: ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/namespaces +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/namespaces ``` Example response: @@ -71,7 +71,7 @@ GET /namespaces?search=foobar Example request: ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/namespaces?search=twitter +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/namespaces?search=twitter ``` Example response: @@ -105,7 +105,7 @@ GET /namespaces/:id Example request: ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/namespaces/2 +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/namespaces/2 ``` Example response: @@ -125,7 +125,7 @@ Example response: Example request: ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/namespaces/group1 +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/namespaces/group1 ``` Example response: diff --git a/doc/api/notes.md b/doc/api/notes.md index 9f6740ad86a..dd4e18b14e6 100644 --- a/doc/api/notes.md +++ b/doc/api/notes.md @@ -66,7 +66,7 @@ GET /projects/:id/issues/:issue_iid/notes?sort=asc&order_by=updated_at ``` ```bash -curl --request GET --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/issues/11/notes +curl --request GET --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/5/issues/11/notes ``` ### Get single issue note @@ -84,7 +84,7 @@ Parameters: - `note_id` (required) - The ID of an issue note ```bash -curl --request GET --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/issues/11/notes/1 +curl --request GET --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/5/issues/11/notes/1 ``` ### Create new issue note @@ -103,7 +103,7 @@ Parameters: - `created_at` (optional) - Date time string, ISO 8601 formatted, e.g. 2016-03-11T03:45:40Z (requires admin or project/group owner rights) ```bash -curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/issues/11/notes?body=note +curl --request POST --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/5/issues/11/notes?body=note ``` ### Modify existing issue note @@ -122,7 +122,7 @@ Parameters: - `body` (required) - The content of a note ```bash -curl --request PUT --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/issues/11/notes?body=note +curl --request PUT --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/5/issues/11/notes?body=note ``` ### Delete an issue note @@ -142,7 +142,7 @@ Parameters: | `note_id` | integer | yes | The ID of a note | ```bash -curl --request DELETE --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/issues/11/notes/636 +curl --request DELETE --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/5/issues/11/notes/636 ``` ## Snippets @@ -164,7 +164,7 @@ GET /projects/:id/snippets/:snippet_id/notes?sort=asc&order_by=updated_at | `order_by` | string | no | Return snippet notes ordered by `created_at` or `updated_at` fields. Default is `created_at` ```bash -curl --request GET --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/snippets/11/notes +curl --request GET --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/5/snippets/11/notes ``` ### Get single snippet note @@ -201,7 +201,7 @@ Parameters: ``` ```bash -curl --request GET --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/snippets/11/notes/11 +curl --request GET --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/5/snippets/11/notes/11 ``` ### Create new snippet note @@ -221,7 +221,7 @@ Parameters: - `created_at` (optional) - Date time string, ISO 8601 formatted, e.g. 2016-03-11T03:45:40Z ```bash -curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/snippet/11/notes?body=note +curl --request POST --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/5/snippet/11/notes?body=note ``` ### Modify existing snippet note @@ -240,7 +240,7 @@ Parameters: - `body` (required) - The content of a note ```bash -curl --request PUT --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/snippets/11/notes?body=note +curl --request PUT --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/5/snippets/11/notes?body=note ``` ### Delete a snippet note @@ -260,7 +260,7 @@ Parameters: | `note_id` | integer | yes | The ID of a note | ```bash -curl --request DELETE --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/snippets/52/notes/1659 +curl --request DELETE --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/5/snippets/52/notes/1659 ``` ## Merge Requests @@ -282,7 +282,7 @@ GET /projects/:id/merge_requests/:merge_request_iid/notes?sort=asc&order_by=upda | `order_by` | string | no | Return merge request notes ordered by `created_at` or `updated_at` fields. Default is `created_at` ```bash -curl --request GET --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/merge_requests/11/notes +curl --request GET --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/5/merge_requests/11/notes ``` ### Get single merge request note @@ -323,7 +323,7 @@ Parameters: ``` ```bash -curl --request GET --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/merge_requests/11/notes/1 +curl --request GET --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/5/merge_requests/11/notes/1 ``` ### Create new merge request note @@ -359,7 +359,7 @@ Parameters: - `body` (required) - The content of a note ```bash -curl --request PUT --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/merge_requests/11/notes?body=note +curl --request PUT --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/5/merge_requests/11/notes?body=note ``` ### Delete a merge request note @@ -379,5 +379,5 @@ Parameters: | `note_id` | integer | yes | The ID of a note | ```bash -curl --request DELETE --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/merge_requests/7/notes/1602 +curl --request DELETE --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/5/merge_requests/7/notes/1602 ``` diff --git a/doc/api/notification_settings.md b/doc/api/notification_settings.md index 165b9a11c7a..e21e73c7dac 100644 --- a/doc/api/notification_settings.md +++ b/doc/api/notification_settings.md @@ -43,7 +43,7 @@ GET /notification_settings ``` ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/notification_settings +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/notification_settings ``` Example response: @@ -64,7 +64,7 @@ PUT /notification_settings ``` ```bash -curl --request PUT --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/notification_settings?level=watch +curl --request PUT --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/notification_settings?level=watch ``` | Attribute | Type | Required | Description | @@ -105,8 +105,8 @@ GET /projects/:id/notification_settings ``` ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/groups/5/notification_settings -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/8/notification_settings +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/groups/5/notification_settings +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/8/notification_settings ``` | Attribute | Type | Required | Description | @@ -131,8 +131,8 @@ PUT /projects/:id/notification_settings ``` ```bash -curl --request PUT --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/groups/5/notification_settings?level=watch -curl --request PUT --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/8/notification_settings?level=custom&new_note=true +curl --request PUT --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/groups/5/notification_settings?level=watch +curl --request PUT --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/8/notification_settings?level=custom&new_note=true ``` | Attribute | Type | Required | Description | diff --git a/doc/api/pages_domains.md b/doc/api/pages_domains.md index da2ffcfe40a..4c41350dcdb 100644 --- a/doc/api/pages_domains.md +++ b/doc/api/pages_domains.md @@ -13,7 +13,7 @@ GET /pages/domains ``` ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/pages/domains +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/pages/domains ``` ```json @@ -43,7 +43,7 @@ GET /projects/:id/pages/domains | `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/pages/domains +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/5/pages/domains ``` ```json @@ -79,7 +79,7 @@ GET /projects/:id/pages/domains/:domain | `domain` | string | yes | The domain | ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/pages/domains/www.domain.example +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/5/pages/domains/www.domain.example ``` ```json @@ -90,7 +90,7 @@ curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/a ``` ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/pages/domains/ssl.domain.example +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/5/pages/domains/ssl.domain.example ``` ```json @@ -122,11 +122,11 @@ POST /projects/:id/pages/domains | `key` | file/string | no | The certificate key in PEM format. | ```bash -curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" --form "domain=ssl.domain.example" --form "certificate=@/path/to/cert.pem" --form "key=@/path/to/key.pem" https://gitlab.example.com/api/v4/projects/5/pages/domains +curl --request POST --header "PRIVATE-TOKEN: " --form "domain=ssl.domain.example" --form "certificate=@/path/to/cert.pem" --form "key=@/path/to/key.pem" https://gitlab.example.com/api/v4/projects/5/pages/domains ``` ```bash -curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" --form "domain=ssl.domain.example" --form "certificate=$CERT_PEM" --form "key=$KEY_PEM" https://gitlab.example.com/api/v4/projects/5/pages/domains +curl --request POST --header "PRIVATE-TOKEN: " --form "domain=ssl.domain.example" --form "certificate=$CERT_PEM" --form "key=$KEY_PEM" https://gitlab.example.com/api/v4/projects/5/pages/domains ``` ```json @@ -158,11 +158,11 @@ PUT /projects/:id/pages/domains/:domain | `key` | file/string | no | The certificate key in PEM format. | ```bash -curl --request PUT --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" --form "certificate=@/path/to/cert.pem" --form "key=@/path/to/key.pem" https://gitlab.example.com/api/v4/projects/5/pages/domains/ssl.domain.example +curl --request PUT --header "PRIVATE-TOKEN: " --form "certificate=@/path/to/cert.pem" --form "key=@/path/to/key.pem" https://gitlab.example.com/api/v4/projects/5/pages/domains/ssl.domain.example ``` ```bash -curl --request PUT --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" --form "certificate=$CERT_PEM" --form "key=$KEY_PEM" https://gitlab.example.com/api/v4/projects/5/pages/domains/ssl.domain.example +curl --request PUT --header "PRIVATE-TOKEN: " --form "certificate=$CERT_PEM" --form "key=$KEY_PEM" https://gitlab.example.com/api/v4/projects/5/pages/domains/ssl.domain.example ``` ```json @@ -192,5 +192,5 @@ DELETE /projects/:id/pages/domains/:domain | `domain` | string | yes | The domain | ```bash -curl --request DELETE --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/pages/domains/ssl.domain.example +curl --request DELETE --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/5/pages/domains/ssl.domain.example ``` diff --git a/doc/api/pipeline_triggers.md b/doc/api/pipeline_triggers.md index e881e61d4ef..736312df116 100644 --- a/doc/api/pipeline_triggers.md +++ b/doc/api/pipeline_triggers.md @@ -15,7 +15,7 @@ GET /projects/:id/triggers | `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | ``` -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/projects/1/triggers" +curl --header "PRIVATE-TOKEN: " "https://gitlab.example.com/api/v4/projects/1/triggers" ``` ```json @@ -46,7 +46,7 @@ GET /projects/:id/triggers/:trigger_id | `trigger_id` | integer | yes | The trigger id | ``` -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/projects/1/triggers/5" +curl --header "PRIVATE-TOKEN: " "https://gitlab.example.com/api/v4/projects/1/triggers/5" ``` ```json @@ -75,7 +75,7 @@ POST /projects/:id/triggers | `description` | string | yes | The trigger name | ``` -curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" --form description="my description" "https://gitlab.example.com/api/v4/projects/1/triggers" +curl --request POST --header "PRIVATE-TOKEN: " --form description="my description" "https://gitlab.example.com/api/v4/projects/1/triggers" ``` ```json @@ -105,7 +105,7 @@ PUT /projects/:id/triggers/:trigger_id | `description` | string | no | The trigger name | ``` -curl --request PUT --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" --form description="my description" "https://gitlab.example.com/api/v4/projects/1/triggers/10" +curl --request PUT --header "PRIVATE-TOKEN: " --form description="my description" "https://gitlab.example.com/api/v4/projects/1/triggers/10" ``` ```json @@ -134,7 +134,7 @@ POST /projects/:id/triggers/:trigger_id/take_ownership | `trigger_id` | integer | yes | The trigger id | ``` -curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/projects/1/triggers/10/take_ownership" +curl --request POST --header "PRIVATE-TOKEN: " "https://gitlab.example.com/api/v4/projects/1/triggers/10/take_ownership" ``` ```json @@ -163,5 +163,5 @@ DELETE /projects/:id/triggers/:trigger_id | `trigger_id` | integer | yes | The trigger id | ``` -curl --request DELETE --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/projects/1/triggers/5" +curl --request DELETE --header "PRIVATE-TOKEN: " "https://gitlab.example.com/api/v4/projects/1/triggers/5" ``` diff --git a/doc/api/pipelines.md b/doc/api/pipelines.md index 7b4c9a8fbb3..43bbf463c8d 100644 --- a/doc/api/pipelines.md +++ b/doc/api/pipelines.md @@ -22,7 +22,7 @@ GET /projects/:id/pipelines | `sort` | string | no | Sort pipelines in `asc` or `desc` order (default: `desc`) | ``` -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/projects/1/pipelines" +curl --header "PRIVATE-TOKEN: " "https://gitlab.example.com/api/v4/projects/1/pipelines" ``` Example of response @@ -60,7 +60,7 @@ GET /projects/:id/pipelines/:pipeline_id | `pipeline_id` | integer | yes | The ID of a pipeline | ``` -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/projects/1/pipelines/46" +curl --header "PRIVATE-TOKEN: " "https://gitlab.example.com/api/v4/projects/1/pipelines/46" ``` Example of response @@ -108,7 +108,7 @@ POST /projects/:id/pipeline | `variables` | array | no | An array containing the variables available in the pipeline, matching the structure [{ 'key' => 'UPLOAD_TO_S3', 'value' => 'true' }] | ``` -curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/projects/1/pipeline?ref=master" +curl --request POST --header "PRIVATE-TOKEN: " "https://gitlab.example.com/api/v4/projects/1/pipeline?ref=master" ``` Example of response @@ -155,7 +155,7 @@ POST /projects/:id/pipelines/:pipeline_id/retry | `pipeline_id` | integer | yes | The ID of a pipeline | ``` -curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/projects/1/pipelines/46/retry" +curl --request POST --header "PRIVATE-TOKEN: " "https://gitlab.example.com/api/v4/projects/1/pipelines/46/retry" ``` Response: @@ -202,7 +202,7 @@ POST /projects/:id/pipelines/:pipeline_id/cancel | `pipeline_id` | integer | yes | The ID of a pipeline | ``` -curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/projects/1/pipelines/46/cancel" +curl --request POST --header "PRIVATE-TOKEN: " "https://gitlab.example.com/api/v4/projects/1/pipelines/46/cancel" ``` Response: @@ -249,7 +249,7 @@ DELETE /projects/:id/pipelines/:pipeline_id | `pipeline_id` | integer | yes | The ID of a pipeline | ``` -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" --request "DELETE" "https://gitlab.example.com/api/v4/projects/1/pipelines/46" +curl --header "PRIVATE-TOKEN: " --request "DELETE" "https://gitlab.example.com/api/v4/projects/1/pipelines/46" ``` [ce-5837]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/5837 diff --git a/doc/api/project_badges.md b/doc/api/project_badges.md index 94389273e9c..3a7b3d8975e 100644 --- a/doc/api/project_badges.md +++ b/doc/api/project_badges.md @@ -25,7 +25,7 @@ GET /projects/:id/badges | `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/:id/badges +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/:id/badges ``` Example response: @@ -65,7 +65,7 @@ GET /projects/:id/badges/:badge_id | `badge_id` | integer | yes | The badge ID | ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/:id/badges/:badge_id +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/:id/badges/:badge_id ``` Example response: @@ -96,7 +96,7 @@ POST /projects/:id/badges | `image_url` | string | yes | URL of the badge image | ```bash -curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" --data "link_url=https://gitlab.com/gitlab-org/gitlab-ce/commits/master&image_url=https://shields.io/my/badge1&position=0" https://gitlab.example.com/api/v4/projects/:id/badges +curl --request POST --header "PRIVATE-TOKEN: " --data "link_url=https://gitlab.com/gitlab-org/gitlab-ce/commits/master&image_url=https://shields.io/my/badge1&position=0" https://gitlab.example.com/api/v4/projects/:id/badges ``` Example response: @@ -128,7 +128,7 @@ PUT /projects/:id/badges/:badge_id | `image_url` | string | no | URL of the badge image | ```bash -curl --request PUT --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/:id/badges/:badge_id +curl --request PUT --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/:id/badges/:badge_id ``` Example response: @@ -158,7 +158,7 @@ DELETE /projects/:id/badges/:badge_id | `badge_id` | integer | yes | The badge ID | ```bash -curl --request DELETE --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/:id/badges/:badge_id +curl --request DELETE --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/:id/badges/:badge_id ``` ## Preview a badge from a project @@ -176,7 +176,7 @@ GET /projects/:id/badges/render | `image_url` | string | yes | URL of the badge image | ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/:id/badges/render?link_url=http%3A%2F%2Fexample.com%2Fci_status.svg%3Fproject%3D%25%7Bproject_path%7D%26ref%3D%25%7Bdefault_branch%7D&image_url=https%3A%2F%2Fshields.io%2Fmy%2Fbadge +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/:id/badges/render?link_url=http%3A%2F%2Fexample.com%2Fci_status.svg%3Fproject%3D%25%7Bproject_path%7D%26ref%3D%25%7Bdefault_branch%7D&image_url=https%3A%2F%2Fshields.io%2Fmy%2Fbadge ``` Example response: diff --git a/doc/api/project_import_export.md b/doc/api/project_import_export.md index 83e405141f1..fc91c5741da 100644 --- a/doc/api/project_import_export.md +++ b/doc/api/project_import_export.md @@ -30,7 +30,7 @@ POST /projects/:id/export ```console -curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/1/export \ +curl --request POST --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/1/export \ --data "upload[http_method]=PUT" \ --data-urlencode "upload[url]=https://example-bucket.s3.eu-west-3.amazonaws.com/backup?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIMBJHN2O62W8IELQ%2F20180312%2Feu-west-3%2Fs3%2Faws4_request&X-Amz-Date=20180312T110328Z&X-Amz-Expires=900&X-Amz-SignedHeaders=host&X-Amz-Signature=8413facb20ff33a49a147a0b4abcff4c8487cc33ee1f7e450c46e8f695569dbd" ``` @@ -54,7 +54,7 @@ GET /projects/:id/export | `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | ```console -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/1/export +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/1/export ``` Status can be one of `none`, `started`, `after_export_action` or `finished`. The @@ -95,7 +95,7 @@ GET /projects/:id/export/download | `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | ```console -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" --remote-header-name --remote-name https://gitlab.example.com/api/v4/projects/5/export/download +curl --header "PRIVATE-TOKEN: " --remote-header-name --remote-name https://gitlab.example.com/api/v4/projects/5/export/download ``` ```console @@ -125,7 +125,7 @@ The `file=` parameter must point to a file on your file system and be preceded by `@`. For example: ```console -curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" --form "path=api-project" --form "file=@/path/to/file" https://gitlab.example.com/api/v4/projects/import +curl --request POST --header "PRIVATE-TOKEN: " --form "path=api-project" --form "file=@/path/to/file" https://gitlab.example.com/api/v4/projects/import ``` cURL doesn't support posting a file from a remote server. Importing a project from a remote server can be accomplished through something like the following: @@ -145,7 +145,7 @@ data = { "namespace": "example-group" } headers = { - 'Private-Token': "9koXpg98eAheJpvBs5tK" + 'Private-Token': "" } requests.post(url, headers=headers, data=data, files=files) @@ -177,7 +177,7 @@ GET /projects/:id/import | `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | ```console -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/1/import +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/1/import ``` Status can be one of `none`, `scheduled`, `failed`, `started`, or `finished`. diff --git a/doc/api/project_level_variables.md b/doc/api/project_level_variables.md index 82ac0b09027..438bebe62f5 100644 --- a/doc/api/project_level_variables.md +++ b/doc/api/project_level_variables.md @@ -13,7 +13,7 @@ GET /projects/:id/variables | `id` | integer/string | yes | The ID of a project or [urlencoded NAMESPACE/PROJECT_NAME of the project](README.md#namespaced-path-encoding) owned by the authenticated user | ``` -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/projects/1/variables" +curl --header "PRIVATE-TOKEN: " "https://gitlab.example.com/api/v4/projects/1/variables" ``` ```json @@ -43,7 +43,7 @@ GET /projects/:id/variables/:key | `key` | string | yes | The `key` of a variable | ``` -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/projects/1/variables/TEST_VARIABLE_1" +curl --header "PRIVATE-TOKEN: " "https://gitlab.example.com/api/v4/projects/1/variables/TEST_VARIABLE_1" ``` ```json @@ -69,7 +69,7 @@ POST /projects/:id/variables | `protected` | boolean | no | Whether the variable is protected | ``` -curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/projects/1/variables" --form "key=NEW_VARIABLE" --form "value=new value" +curl --request POST --header "PRIVATE-TOKEN: " "https://gitlab.example.com/api/v4/projects/1/variables" --form "key=NEW_VARIABLE" --form "value=new value" ``` ```json @@ -96,7 +96,7 @@ PUT /projects/:id/variables/:key | `protected` | boolean | no | Whether the variable is protected | ``` -curl --request PUT --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/projects/1/variables/NEW_VARIABLE" --form "value=updated value" +curl --request PUT --header "PRIVATE-TOKEN: " "https://gitlab.example.com/api/v4/projects/1/variables/NEW_VARIABLE" --form "value=updated value" ``` ```json @@ -121,5 +121,5 @@ DELETE /projects/:id/variables/:key | `key` | string | yes | The `key` of a variable | ``` -curl --request DELETE --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/projects/1/variables/VARIABLE_1" +curl --request DELETE --header "PRIVATE-TOKEN: " "https://gitlab.example.com/api/v4/projects/1/variables/VARIABLE_1" ``` diff --git a/doc/api/project_snippets.md b/doc/api/project_snippets.md index cc495c5d091..8f4640fcbd6 100644 --- a/doc/api/project_snippets.md +++ b/doc/api/project_snippets.md @@ -137,7 +137,7 @@ GET /projects/:id/snippets/:snippet_id/user_agent_detail | `snippet_id` | Integer | yes | The ID of a snippet | ```bash -curl --request GET --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/1/snippets/2/user_agent_detail +curl --request GET --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/1/snippets/2/user_agent_detail ``` Example response: diff --git a/doc/api/projects.md b/doc/api/projects.md index ef51ea20e7f..465b1494b2a 100644 --- a/doc/api/projects.md +++ b/doc/api/projects.md @@ -798,7 +798,7 @@ GET /projects/:id/forks | `min_access_level` | integer | no | Limit by current user minimal [access level](members.md) | ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/projects/5/forks" +curl --header "PRIVATE-TOKEN: " "https://gitlab.example.com/api/v4/projects/5/forks" ``` Example responses: @@ -878,7 +878,7 @@ POST /projects/:id/star | `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) | ```bash -curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/projects/5/star" +curl --request POST --header "PRIVATE-TOKEN: " "https://gitlab.example.com/api/v4/projects/5/star" ``` Example response: @@ -964,7 +964,7 @@ POST /projects/:id/unstar | `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) | ```bash -curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/projects/5/unstar" +curl --request POST --header "PRIVATE-TOKEN: " "https://gitlab.example.com/api/v4/projects/5/unstar" ``` Example response: @@ -1046,7 +1046,7 @@ GET /projects/:id/languages ``` ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/projects/5/languages" +curl --header "PRIVATE-TOKEN: " "https://gitlab.example.com/api/v4/projects/5/languages" ``` Example response: @@ -1074,7 +1074,7 @@ POST /projects/:id/archive | `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) | ```bash -curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/projects/5/archive" +curl --request POST --header "PRIVATE-TOKEN: " "https://gitlab.example.com/api/v4/projects/5/archive" ``` Example response: @@ -1178,7 +1178,7 @@ POST /projects/:id/unarchive | `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) | ```bash -curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/projects/5/unarchive" +curl --request POST --header "PRIVATE-TOKEN: " "https://gitlab.example.com/api/v4/projects/5/unarchive" ``` Example response: @@ -1299,7 +1299,7 @@ The `file=` parameter must point to a file on your filesystem and be preceded by `@`. For example: ```bash -curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" --form "file=@dk.png" https://gitlab.example.com/api/v4/projects/5/uploads +curl --request POST --header "PRIVATE-TOKEN: " --form "file=@dk.png" https://gitlab.example.com/api/v4/projects/5/uploads ``` Returned object: @@ -1345,7 +1345,7 @@ DELETE /projects/:id/share/:group_id | `group_id` | integer | yes | The ID of the group | ```bash -curl --request DELETE --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/share/17 +curl --request DELETE --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/5/share/17 ``` ## Hooks @@ -1513,7 +1513,7 @@ GET /projects | `sort` | string | no | Return requests sorted in `asc` or `desc` order | ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects?search=test +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects?search=test ``` ## Start the Housekeeping task for a Project diff --git a/doc/api/protected_branches.md b/doc/api/protected_branches.md index ed8837574a0..fa04680d406 100644 --- a/doc/api/protected_branches.md +++ b/doc/api/protected_branches.md @@ -24,7 +24,7 @@ GET /projects/:id/protected_branches | `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" 'https://gitlab.example.com/api/v4/projects/5/protected_branches' +curl --header "PRIVATE-TOKEN: " 'https://gitlab.example.com/api/v4/projects/5/protected_branches' ``` Example response: @@ -64,7 +64,7 @@ GET /projects/:id/protected_branches/:name | `name` | string | yes | The name of the branch or wildcard | ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" 'https://gitlab.example.com/api/v4/projects/5/protected_branches/master' +curl --header "PRIVATE-TOKEN: " 'https://gitlab.example.com/api/v4/projects/5/protected_branches/master' ``` Example response: @@ -97,7 +97,7 @@ POST /projects/:id/protected_branches ``` ```bash -curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" 'https://gitlab.example.com/api/v4/projects/5/protected_branches?name=*-stable&push_access_level=30&merge_access_level=30' +curl --request POST --header "PRIVATE-TOKEN: " 'https://gitlab.example.com/api/v4/projects/5/protected_branches?name=*-stable&push_access_level=30&merge_access_level=30' ``` | Attribute | Type | Required | Description | @@ -136,7 +136,7 @@ DELETE /projects/:id/protected_branches/:name ``` ```bash -curl --request DELETE --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" 'https://gitlab.example.com/api/v4/projects/5/protected_branches/*-stable' +curl --request DELETE --header "PRIVATE-TOKEN: " 'https://gitlab.example.com/api/v4/projects/5/protected_branches/*-stable' ``` | Attribute | Type | Required | Description | diff --git a/doc/api/protected_tags.md b/doc/api/protected_tags.md index aa750e467f8..3adca61a108 100644 --- a/doc/api/protected_tags.md +++ b/doc/api/protected_tags.md @@ -25,7 +25,7 @@ GET /projects/:id/protected_tags | `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" 'https://gitlab.example.com/api/v4/projects/5/protected_tags' +curl --header "PRIVATE-TOKEN: " 'https://gitlab.example.com/api/v4/projects/5/protected_tags' ``` Example response: @@ -60,7 +60,7 @@ GET /projects/:id/protected_tags/:name | `name` | string | yes | The name of the tag or wildcard | ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" 'https://gitlab.example.com/api/v4/projects/5/protected_tags/release-1-0' +curl --header "PRIVATE-TOKEN: " 'https://gitlab.example.com/api/v4/projects/5/protected_tags/release-1-0' ``` Example response: @@ -87,7 +87,7 @@ POST /projects/:id/protected_tags ``` ```bash -curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" 'https://gitlab.example.com/api/v4/projects/5/protected_tags?name=*-stable&create_access_level=30' +curl --request POST --header "PRIVATE-TOKEN: " 'https://gitlab.example.com/api/v4/projects/5/protected_tags?name=*-stable&create_access_level=30' ``` | Attribute | Type | Required | Description | @@ -119,7 +119,7 @@ DELETE /projects/:id/protected_tags/:name ``` ```bash -curl --request DELETE --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" 'https://gitlab.example.com/api/v4/projects/5/protected_tags/*-stable' +curl --request DELETE --header "PRIVATE-TOKEN: " 'https://gitlab.example.com/api/v4/projects/5/protected_tags/*-stable' ``` | Attribute | Type | Required | Description | diff --git a/doc/api/repositories.md b/doc/api/repositories.md index 55f5a4cc3b2..877a7af3149 100644 --- a/doc/api/repositories.md +++ b/doc/api/repositories.md @@ -224,7 +224,7 @@ GET /projects/:id/repository/merge_base | `refs` | array | yes | The refs to find the common ancestor of, multiple refs can be passed | ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/projects/5/repository/merge_base?refs[]=304d257dcb821665ab5110318fc58a007bd104ed&refs[]=0031876facac3f2b2702a0e53a26e89939a42209" +curl --header "PRIVATE-TOKEN: " "https://gitlab.example.com/api/v4/projects/5/repository/merge_base?refs[]=304d257dcb821665ab5110318fc58a007bd104ed&refs[]=0031876facac3f2b2702a0e53a26e89939a42209" ``` Example response: diff --git a/doc/api/repository_files.md b/doc/api/repository_files.md index 5f587f480b6..8c1d982f394 100644 --- a/doc/api/repository_files.md +++ b/doc/api/repository_files.md @@ -25,7 +25,7 @@ GET /projects/:id/repository/files/:file_path ``` ```bash -curl --request GET --header 'PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK' 'https://gitlab.example.com/api/v4/projects/13083/repository/files/app%2Fmodels%2Fkey%2Erb?ref=master' +curl --request GET --header 'PRIVATE-TOKEN: ' 'https://gitlab.example.com/api/v4/projects/13083/repository/files/app%2Fmodels%2Fkey%2Erb?ref=master' ``` Example response: @@ -60,7 +60,7 @@ HEAD /projects/:id/repository/files/:file_path ``` ```bash -curl --head --header 'PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK' 'https://gitlab.example.com/api/v4/projects/13083/repository/files/app%2Fmodels%2Fkey%2Erb?ref=master' +curl --head --header 'PRIVATE-TOKEN: ' 'https://gitlab.example.com/api/v4/projects/13083/repository/files/app%2Fmodels%2Fkey%2Erb?ref=master' ``` Example response: @@ -87,7 +87,7 @@ GET /projects/:id/repository/files/:file_path/raw ``` ```bash -curl --request GET --header 'PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK' 'https://gitlab.example.com/api/v4/projects/13083/repository/files/app%2Fmodels%2Fkey%2Erb/raw?ref=master' +curl --request GET --header 'PRIVATE-TOKEN: ' 'https://gitlab.example.com/api/v4/projects/13083/repository/files/app%2Fmodels%2Fkey%2Erb/raw?ref=master' ``` Parameters: @@ -107,7 +107,7 @@ POST /projects/:id/repository/files/:file_path ``` ```bash -curl --request POST --header 'PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK' --header "Content-Type: application/json" \ +curl --request POST --header 'PRIVATE-TOKEN: ' --header "Content-Type: application/json" \ --data '{"branch": "master", "author_email": "author@example.com", "author_name": "Firstname Lastname", \ "content": "some content", "commit_message": "create a new file"}' \ 'https://gitlab.example.com/api/v4/projects/13083/repository/files/app%2Fproject%2Erb' @@ -142,7 +142,7 @@ PUT /projects/:id/repository/files/:file_path ``` ```bash -curl --request PUT --header 'PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK' --header "Content-Type: application/json" \ +curl --request PUT --header 'PRIVATE-TOKEN: ' --header "Content-Type: application/json" \ --data '{"branch": "master", "author_email": "author@example.com", "author_name": "Firstname Lastname", \ "content": "some content", "commit_message": "update file"}' \ 'https://gitlab.example.com/api/v4/projects/13083/repository/files/app%2Fproject%2Erb' @@ -187,7 +187,7 @@ DELETE /projects/:id/repository/files/:file_path ``` ```bash -curl --request DELETE --header 'PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK' --header "Content-Type: application/json" \ +curl --request DELETE --header 'PRIVATE-TOKEN: ' --header "Content-Type: application/json" \ --data '{"branch": "master", "author_email": "author@example.com", "author_name": "Firstname Lastname", \ "commit_message": "delete file"}' \ 'https://gitlab.example.com/api/v4/projects/13083/repository/files/app%2Fproject%2Erb' diff --git a/doc/api/repository_submodules.md b/doc/api/repository_submodules.md index 11b04c81172..2c44c4abc93 100644 --- a/doc/api/repository_submodules.md +++ b/doc/api/repository_submodules.md @@ -22,7 +22,7 @@ PUT /projects/:id/repository/submodules/:submodule | `commit_message` | string | no | Commit message. If no message is provided, a default one will be set | ```sh -curl --request PUT --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/projects/5/repository/submodules/lib%2Fmodules%2Fexample" +curl --request PUT --header "PRIVATE-TOKEN: " "https://gitlab.example.com/api/v4/projects/5/repository/submodules/lib%2Fmodules%2Fexample" --data "branch=master&commit_sha=3ddec28ea23acc5caa5d8331a6ecb2a65fc03e88&commit_message=Update submodule reference" ``` diff --git a/doc/api/resource_label_events.md b/doc/api/resource_label_events.md index 33e4821ccf4..e1f9ffa9472 100644 --- a/doc/api/resource_label_events.md +++ b/doc/api/resource_label_events.md @@ -65,7 +65,7 @@ GET /projects/:id/issues/:issue_iid/resource_label_events ``` ```bash -curl --request GET --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/issues/11/resource_label_events +curl --request GET --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/5/issues/11/resource_label_events ``` ### Get single issue label event @@ -85,7 +85,7 @@ Parameters: | `resource_label_event_id` | integer | yes | The ID of a label event | ```bash -curl --request GET --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/issues/11/resource_label_events/1 +curl --request GET --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/5/issues/11/resource_label_events/1 ``` ## Merge requests @@ -151,7 +151,7 @@ GET /projects/:id/merge_requests/:merge_request_iid/resource_label_events ``` ```bash -curl --request GET --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/merge_requests/11/resource_label_events +curl --request GET --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/5/merge_requests/11/resource_label_events ``` ### Get single merge request label event @@ -171,5 +171,5 @@ Parameters: | `resource_label_event_id` | integer | yes | The ID of a label event | ```bash -curl --request GET --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/merge_requests/11/resource_label_events/120 +curl --request GET --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/5/merge_requests/11/resource_label_events/120 ``` diff --git a/doc/api/runners.md b/doc/api/runners.md index 071c13f41cb..4aa0e4543e5 100644 --- a/doc/api/runners.md +++ b/doc/api/runners.md @@ -22,7 +22,7 @@ GET /runners?status=active | `status` | string | no | The status of runners to show, one of: `active`, `paused`, `online`, `offline` | ``` -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/runners" +curl --header "PRIVATE-TOKEN: " "https://gitlab.example.com/api/v4/runners" ``` Example response: @@ -71,7 +71,7 @@ GET /runners/all?status=active | `status` | string | no | The status of runners to show, one of: `active`, `paused`, `online`, `offline` | ``` -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/runners/all" +curl --header "PRIVATE-TOKEN: " "https://gitlab.example.com/api/v4/runners/all" ``` Example response: @@ -134,7 +134,7 @@ GET /runners/:id | `id` | integer | yes | The ID of a runner | ``` -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/runners/6" +curl --header "PRIVATE-TOKEN: " "https://gitlab.example.com/api/v4/runners/6" ``` Example response: @@ -193,7 +193,7 @@ PUT /runners/:id | `maximum_timeout` | integer | no | Maximum timeout set when this Runner will handle the job | ``` -curl --request PUT --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/runners/6" --form "description=test-1-20150125-test" --form "tag_list=ruby,mysql,tag1,tag2" +curl --request PUT --header "PRIVATE-TOKEN: " "https://gitlab.example.com/api/v4/runners/6" --form "description=test-1-20150125-test" --form "tag_list=ruby,mysql,tag1,tag2" ``` Example response: @@ -247,7 +247,7 @@ DELETE /runners/:id | `id` | integer | yes | The ID of a runner | ``` -curl --request DELETE --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/runners/6" +curl --request DELETE --header "PRIVATE-TOKEN: " "https://gitlab.example.com/api/v4/runners/6" ``` ## List runner's jobs @@ -264,7 +264,7 @@ GET /runners/:id/jobs | `status` | string | no | Status of the job; one of: `running`, `success`, `failed`, `canceled` | ``` -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/runners/1/jobs?status=running" +curl --header "PRIVATE-TOKEN: " "https://gitlab.example.com/api/v4/runners/1/jobs?status=running" ``` Example response: @@ -357,7 +357,7 @@ GET /projects/:id/runners?status=active | `status` | string | no | The status of runners to show, one of: `active`, `paused`, `online`, `offline` | ``` -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/projects/9/runners" +curl --header "PRIVATE-TOKEN: " "https://gitlab.example.com/api/v4/projects/9/runners" ``` Example response: @@ -401,7 +401,7 @@ POST /projects/:id/runners | `runner_id` | integer | yes | The ID of a runner | ``` -curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/projects/9/runners" --form "runner_id=9" +curl --request POST --header "PRIVATE-TOKEN: " "https://gitlab.example.com/api/v4/projects/9/runners" --form "runner_id=9" ``` Example response: @@ -435,7 +435,7 @@ DELETE /projects/:id/runners/:runner_id | `runner_id` | integer | yes | The ID of a runner | ``` -curl --request DELETE --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/projects/9/runners/9" +curl --request DELETE --header "PRIVATE-TOKEN: " "https://gitlab.example.com/api/v4/projects/9/runners/9" ``` ## Register a new Runner diff --git a/doc/api/search.md b/doc/api/search.md index 7e3ae7404a3..aaaed7d9956 100644 --- a/doc/api/search.md +++ b/doc/api/search.md @@ -24,7 +24,7 @@ The response depends on the requested scope. ### Scope: projects ```bash -curl --request GET --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/search?scope=projects&search=flight +curl --request GET --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/search?scope=projects&search=flight ``` Example response: @@ -55,7 +55,7 @@ Example response: ### Scope: issues ```bash -curl --request GET --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/search?scope=issues&search=file +curl --request GET --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/search?scope=issues&search=file ``` Example response: @@ -120,7 +120,7 @@ Example response: ### Scope: merge_requests ```bash -curl --request GET --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/search?scope=merge_requests&search=file +curl --request GET --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/search?scope=merge_requests&search=file ``` Example response: @@ -197,7 +197,7 @@ Example response: ### Scope: milestones ```bash -curl --request GET --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/search?scope=milestones&search=release +curl --request GET --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/search?scope=milestones&search=release ``` Example response: @@ -222,7 +222,7 @@ Example response: ### Scope: snippet_titles ```bash -curl --request GET --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/search?scope=snippet_titles&search=sample +curl --request GET --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/search?scope=snippet_titles&search=sample ``` Example response: @@ -253,7 +253,7 @@ Example response: ### Scope: snippet_blobs ```bash -curl --request GET --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/search?scope=snippet_blos&search=test +curl --request GET --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/search?scope=snippet_blos&search=test ``` Example response: @@ -305,7 +305,7 @@ The response depends on the requested scope. ### Scope: projects ```bash -curl --request GET --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/groups/3/search?scope=projects&search=flight +curl --request GET --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/groups/3/search?scope=projects&search=flight ``` Example response: @@ -336,7 +336,7 @@ Example response: ### Scope: issues ```bash -curl --request GET --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/groups/3/search?scope=issues&search=file +curl --request GET --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/groups/3/search?scope=issues&search=file ``` Example response: @@ -401,7 +401,7 @@ Example response: ### Scope: merge_requests ```bash -curl --request GET --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/groups/3/search?scope=merge_requests&search=file +curl --request GET --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/groups/3/search?scope=merge_requests&search=file ``` Example response: @@ -478,7 +478,7 @@ Example response: ### Scope: milestones ```bash -curl --request GET --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/groups/3/search?scope=milestones&search=release +curl --request GET --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/groups/3/search?scope=milestones&search=release ``` Example response: @@ -524,7 +524,7 @@ The response depends on the requested scope. ### Scope: issues ```bash -curl --request GET --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/12/search?scope=issues&search=file +curl --request GET --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/12/search?scope=issues&search=file ``` Example response: @@ -589,7 +589,7 @@ Example response: ### Scope: merge_requests ```bash -curl --request GET --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/6/search?scope=merge_requests&search=file +curl --request GET --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/6/search?scope=merge_requests&search=file ``` Example response: @@ -666,7 +666,7 @@ Example response: ### Scope: milestones ```bash -curl --request GET --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/12/search?scope=milestones&search=release +curl --request GET --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/12/search?scope=milestones&search=release ``` Example response: @@ -691,7 +691,7 @@ Example response: ### Scope: notes ```bash -curl --request GET --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/6/search?scope=notes&search=maxime +curl --request GET --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/6/search?scope=notes&search=maxime ``` Example response: @@ -740,7 +740,7 @@ results: times in the content. ```bash -curl --request GET --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/6/search?scope=wiki_blobs&search=bye +curl --request GET --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/6/search?scope=wiki_blobs&search=bye ``` Example response: @@ -763,7 +763,7 @@ Example response: ### Scope: commits ```bash -curl --request GET --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/6/search?scope=commits&search=bye +curl --request GET --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/6/search?scope=commits&search=bye ``` Example response: @@ -810,7 +810,7 @@ Blobs searches are performed on both filenames and contents. Search results: times in the content. ```bash -curl --request GET --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/6/search?scope=blobs&search=installation +curl --request GET --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/6/search?scope=blobs&search=installation ``` Example response: diff --git a/doc/api/services.md b/doc/api/services.md index c4edaa17815..868bcdd07fc 100644 --- a/doc/api/services.md +++ b/doc/api/services.md @@ -639,7 +639,7 @@ Example response: "job_events": true, "pipeline_events": true, "properties": { - "token": "9koXpg98eAheJpvBs5tK" + "token": "" } } ``` diff --git a/doc/api/settings.md b/doc/api/settings.md index 9b38e3a4eb7..9998a93de03 100644 --- a/doc/api/settings.md +++ b/doc/api/settings.md @@ -19,7 +19,7 @@ GET /application/settings ``` ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/application/settings +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/application/settings ``` Example response: @@ -75,7 +75,7 @@ PUT /application/settings ``` ```bash -curl --request PUT --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/application/settings?signup_enabled=false&default_project_visibility=internal +curl --request PUT --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/application/settings?signup_enabled=false&default_project_visibility=internal ``` Example response: diff --git a/doc/api/sidekiq_metrics.md b/doc/api/sidekiq_metrics.md index b9500916cf2..95dcf2d5277 100644 --- a/doc/api/sidekiq_metrics.md +++ b/doc/api/sidekiq_metrics.md @@ -15,7 +15,7 @@ GET /sidekiq/queue_metrics ``` ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/sidekiq/queue_metrics +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/sidekiq/queue_metrics ``` Example response: @@ -40,7 +40,7 @@ GET /sidekiq/process_metrics ``` ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/sidekiq/process_metrics +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/sidekiq/process_metrics ``` Example response: @@ -82,7 +82,7 @@ GET /sidekiq/job_stats ``` ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/sidekiq/job_stats +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/sidekiq/job_stats ``` Example response: @@ -106,7 +106,7 @@ GET /sidekiq/compound_metrics ``` ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/sidekiq/compound_metrics +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/sidekiq/compound_metrics ``` Example response: diff --git a/doc/api/snippets.md b/doc/api/snippets.md index e840e640377..2cbd041d132 100644 --- a/doc/api/snippets.md +++ b/doc/api/snippets.md @@ -38,7 +38,7 @@ Parameters: | `id` | Integer | yes | The ID of a snippet | ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/snippets/1 +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/snippets/1 ``` Example response: @@ -80,7 +80,7 @@ Parameters: | `id` | Integer | yes | The ID of a snippet | ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/snippets/1/raw +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/snippets/1/raw ``` Example response: @@ -208,7 +208,7 @@ Parameters: ``` -curl --request DELETE --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/snippets/1" +curl --request DELETE --header "PRIVATE-TOKEN: " "https://gitlab.example.com/api/v4/snippets/1" ``` upon successful delete a `204 No content` HTTP code shall be expected, with no data, @@ -226,7 +226,7 @@ GET /snippets/public | `page` | Integer | no | the page to retrieve | ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/snippets/public?per_page=2&page=1 +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/snippets/public?per_page=2&page=1 ``` Example response: @@ -288,7 +288,7 @@ GET /snippets/:id/user_agent_detail | `id` | Integer | yes | The ID of a snippet | ```bash -curl --request GET --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/snippets/1/user_agent_detail +curl --request GET --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/snippets/1/user_agent_detail ``` Example response: diff --git a/doc/api/suggestions.md b/doc/api/suggestions.md index 9d76ef0c4bf..e88d536282a 100644 --- a/doc/api/suggestions.md +++ b/doc/api/suggestions.md @@ -16,7 +16,7 @@ PUT /suggestions/:id/apply | `id` | integer/string | yes | The ID of a suggestion | ```bash -curl --request PUT --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/suggestions/5/apply +curl --request PUT --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/suggestions/5/apply ``` Example response: diff --git a/doc/api/system_hooks.md b/doc/api/system_hooks.md index 7b8db6cfa8f..f8563e819db 100644 --- a/doc/api/system_hooks.md +++ b/doc/api/system_hooks.md @@ -20,7 +20,7 @@ GET /hooks Example request: ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/hooks +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/hooks ``` Example response: @@ -63,7 +63,7 @@ POST /hooks Example request: ```bash -curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/hooks?url=https://gitlab.example.com/hook" +curl --request POST --header "PRIVATE-TOKEN: " "https://gitlab.example.com/api/v4/hooks?url=https://gitlab.example.com/hook" ``` Example response: @@ -96,7 +96,7 @@ GET /hooks/:id Example request: ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/hooks/2 +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/hooks/2 ``` Example response: @@ -129,5 +129,5 @@ DELETE /hooks/:id Example request: ```bash -curl --request DELETE --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/hooks/2 +curl --request DELETE --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/hooks/2 ``` \ No newline at end of file diff --git a/doc/api/tags.md b/doc/api/tags.md index 826900ca518..fc86aaa6757 100644 --- a/doc/api/tags.md +++ b/doc/api/tags.md @@ -65,7 +65,7 @@ Parameters: | `tag_name` | string | yes | The name of the tag | ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/5/repository/tags/v1.0.0 +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/5/repository/tags/v1.0.0 ``` Example Response: diff --git a/doc/api/templates/licenses.md b/doc/api/templates/licenses.md index 8d1006e08c5..5feb1e498bd 100644 --- a/doc/api/templates/licenses.md +++ b/doc/api/templates/licenses.md @@ -116,7 +116,7 @@ If you omit the `fullname` parameter but authenticate your request, the name of the authenticated user will be used to replace the copyright holder placeholder. ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/templates/licenses/mit?project=My+Cool+Project +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/templates/licenses/mit?project=My+Cool+Project ``` Example response: diff --git a/doc/api/todos.md b/doc/api/todos.md index 0843e4eedc6..c54c90d9f06 100644 --- a/doc/api/todos.md +++ b/doc/api/todos.md @@ -23,7 +23,7 @@ Parameters: | `type` | string | no | The type of a todo. Can be either `Issue` or `MergeRequest` | ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/todos +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/todos ``` Example Response: @@ -195,7 +195,7 @@ Parameters: | `id` | integer | yes | The ID of a todo | ```bash -curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/todos/130/mark_as_done +curl --request POST --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/todos/130/mark_as_done ``` Example Response: @@ -285,8 +285,7 @@ POST /todos/mark_as_done ``` ```bash -curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/todos/donmark_as_donee +curl --request POST --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/todos/mark_as_done ``` - [ce-3188]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/3188 diff --git a/doc/api/users.md b/doc/api/users.md index 1cf4444319c..6000b9b900f 100644 --- a/doc/api/users.md +++ b/doc/api/users.md @@ -458,7 +458,7 @@ GET /user/status ``` ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/user/status" +curl --header "PRIVATE-TOKEN: " "https://gitlab.example.com/user/status" ``` Example response: @@ -513,7 +513,7 @@ PUT /user/status When both parameters `emoji` and `message` are empty, the status will be cleared. ```bash -curl --request PUT --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" --data "emoji=coffee" --data "message=I crave coffee" https://gitlab.example.com/api/v4/user/status +curl --request PUT --header "PRIVATE-TOKEN: " --data "emoji=coffee" --data "message=I crave coffee" https://gitlab.example.com/api/v4/user/status ``` Example responses @@ -679,7 +679,7 @@ GET /user/gpg_keys ``` ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/user/gpg_keys +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/user/gpg_keys ``` Example response: @@ -709,7 +709,7 @@ Parameters: | `key_id` | integer | yes | The ID of the GPG key | ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/user/gpg_keys/1 +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/user/gpg_keys/1 ``` Example response: @@ -737,7 +737,7 @@ Parameters: | key | string | yes | The new GPG key | ```bash -curl --data "key=-----BEGIN PGP PUBLIC KEY BLOCK-----\r\n\r\nxsBNBFV..." --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/user/gpg_keys +curl --data "key=-----BEGIN PGP PUBLIC KEY BLOCK-----\r\n\r\nxsBNBFV..." --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/user/gpg_keys ``` Example response: @@ -767,7 +767,7 @@ Parameters: | `key_id` | integer | yes | The ID of the GPG key | ```bash -curl --request DELETE --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/user/gpg_keys/1 +curl --request DELETE --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/user/gpg_keys/1 ``` Returns `204 No Content` on success, or `404 Not found` if the key cannot be found. @@ -787,7 +787,7 @@ Parameters: | `id` | integer | yes | The ID of the user | ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/users/2/gpg_keys +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/users/2/gpg_keys ``` Example response: @@ -818,7 +818,7 @@ Parameters: | `key_id` | integer | yes | The ID of the GPG key | ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/users/2/gpg_keys/1 +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/users/2/gpg_keys/1 ``` Example response: @@ -847,7 +847,7 @@ Parameters: | `key_id` | integer | yes | The ID of the GPG key | ```bash -curl --data "key=-----BEGIN PGP PUBLIC KEY BLOCK-----\r\n\r\nxsBNBFV..." --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/users/2/gpg_keys +curl --data "key=-----BEGIN PGP PUBLIC KEY BLOCK-----\r\n\r\nxsBNBFV..." --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/users/2/gpg_keys ``` Example response: @@ -878,7 +878,7 @@ Parameters: | `key_id` | integer | yes | The ID of the GPG key | ```bash -curl --request DELETE --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/users/2/gpg_keys/1 +curl --request DELETE --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/users/2/gpg_keys/1 ``` ## List emails @@ -1063,7 +1063,7 @@ Parameters: | `state` | string | no | filter tokens based on state (`all`, `active`, `inactive`) | ``` -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/users/42/impersonation_tokens +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/users/42/impersonation_tokens ``` Example response: @@ -1115,7 +1115,7 @@ Parameters: | `impersonation_token_id` | integer | yes | The ID of the impersonation token | ``` -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/users/42/impersonation_tokens/2 +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/users/42/impersonation_tokens/2 ``` Example response: @@ -1160,7 +1160,7 @@ Parameters: | `scopes` | array | yes | The array of scopes of the impersonation token (`api`, `read_user`) | ``` -curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" --data "name=mytoken" --data "expires_at=2017-04-04" --data "scopes[]=api" https://gitlab.example.com/api/v4/users/42/impersonation_tokens +curl --request POST --header "PRIVATE-TOKEN: " --data "name=mytoken" --data "expires_at=2017-04-04" --data "scopes[]=api" https://gitlab.example.com/api/v4/users/42/impersonation_tokens ``` Example response: @@ -1192,7 +1192,7 @@ DELETE /users/:user_id/impersonation_tokens/:impersonation_token_id ``` ``` -curl --request DELETE --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/users/42/impersonation_tokens/1 +curl --request DELETE --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/users/42/impersonation_tokens/1 ``` Parameters: @@ -1227,7 +1227,7 @@ Parameters: | `from` | string | no | Date string in the format YEAR-MONTH-DAY, e.g. `2016-03-11`. Defaults to 6 months ago. | ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/user/activities +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/user/activities ``` Example response: diff --git a/doc/api/version.md b/doc/api/version.md index 8b2a5b51bc5..ac19178b7ad 100644 --- a/doc/api/version.md +++ b/doc/api/version.md @@ -10,7 +10,7 @@ GET /version ``` ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/version +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/version ``` Example response: diff --git a/doc/api/wikis.md b/doc/api/wikis.md index df3b54e8f89..436d06cfd3a 100644 --- a/doc/api/wikis.md +++ b/doc/api/wikis.md @@ -18,7 +18,7 @@ GET /projects/:id/wikis | `with_content` | boolean | no | Include pages' content | ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/1/wikis?with_content=1 +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/1/wikis?with_content=1 ``` Example response: @@ -59,7 +59,7 @@ GET /projects/:id/wikis/:slug | `slug` | string | yes | The slug (a unique string) of the wiki page | ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/projects/1/wikis/home +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/projects/1/wikis/home ``` Example response: @@ -89,7 +89,7 @@ POST /projects/:id/wikis | `format` | string | no | The format of the wiki page. Available formats are: `markdown` (default), `rdoc`, and `asciidoc` | ```bash -curl --data "format=rdoc&title=Hello&content=Hello world" --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/projects/1/wikis" +curl --data "format=rdoc&title=Hello&content=Hello world" --header "PRIVATE-TOKEN: " "https://gitlab.example.com/api/v4/projects/1/wikis" ``` Example response: @@ -121,7 +121,7 @@ PUT /projects/:id/wikis/:slug ```bash -curl --request PUT --data "format=rdoc&content=documentation&title=Docs" --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/projects/1/wikis/foo" +curl --request PUT --data "format=rdoc&content=documentation&title=Docs" --header "PRIVATE-TOKEN: " "https://gitlab.example.com/api/v4/projects/1/wikis/foo" ``` Example response: @@ -149,7 +149,7 @@ DELETE /projects/:id/wikis/:slug | `slug` | string | yes | The slug (a unique string) of the wiki page | ```bash -curl --request DELETE --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/projects/1/wikis/foo" +curl --request DELETE --header "PRIVATE-TOKEN: " "https://gitlab.example.com/api/v4/projects/1/wikis/foo" ``` On success the HTTP status code is `204` and no JSON response is expected. @@ -177,7 +177,7 @@ The `file=` parameter must point to a file on your filesystem and be preceded by `@`. For example: ```bash -curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" --form "file=@dk.png" https://gitlab.example.com/api/v4/projects/1/wikis/attachments +curl --request POST --header "PRIVATE-TOKEN: " --form "file=@dk.png" https://gitlab.example.com/api/v4/projects/1/wikis/attachments ``` Example response: diff --git a/doc/development/documentation/styleguide.md b/doc/development/documentation/styleguide.md index 8760cd194d4..829dcf18926 100644 --- a/doc/development/documentation/styleguide.md +++ b/doc/development/documentation/styleguide.md @@ -555,7 +555,7 @@ You can use the following fake tokens as examples. | **Token type** | **Token value** | |:----------------------|:-------------------------------------------------------------------| -| Private user token | `9koXpg98eAheJpvBs5tK` | +| Private user token | `` | | Personal access token | `n671WNGecHugsdEDPsyo` | | Application ID | `2fcb195768c39e9a94cec2c2e32c59c0aad7a3365c10892e8116b5d83d4096b6` | | Application secret | `04f294d1eaca42b8692017b426d53bbc8fe75f827734f0260710b83a556082df` | @@ -602,7 +602,7 @@ Rendered example: #### cURL commands - Use `https://gitlab.example.com/api/v4/` as an endpoint. -- Wherever needed use this personal access token: `9koXpg98eAheJpvBs5tK`. +- Wherever needed use this personal access token: ``. - Always put the request first. `GET` is the default so you don't have to include it. - Use double quotes to the URL when it includes additional parameters. @@ -611,7 +611,7 @@ Rendered example: | Methods | Description | |:-------------------------------------------|:------------------------------------------------------| -| `-H "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK"` | Use this method as is, whenever authentication needed | +| `-H "PRIVATE-TOKEN: "` | Use this method as is, whenever authentication needed | | `-X POST` | Use this method when creating new objects | | `-X PUT` | Use this method when updating existing objects | | `-X DELETE` | Use this method when removing existing objects | @@ -625,7 +625,7 @@ Below is a set of [cURL][] examples that you can use in the API documentation. Get the details of a group: ```bash -curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/groups/gitlab-org +curl --header "PRIVATE-TOKEN: " https://gitlab.example.com/api/v4/groups/gitlab-org ``` ##### cURL example with parameters passed in the URL @@ -633,7 +633,7 @@ curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/a Create a new project under the authenticated user's namespace: ```bash -curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/projects?name=foo" +curl --request POST --header "PRIVATE-TOKEN: " "https://gitlab.example.com/api/v4/projects?name=foo" ``` ##### Post data using cURL's --data @@ -643,7 +643,7 @@ cURL's `--data` option. The example below will create a new project `foo` under the authenticated user's namespace. ```bash -curl --data "name=foo" --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/projects" +curl --data "name=foo" --header "PRIVATE-TOKEN: " "https://gitlab.example.com/api/v4/projects" ``` ##### Post data using JSON content @@ -652,7 +652,7 @@ curl --data "name=foo" --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://g and double quotes. ```bash -curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" --header "Content-Type: application/json" --data '{"path": "my-group", "name": "My group"}' https://gitlab.example.com/api/v4/groups +curl --request POST --header "PRIVATE-TOKEN: " --header "Content-Type: application/json" --data '{"path": "my-group", "name": "My group"}' https://gitlab.example.com/api/v4/groups ``` ##### Post data using form-data @@ -661,7 +661,7 @@ Instead of using JSON or urlencode you can use multipart/form-data which properly handles data encoding: ```bash -curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" --form "title=ssh-key" --form "key=ssh-rsa AAAAB3NzaC1yc2EA..." https://gitlab.example.com/api/v4/users/25/keys +curl --request POST --header "PRIVATE-TOKEN: " --form "title=ssh-key" --form "key=ssh-rsa AAAAB3NzaC1yc2EA..." https://gitlab.example.com/api/v4/users/25/keys ``` The above example is run by and administrator and will add an SSH public key @@ -675,7 +675,7 @@ contains spaces in its title. Observe how spaces are escaped using the `%20` ASCII code. ```bash -curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/projects/42/issues?title=Hello%20Dude" +curl --request POST --header "PRIVATE-TOKEN: " "https://gitlab.example.com/api/v4/projects/42/issues?title=Hello%20Dude" ``` Use `%2F` for slashes (`/`). @@ -687,7 +687,7 @@ restrict the sign-up e-mail domains of a GitLab instance to `*.example.com` and `example.net`, you would do something like this: ```bash -curl --request PUT --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" --data "domain_whitelist[]=*.example.com" --data "domain_whitelist[]=example.net" https://gitlab.example.com/api/v4/application/settings +curl --request PUT --header "PRIVATE-TOKEN: " --data "domain_whitelist[]=*.example.com" --data "domain_whitelist[]=example.net" https://gitlab.example.com/api/v4/application/settings ``` [cURL]: http://curl.haxx.se/ "cURL website" -- GitLab From 85157165bad28f3be33bf2982eab9c7ebd49e3d2 Mon Sep 17 00:00:00 2001 From: Achilleas Pipinellis Date: Fri, 21 Dec 2018 12:01:50 +0100 Subject: [PATCH 15/63] Clarify needed app files for Auto Build to work Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/45279 --- doc/topics/autodevops/index.md | 37 +++++++++++++++++++++++++++------- 1 file changed, 30 insertions(+), 7 deletions(-) diff --git a/doc/topics/autodevops/index.md b/doc/topics/autodevops/index.md index e937d372384..a96dd6aa9f0 100644 --- a/doc/topics/autodevops/index.md +++ b/doc/topics/autodevops/index.md @@ -284,21 +284,44 @@ to understand how each one works. ### Auto Build -Auto Build creates a build of the application in one of two ways: - -- If there is a `Dockerfile`, it will use `docker build` to create a Docker image. -- Otherwise, it will use [Herokuish](https://github.com/gliderlabs/herokuish) - and [Heroku buildpacks](https://devcenter.heroku.com/articles/buildpacks) - to automatically detect and build the application into a Docker image. +Auto Build creates a build of the application using an existing `Dockerfile` or +Heroku buildpacks. Either way, the resulting Docker image is automatically pushed to the [Container Registry][container-registry] and tagged with the commit SHA. -CAUTION: **Important:** +#### Auto Build using a Dockerfile + +If a project's repository contains a `Dockerfile`, Auto Build will use +`docker build` to create a Docker image. + If you are also using Auto Review Apps and Auto Deploy and choose to provide your own `Dockerfile`, make sure you expose your application to port `5000` as this is the port assumed by the default Helm chart. +#### Auto Build using Heroku buildpacks + +Auto Build builds an application using a project's `Dockerfile` if present, or +otherwise it will use [Herokuish](https://github.com/gliderlabs/herokuish) +and [Heroku buildpacks](https://devcenter.heroku.com/articles/buildpacks) +to automatically detect and build the application into a Docker image. + +Each buildpack requires certain files to be in your project's repository for +Auto Build to successfully build your application. For example, the following +files are required at the root of your application's repository, depending on +the language: + +- A `Pipfile` or `requirements.txt` file for Python projects. +- A `Gemfile` or `Gemfile.lock` file for Ruby projects. + +For the requirements of other languages and frameworks, read the +[buildpacks docs](https://devcenter.heroku.com/articles/buildpacks#officially-supported-buildpacks). + +TIP: **Tip:** +If Auto Build fails despite the project meeting the buildpack requirements, set +a project variable `TRACE=true` to enable verbose logging, which may help to +troubleshoot. + ### Auto Test Auto Test automatically runs the appropriate tests for your application using -- GitLab From 1484a7eb7d4f943cd770ad2988b5e73fdc665860 Mon Sep 17 00:00:00 2001 From: Tim Zallmann Date: Fri, 4 Jan 2019 16:34:01 +0100 Subject: [PATCH 16/63] Added User Popovers to Commit Items and Member Lists --- .../diffs/components/commit_item.vue | 20 ++++++++++++++++++- app/helpers/commits_helper.rb | 2 +- app/views/admin/users/_user.html.haml | 2 +- app/views/shared/members/_member.html.haml | 2 +- 4 files changed, 22 insertions(+), 4 deletions(-) diff --git a/app/assets/javascripts/diffs/components/commit_item.vue b/app/assets/javascripts/diffs/components/commit_item.vue index ebc4a83af4d..3e362ecf0b2 100644 --- a/app/assets/javascripts/diffs/components/commit_item.vue +++ b/app/assets/javascripts/diffs/components/commit_item.vue @@ -5,6 +5,7 @@ import ClipboardButton from '~/vue_shared/components/clipboard_button.vue'; import CIIcon from '~/vue_shared/components/ci_icon.vue'; import TimeAgoTooltip from '~/vue_shared/components/time_ago_tooltip.vue'; import CommitPipelineStatus from '~/projects/tree/components/commit_pipeline_status_component.vue'; +import initUserPopovers from '../../user_popovers'; /** * CommitItem @@ -38,6 +39,12 @@ export default { authorName() { return (this.commit.author && this.commit.author.name) || this.commit.author_name; }, + authorClass() { + return this.commit.author && this.commit.author.name ? 'js-user-link' : ''; + }, + authorId() { + return this.commit.author && this.commit.author.name ? this.commit.author.id : ''; + }, authorUrl() { return ( (this.commit.author && this.commit.author.web_url) || `mailto:${this.commit.author_email}` @@ -49,6 +56,11 @@ export default { ); }, }, + created() { + this.$nextTick(() => { + initUserPopovers(this.$el.querySelectorAll('.js-user-link')); + }); + }, }; @@ -81,7 +93,13 @@ export default {
- {{ s__('CommitWidget|authored') }} + + {{ s__('CommitWidget|authored') }}
diff --git a/app/helpers/commits_helper.rb b/app/helpers/commits_helper.rb index d52cfd6e37a..7abd355287f 100644 --- a/app/helpers/commits_helper.rb +++ b/app/helpers/commits_helper.rb @@ -154,7 +154,7 @@ module CommitsHelper if user.nil? mail_to(source_email, text, link_options) else - link_to(text, user_path(user), link_options) + link_to(text, user_path(user), {class: "commit-#{options[:source]}-link js-user-link",data: {user_id: user.id}}) end end diff --git a/app/views/admin/users/_user.html.haml b/app/views/admin/users/_user.html.haml index b2163ee85fa..a4e2c3252af 100644 --- a/app/views/admin/users/_user.html.haml +++ b/app/views/admin/users/_user.html.haml @@ -3,7 +3,7 @@ = image_tag avatar_icon_for_user(user), class: "avatar", alt: '' .row-main-content .user-name.row-title.str-truncated-100 - = link_to user.name, [:admin, user] + = link_to user.name, [:admin, user], class: "js-user-link", data: { user_id: user.id } - if user.blocked? %span.badge.badge-danger blocked - if user.admin? diff --git a/app/views/shared/members/_member.html.haml b/app/views/shared/members/_member.html.haml index 6b3841ebbc4..2db1f67a793 100644 --- a/app/views/shared/members/_member.html.haml +++ b/app/views/shared/members/_member.html.haml @@ -10,7 +10,7 @@ - if user = image_tag avatar_icon_for_user(user, 40), class: "avatar s40", alt: '' .user-info - = link_to user.name, user_path(user), class: 'member' + = link_to user.name, user_path(user), class: 'member js-user-link', data: { user_id: user.id } = user_status(user) %span.cgray= user.to_reference -- GitLab From 0103d5be960e620342c67436ddd64ca9e729d7a8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kamil=20Trzci=C5=84ski?= Date: Sun, 2 Sep 2018 16:35:15 +0200 Subject: [PATCH 17/63] Add config_options|variables to BuildMetadata These are data columns that store runtime configuration of build needed to execute it on runner and within pipeline. The definition of this data is that once used, and when no longer needed (due to retry capability) they can be freely removed. They use `jsonb` on PostgreSQL, and `text` on MySQL (due to lacking support for json datatype on old enough version). --- app/models/ci/build.rb | 52 ++- app/models/ci/build_metadata.rb | 12 +- app/services/ci/retry_build_service.rb | 2 +- app/views/projects/ci/lints/_create.html.haml | 9 +- config/initializers/ar_mysql_jsonb_support.rb | 31 ++ db/fixtures/development/14_pipelines.rb | 5 +- ...219145521_add_options_to_build_metadata.rb | 15 + db/schema.rb | 2 + doc/development/migration_style_guide.md | 25 ++ lib/gitlab/ci/build/step.rb | 1 - lib/gitlab/ci/config/entry/job.rb | 7 +- lib/gitlab/ci/yaml_processor.rb | 1 - lib/gitlab/import_export/import_export.yml | 1 + lib/gitlab/import_export/relation_factory.rb | 1 + lib/gitlab/utils.rb | 10 + lib/serializers/json.rb | 34 ++ spec/factories/ci/builds.rb | 56 ++- .../user_sees_mini_pipeline_graph_spec.rb | 2 +- .../environments/environments_spec.rb | 6 +- .../projects/pipelines/pipeline_spec.rb | 2 +- .../projects/pipelines/pipelines_spec.rb | 15 +- spec/javascripts/fixtures/jobs.rb | 3 +- .../populate_external_pipeline_source_spec.rb | 5 + spec/lib/gitlab/ci/build/step_spec.rb | 9 +- .../lib/gitlab/ci/config/entry/global_spec.rb | 2 - spec/lib/gitlab/ci/config/entry/job_spec.rb | 11 - spec/lib/gitlab/ci/config/entry/jobs_spec.rb | 2 - .../lib/gitlab/ci/pipeline/seed/build_spec.rb | 5 +- spec/lib/gitlab/ci/yaml_processor_spec.rb | 22 +- spec/lib/gitlab/utils_spec.rb | 16 + spec/lib/serializers/json_spec.rb | 102 ++++++ ...e_inconsistent_internal_id_records_spec.rb | 7 + spec/models/ci/build_metadata_spec.rb | 4 +- spec/models/ci/build_spec.rb | 333 +++++++++++------- spec/requests/api/runner_spec.rb | 8 +- .../ci/process_pipeline_service_spec.rb | 6 +- spec/services/ci/register_job_service_spec.rb | 7 +- 37 files changed, 597 insertions(+), 234 deletions(-) create mode 100644 config/initializers/ar_mysql_jsonb_support.rb create mode 100644 db/migrate/20181219145521_add_options_to_build_metadata.rb create mode 100644 lib/serializers/json.rb create mode 100644 spec/lib/serializers/json_spec.rb diff --git a/app/models/ci/build.rb b/app/models/ci/build.rb index aeb35538d67..dc6f8ae1a7f 100644 --- a/app/models/ci/build.rb +++ b/app/models/ci/build.rb @@ -8,10 +8,15 @@ module Ci include ObjectStorage::BackgroundMove include Presentable include Importable + include IgnorableColumn include Gitlab::Utils::StrongMemoize include Deployable include HasRef + BuildArchivedError = Class.new(StandardError) + + ignore_column :commands + belongs_to :project, inverse_of: :builds belongs_to :runner belongs_to :trigger_request @@ -31,7 +36,7 @@ module Ci has_one :"job_artifacts_#{key}", -> { where(file_type: value) }, class_name: 'Ci::JobArtifact', inverse_of: :job, foreign_key: :job_id end - has_one :metadata, class_name: 'Ci::BuildMetadata' + has_one :metadata, class_name: 'Ci::BuildMetadata', autosave: true has_one :runner_session, class_name: 'Ci::BuildRunnerSession', validate: true, inverse_of: :build accepts_nested_attributes_for :runner_session @@ -273,11 +278,14 @@ module Ci # degenerated build is one that cannot be run by Runner def degenerated? - self.options.nil? + self.options.blank? end def degenerate! - self.update!(options: nil, yaml_variables: nil, commands: nil) + Build.transaction do + self.update!(options: nil, yaml_variables: nil) + self.metadata&.destroy + end end def archived? @@ -624,11 +632,23 @@ module Ci end def when - read_attribute(:when) || build_attributes_from_config[:when] || 'on_success' + read_attribute(:when) || 'on_success' + end + + def options + read_metadata_attribute(:options, :config_options, {}) end def yaml_variables - read_attribute(:yaml_variables) || build_attributes_from_config[:yaml_variables] || [] + read_metadata_attribute(:yaml_variables, :config_variables, []) + end + + def options=(value) + write_metadata_attribute(:options, :config_options, value) + end + + def yaml_variables=(value) + write_metadata_attribute(:yaml_variables, :config_variables, value) end def user_variables @@ -904,8 +924,11 @@ module Ci # have the old integer only format. This method returns the retry option # normalized as a hash in 11.5+ format. def normalized_retry - value = options&.dig(:retry) - value.is_a?(Integer) ? { max: value } : value.to_h + strong_memoize(:normalized_retry) do + value = options&.dig(:retry) + value = value.is_a?(Integer) ? { max: value } : value.to_h + value.with_indifferent_access + end end def build_attributes_from_config @@ -929,5 +952,20 @@ module Ci def project_destroyed? project.pending_delete? end + + def read_metadata_attribute(legacy_key, metadata_key, default_value = nil) + read_attribute(legacy_key) || metadata&.read_attribute(metadata_key) || default_value + end + + def write_metadata_attribute(legacy_key, metadata_key, value) + # save to metadata or this model depending on the state of feature flag + if Feature.enabled?(:ci_build_metadata_config) + ensure_metadata.write_attribute(metadata_key, value) + write_attribute(legacy_key, nil) + else + write_attribute(legacy_key, value) + metadata&.write_attribute(metadata_key, nil) + end + end end end diff --git a/app/models/ci/build_metadata.rb b/app/models/ci/build_metadata.rb index 9d588b862bd..38390f49217 100644 --- a/app/models/ci/build_metadata.rb +++ b/app/models/ci/build_metadata.rb @@ -13,8 +13,12 @@ module Ci belongs_to :build, class_name: 'Ci::Build' belongs_to :project + before_create :set_build_project + validates :build, presence: true - validates :project, presence: true + + serialize :config_options, Serializers::JSON # rubocop:disable Cop/ActiveRecordSerialize + serialize :config_variables, Serializers::JSON # rubocop:disable Cop/ActiveRecordSerialize chronic_duration_attr_reader :timeout_human_readable, :timeout @@ -33,5 +37,11 @@ module Ci update(timeout: timeout, timeout_source: timeout_source) end + + private + + def set_build_project + self.project_id ||= self.build.project_id + end end end diff --git a/app/services/ci/retry_build_service.rb b/app/services/ci/retry_build_service.rb index 218f1e63d08..fab8a179843 100644 --- a/app/services/ci/retry_build_service.rb +++ b/app/services/ci/retry_build_service.rb @@ -2,7 +2,7 @@ module Ci class RetryBuildService < ::BaseService - CLONE_ACCESSORS = %i[pipeline project ref tag options commands name + CLONE_ACCESSORS = %i[pipeline project ref tag options name allow_failure stage stage_id stage_idx trigger_request yaml_variables when environment coverage_regex description tag_list protected].freeze diff --git a/app/views/projects/ci/lints/_create.html.haml b/app/views/projects/ci/lints/_create.html.haml index 30bf1384b22..b4c18374220 100644 --- a/app/views/projects/ci/lints/_create.html.haml +++ b/app/views/projects/ci/lints/_create.html.haml @@ -13,20 +13,23 @@ %tbody - @stages.each do |stage| - @builds.select { |build| build[:stage] == stage }.each do |build| + - job = @jobs[build[:name].to_sym] %tr %td #{stage.capitalize} Job - #{build[:name]} %td - %pre= build[:commands] + %pre= job[:before_script].to_a.join('\n') + %pre= job[:script].to_a.join('\n') + %pre= job[:after_script].to_a.join('\n') %br %b Tag list: = build[:tag_list].to_a.join(", ") %br %b Only policy: - = @jobs[build[:name].to_sym][:only].to_a.join(", ") + = job[:only].to_a.join(", ") %br %b Except policy: - = @jobs[build[:name].to_sym][:except].to_a.join(", ") + = job[:except].to_a.join(", ") %br %b Environment: = build[:environment] diff --git a/config/initializers/ar_mysql_jsonb_support.rb b/config/initializers/ar_mysql_jsonb_support.rb new file mode 100644 index 00000000000..63a0b05119a --- /dev/null +++ b/config/initializers/ar_mysql_jsonb_support.rb @@ -0,0 +1,31 @@ +# frozen_string_literal: true + +require 'active_record/connection_adapters/abstract_mysql_adapter' +require 'active_record/connection_adapters/mysql/schema_definitions' + +# MySQL (5.6) and MariaDB (10.1) are currently supported versions within GitLab, +# Since they do not support native `json` datatype we force to emulate it as `text` + +if Gitlab::Database.mysql? + module ActiveRecord + module ConnectionAdapters + class AbstractMysqlAdapter + JSON_DATASIZE = 1.megabyte + + NATIVE_DATABASE_TYPES.merge!( + json: { name: "text", limit: JSON_DATASIZE }, + jsonb: { name: "text", limit: JSON_DATASIZE } + ) + end + + module MySQL + module ColumnMethods + # We add `jsonb` helper, as `json` is already defined for `MySQL` since Rails 5 + def jsonb(*args, **options) + args.each { |name| column(name, :json, options) } + end + end + end + end + end +end diff --git a/db/fixtures/development/14_pipelines.rb b/db/fixtures/development/14_pipelines.rb index bdc0a2db7db..db043e39d2c 100644 --- a/db/fixtures/development/14_pipelines.rb +++ b/db/fixtures/development/14_pipelines.rb @@ -102,14 +102,15 @@ class Gitlab::Seeder::Pipelines [] end - def create_pipeline!(project, ref, commit) project.ci_pipelines.create!(sha: commit.id, ref: ref, source: :push) end def build_create!(pipeline, opts = {}) attributes = job_attributes(pipeline, opts) - .merge(commands: '$ build command') + + attributes[:options] ||= {} + attributes[:options][:script] = 'build command' Ci::Build.create!(attributes).tap do |build| # We need to set build trace and artifacts after saving a build diff --git a/db/migrate/20181219145521_add_options_to_build_metadata.rb b/db/migrate/20181219145521_add_options_to_build_metadata.rb new file mode 100644 index 00000000000..dc9569babc2 --- /dev/null +++ b/db/migrate/20181219145521_add_options_to_build_metadata.rb @@ -0,0 +1,15 @@ +# frozen_string_literal: true + +# See http://doc.gitlab.com/ce/development/migration_style_guide.html +# for more information on how to write migrations for GitLab. + +class AddOptionsToBuildMetadata < ActiveRecord::Migration[5.0] + include Gitlab::Database::MigrationHelpers + + DOWNTIME = false + + def change + add_column :ci_builds_metadata, :config_options, :jsonb + add_column :ci_builds_metadata, :config_variables, :jsonb + end +end diff --git a/db/schema.rb b/db/schema.rb index 97daf8ee617..12e4ed6d627 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -374,6 +374,8 @@ ActiveRecord::Schema.define(version: 20190103140724) do t.integer "project_id", null: false t.integer "timeout" t.integer "timeout_source", default: 1, null: false + t.jsonb "config_options" + t.jsonb "config_variables" t.index ["build_id"], name: "index_ci_builds_metadata_on_build_id", unique: true, using: :btree t.index ["project_id"], name: "index_ci_builds_metadata_on_project_id", using: :btree end diff --git a/doc/development/migration_style_guide.md b/doc/development/migration_style_guide.md index d0a054c3290..23aa318ef91 100644 --- a/doc/development/migration_style_guide.md +++ b/doc/development/migration_style_guide.md @@ -325,6 +325,31 @@ This ensures all timestamps have a time zone specified. This in turn means exist suddenly use a different timezone when the system's timezone changes. It also makes it very clear which timezone was used in the first place. +## Storing JSON in database + +The Rails 5 natively supports `JSONB` (binary JSON) column type. +Example migration adding this column: + +```ruby +class AddOptionsToBuildMetadata < ActiveRecord::Migration[5.0] + DOWNTIME = false + + def change + add_column :ci_builds_metadata, :config_options, :jsonb + end +end +``` + +On MySQL the `JSON` and `JSONB` is translated to `TEXT 1MB`, as `JSONB` is PostgreSQL only feature. + +For above reason you have to use a serializer to provide a translation layer +in order to support PostgreSQL and MySQL seamlessly: + +```ruby +class BuildMetadata + serialize :config_options, Serializers::JSON # rubocop:disable Cop/ActiveRecordSerialize +end +``` ## Testing diff --git a/lib/gitlab/ci/build/step.rb b/lib/gitlab/ci/build/step.rb index d587c896712..7fcabc035ac 100644 --- a/lib/gitlab/ci/build/step.rb +++ b/lib/gitlab/ci/build/step.rb @@ -15,7 +15,6 @@ module Gitlab def from_commands(job) self.new(:script).tap do |step| step.script = job.options[:before_script].to_a + job.options[:script].to_a - step.script = job.commands.split("\n") if step.script.empty? step.timeout = job.metadata_timeout step.when = WHEN_ON_SUCCESS end diff --git a/lib/gitlab/ci/config/entry/job.rb b/lib/gitlab/ci/config/entry/job.rb index 50942fbdb40..3239743bfff 100644 --- a/lib/gitlab/ci/config/entry/job.rb +++ b/lib/gitlab/ci/config/entry/job.rb @@ -95,7 +95,7 @@ module Gitlab helpers :before_script, :script, :stage, :type, :after_script, :cache, :image, :services, :only, :except, :variables, - :artifacts, :commands, :environment, :coverage, :retry, + :artifacts, :environment, :coverage, :retry, :parallel attributes :script, :tags, :allow_failure, :when, :dependencies, @@ -121,10 +121,6 @@ module Gitlab @config.merge(to_hash.compact) end - def commands - (before_script_value.to_a + script_value.to_a).join("\n") - end - def manual_action? self.when == 'manual' end @@ -156,7 +152,6 @@ module Gitlab { name: name, before_script: before_script_value, script: script_value, - commands: commands, image: image_value, services: services_value, stage: stage_value, diff --git a/lib/gitlab/ci/yaml_processor.rb b/lib/gitlab/ci/yaml_processor.rb index 172926b8ab0..15097188061 100644 --- a/lib/gitlab/ci/yaml_processor.rb +++ b/lib/gitlab/ci/yaml_processor.rb @@ -33,7 +33,6 @@ module Gitlab { stage_idx: @stages.index(job[:stage]), stage: job[:stage], - commands: job[:commands], tag_list: job[:tags] || [], name: job[:name].to_s, allow_failure: job[:ignore], diff --git a/lib/gitlab/import_export/import_export.yml b/lib/gitlab/import_export/import_export.yml index 9fb1ae9f64b..a1a374cef4a 100644 --- a/lib/gitlab/import_export/import_export.yml +++ b/lib/gitlab/import_export/import_export.yml @@ -148,6 +148,7 @@ excluded_attributes: - :when - :artifacts_file - :artifacts_metadata + - :commands push_event_payload: - :event_id project_badges: diff --git a/lib/gitlab/import_export/relation_factory.rb b/lib/gitlab/import_export/relation_factory.rb index a0f4dcfb772..bce12103cce 100644 --- a/lib/gitlab/import_export/relation_factory.rb +++ b/lib/gitlab/import_export/relation_factory.rb @@ -150,6 +150,7 @@ module Gitlab if BUILD_MODELS.include?(@relation_name) @relation_hash.delete('trace') # old export files have trace @relation_hash.delete('token') + @relation_hash.delete('commands') imported_object elsif @relation_name == :merge_requests diff --git a/lib/gitlab/utils.rb b/lib/gitlab/utils.rb index a81cee0d6d2..99fa65e0e90 100644 --- a/lib/gitlab/utils.rb +++ b/lib/gitlab/utils.rb @@ -115,5 +115,15 @@ module Gitlab string_or_array.split(',').map(&:strip) end + + def deep_indifferent_access(data) + if data.is_a?(Array) + data.map(&method(:deep_indifferent_access)) + elsif data.is_a?(Hash) + data.with_indifferent_access + else + data + end + end end end diff --git a/lib/serializers/json.rb b/lib/serializers/json.rb new file mode 100644 index 00000000000..93cb192087a --- /dev/null +++ b/lib/serializers/json.rb @@ -0,0 +1,34 @@ +# frozen_string_literal: true + +module Serializers + # This serializer exports data as JSON, + # it is designed to be used with interwork compatibility between MySQL and PostgreSQL + # implementations, as used version of MySQL does not support native json type + # + # Secondly, the loader makes the resulting hash to have deep indifferent access + class JSON + class << self + def dump(obj) + # MySQL stores data as text + # look at ./config/initializers/ar_mysql_jsonb_support.rb + if Gitlab::Database.mysql? + obj = ActiveSupport::JSON.encode(obj) + end + + obj + end + + def load(data) + return if data.nil? + + # On MySQL we store data as text + # look at ./config/initializers/ar_mysql_jsonb_support.rb + if Gitlab::Database.mysql? + data = ActiveSupport::JSON.decode(data) + end + + Gitlab::Utils.deep_indifferent_access(data) + end + end + end +end diff --git a/spec/factories/ci/builds.rb b/spec/factories/ci/builds.rb index 07c1fc31152..bb3c0d6537d 100644 --- a/spec/factories/ci/builds.rb +++ b/spec/factories/ci/builds.rb @@ -7,7 +7,6 @@ FactoryBot.define do stage_idx 0 ref 'master' tag false - commands 'ls -a' protected false created_at 'Di 29. Okt 09:50:00 CET 2013' pending @@ -15,7 +14,8 @@ FactoryBot.define do options do { image: 'ruby:2.1', - services: ['postgres'] + services: ['postgres'], + script: ['ls -a'] } end @@ -28,7 +28,6 @@ FactoryBot.define do pipeline factory: :ci_pipeline trait :degenerated do - commands nil options nil yaml_variables nil end @@ -95,33 +94,53 @@ FactoryBot.define do trait :teardown_environment do environment 'staging' - options environment: { name: 'staging', - action: 'stop', - url: 'http://staging.example.com/$CI_JOB_NAME' } + options do + { + script: %w(ls), + environment: { name: 'staging', + action: 'stop', + url: 'http://staging.example.com/$CI_JOB_NAME' } + } + end end trait :deploy_to_production do environment 'production' - options environment: { name: 'production', - url: 'http://prd.example.com/$CI_JOB_NAME' } + options do + { + script: %w(ls), + environment: { name: 'production', + url: 'http://prd.example.com/$CI_JOB_NAME' } + } + end end trait :start_review_app do environment 'review/$CI_COMMIT_REF_NAME' - options environment: { name: 'review/$CI_COMMIT_REF_NAME', - url: 'http://staging.example.com/$CI_JOB_NAME', - on_stop: 'stop_review_app' } + options do + { + script: %w(ls), + environment: { name: 'review/$CI_COMMIT_REF_NAME', + url: 'http://staging.example.com/$CI_JOB_NAME', + on_stop: 'stop_review_app' } + } + end end trait :stop_review_app do name 'stop_review_app' environment 'review/$CI_COMMIT_REF_NAME' - options environment: { name: 'review/$CI_COMMIT_REF_NAME', - url: 'http://staging.example.com/$CI_JOB_NAME', - action: 'stop' } + options do + { + script: %w(ls), + environment: { name: 'review/$CI_COMMIT_REF_NAME', + url: 'http://staging.example.com/$CI_JOB_NAME', + action: 'stop' } + } + end end trait :allowed_to_fail do @@ -142,7 +161,13 @@ FactoryBot.define do trait :schedulable do self.when 'delayed' - options start_in: '1 minute' + + options do + { + script: ['ls -a'], + start_in: '1 minute' + } + end end trait :actionable do @@ -265,6 +290,7 @@ FactoryBot.define do { image: { name: 'ruby:2.1', entrypoint: '/bin/sh' }, services: ['postgres', { name: 'docker:stable-dind', entrypoint: '/bin/sh', command: 'sleep 30', alias: 'docker' }], + script: %w(echo), after_script: %w(ls date), artifacts: { name: 'artifacts_file', diff --git a/spec/features/merge_request/user_sees_mini_pipeline_graph_spec.rb b/spec/features/merge_request/user_sees_mini_pipeline_graph_spec.rb index 0272d300e06..0959f1b12f3 100644 --- a/spec/features/merge_request/user_sees_mini_pipeline_graph_spec.rb +++ b/spec/features/merge_request/user_sees_mini_pipeline_graph_spec.rb @@ -5,7 +5,7 @@ describe 'Merge request < User sees mini pipeline graph', :js do let(:user) { project.creator } let(:merge_request) { create(:merge_request, source_project: project, head_pipeline: pipeline) } let(:pipeline) { create(:ci_empty_pipeline, project: project, ref: 'master', status: 'running', sha: project.commit.id) } - let(:build) { create(:ci_build, pipeline: pipeline, stage: 'test', commands: 'test') } + let(:build) { create(:ci_build, pipeline: pipeline, stage: 'test') } before do build.run diff --git a/spec/features/projects/environments/environments_spec.rb b/spec/features/projects/environments/environments_spec.rb index 89954d35f91..0c517d5f490 100644 --- a/spec/features/projects/environments/environments_spec.rb +++ b/spec/features/projects/environments/environments_spec.rb @@ -272,8 +272,7 @@ describe 'Environments page', :js do create(:ci_build, :scheduled, pipeline: pipeline, name: 'delayed job', - stage: 'test', - commands: 'test') + stage: 'test') end let!(:deployment) do @@ -304,8 +303,7 @@ describe 'Environments page', :js do create(:ci_build, :expired_scheduled, pipeline: pipeline, name: 'delayed job', - stage: 'test', - commands: 'test') + stage: 'test') end it "shows 00:00:00 as the remaining time" do diff --git a/spec/features/projects/pipelines/pipeline_spec.rb b/spec/features/projects/pipelines/pipeline_spec.rb index a37ad9c3f43..4706c28bb3d 100644 --- a/spec/features/projects/pipelines/pipeline_spec.rb +++ b/spec/features/projects/pipelines/pipeline_spec.rb @@ -18,7 +18,7 @@ describe 'Pipeline', :js do let!(:build_failed) do create(:ci_build, :failed, - pipeline: pipeline, stage: 'test', name: 'test', commands: 'test') + pipeline: pipeline, stage: 'test', name: 'test') end let!(:build_running) do diff --git a/spec/features/projects/pipelines/pipelines_spec.rb b/spec/features/projects/pipelines/pipelines_spec.rb index 17772a35779..b75dee66592 100644 --- a/spec/features/projects/pipelines/pipelines_spec.rb +++ b/spec/features/projects/pipelines/pipelines_spec.rb @@ -109,8 +109,7 @@ describe 'Pipelines', :js do context 'when pipeline is cancelable' do let!(:build) do create(:ci_build, pipeline: pipeline, - stage: 'test', - commands: 'test') + stage: 'test') end before do @@ -140,8 +139,7 @@ describe 'Pipelines', :js do context 'when pipeline is retryable' do let!(:build) do create(:ci_build, pipeline: pipeline, - stage: 'test', - commands: 'test') + stage: 'test') end before do @@ -202,8 +200,7 @@ describe 'Pipelines', :js do create(:ci_build, :manual, pipeline: pipeline, name: 'manual build', - stage: 'test', - commands: 'test') + stage: 'test') end before do @@ -237,8 +234,7 @@ describe 'Pipelines', :js do create(:ci_build, :scheduled, pipeline: pipeline, name: 'delayed job', - stage: 'test', - commands: 'test') + stage: 'test') end before do @@ -262,8 +258,7 @@ describe 'Pipelines', :js do create(:ci_build, :expired_scheduled, pipeline: pipeline, name: 'delayed job', - stage: 'test', - commands: 'test') + stage: 'test') end it "shows 00:00:00 as the remaining time" do diff --git a/spec/javascripts/fixtures/jobs.rb b/spec/javascripts/fixtures/jobs.rb index d6b5349594d..433bb690a1c 100644 --- a/spec/javascripts/fixtures/jobs.rb +++ b/spec/javascripts/fixtures/jobs.rb @@ -14,8 +14,7 @@ describe Projects::JobsController, '(JavaScript fixtures)', type: :controller do create(:ci_build, :scheduled, pipeline: pipeline, name: 'delayed job', - stage: 'test', - commands: 'test') + stage: 'test') end render_views diff --git a/spec/lib/gitlab/background_migration/populate_external_pipeline_source_spec.rb b/spec/lib/gitlab/background_migration/populate_external_pipeline_source_spec.rb index c7b272cd6ca..6ab126ad39a 100644 --- a/spec/lib/gitlab/background_migration/populate_external_pipeline_source_spec.rb +++ b/spec/lib/gitlab/background_migration/populate_external_pipeline_source_spec.rb @@ -5,6 +5,11 @@ require 'spec_helper' describe Gitlab::BackgroundMigration::PopulateExternalPipelineSource, :migration, schema: 20180916011959 do let(:migration) { described_class.new } + before do + # This migration was created before we introduced metadata configs + stub_feature_flags(ci_build_metadata_config: false) + end + let!(:internal_pipeline) { create(:ci_pipeline, source: :web) } let(:pipelines) { [internal_pipeline, unknown_pipeline].map(&:id) } diff --git a/spec/lib/gitlab/ci/build/step_spec.rb b/spec/lib/gitlab/ci/build/step_spec.rb index cce4efaa069..e3136fc925e 100644 --- a/spec/lib/gitlab/ci/build/step_spec.rb +++ b/spec/lib/gitlab/ci/build/step_spec.rb @@ -18,13 +18,6 @@ describe Gitlab::Ci::Build::Step do end end - context 'when commands are specified' do - it_behaves_like 'has correct script' do - let(:job) { create(:ci_build, :no_options, commands: "ls -la\ndate") } - let(:script) { ['ls -la', 'date'] } - end - end - context 'when script option is specified' do it_behaves_like 'has correct script' do let(:job) { create(:ci_build, :no_options, options: { script: ["ls -la\necho aaa", "date"] }) } @@ -62,7 +55,7 @@ describe Gitlab::Ci::Build::Step do end context 'when after_script is not empty' do - let(:job) { create(:ci_build, options: { after_script: ['ls -la', 'date'] }) } + let(:job) { create(:ci_build, options: { script: ['bash'], after_script: ['ls -la', 'date'] }) } it 'fabricates an object' do expect(subject.name).to eq(:after_script) diff --git a/spec/lib/gitlab/ci/config/entry/global_spec.rb b/spec/lib/gitlab/ci/config/entry/global_spec.rb index 61d78f86b51..941ef33c8a4 100644 --- a/spec/lib/gitlab/ci/config/entry/global_spec.rb +++ b/spec/lib/gitlab/ci/config/entry/global_spec.rb @@ -153,7 +153,6 @@ describe Gitlab::Ci::Config::Entry::Global do rspec: { name: :rspec, script: %w[rspec ls], before_script: %w(ls pwd), - commands: "ls\npwd\nrspec\nls", image: { name: 'ruby:2.2' }, services: [{ name: 'postgres:9.1' }, { name: 'mysql:5.5' }], stage: 'test', @@ -166,7 +165,6 @@ describe Gitlab::Ci::Config::Entry::Global do spinach: { name: :spinach, before_script: [], script: %w[spinach], - commands: 'spinach', image: { name: 'ruby:2.2' }, services: [{ name: 'postgres:9.1' }, { name: 'mysql:5.5' }], stage: 'test', diff --git a/spec/lib/gitlab/ci/config/entry/job_spec.rb b/spec/lib/gitlab/ci/config/entry/job_spec.rb index 8e32cede3b5..3d0b98eb238 100644 --- a/spec/lib/gitlab/ci/config/entry/job_spec.rb +++ b/spec/lib/gitlab/ci/config/entry/job_spec.rb @@ -255,7 +255,6 @@ describe Gitlab::Ci::Config::Entry::Job do .to eq(name: :rspec, before_script: %w[ls pwd], script: %w[rspec], - commands: "ls\npwd\nrspec", stage: 'test', ignore: false, after_script: %w[cleanup], @@ -264,16 +263,6 @@ describe Gitlab::Ci::Config::Entry::Job do end end end - - describe '#commands' do - let(:config) do - { before_script: %w[ls pwd], script: 'rspec' } - end - - it 'returns a string of commands concatenated with new line character' do - expect(entry.commands).to eq "ls\npwd\nrspec" - end - end end describe '#manual_action?' do diff --git a/spec/lib/gitlab/ci/config/entry/jobs_spec.rb b/spec/lib/gitlab/ci/config/entry/jobs_spec.rb index 1a2c30d3571..d97be76f0e0 100644 --- a/spec/lib/gitlab/ci/config/entry/jobs_spec.rb +++ b/spec/lib/gitlab/ci/config/entry/jobs_spec.rb @@ -65,14 +65,12 @@ describe Gitlab::Ci::Config::Entry::Jobs do expect(entry.value).to eq( rspec: { name: :rspec, script: %w[rspec], - commands: 'rspec', ignore: false, stage: 'test', only: { refs: %w[branches tags] }, except: {} }, spinach: { name: :spinach, script: %w[spinach], - commands: 'spinach', ignore: false, stage: 'test', only: { refs: %w[branches tags] }, diff --git a/spec/lib/gitlab/ci/pipeline/seed/build_spec.rb b/spec/lib/gitlab/ci/pipeline/seed/build_spec.rb index 2cf812b26dc..a700cfd4546 100644 --- a/spec/lib/gitlab/ci/pipeline/seed/build_spec.rb +++ b/spec/lib/gitlab/ci/pipeline/seed/build_spec.rb @@ -6,8 +6,7 @@ describe Gitlab::Ci::Pipeline::Seed::Build do let(:attributes) do { name: 'rspec', - ref: 'master', - commands: 'rspec' } + ref: 'master' } end subject do @@ -18,7 +17,7 @@ describe Gitlab::Ci::Pipeline::Seed::Build do it 'returns hash attributes of a build' do expect(subject.attributes).to be_a Hash expect(subject.attributes) - .to include(:name, :project, :ref, :commands) + .to include(:name, :project, :ref) end end diff --git a/spec/lib/gitlab/ci/yaml_processor_spec.rb b/spec/lib/gitlab/ci/yaml_processor_spec.rb index 441e8214181..63e1f167ce2 100644 --- a/spec/lib/gitlab/ci/yaml_processor_spec.rb +++ b/spec/lib/gitlab/ci/yaml_processor_spec.rb @@ -21,7 +21,6 @@ module Gitlab stage: "test", stage_idx: 1, name: "rspec", - commands: "pwd\nrspec", coverage_regex: nil, tag_list: [], options: { @@ -155,7 +154,6 @@ module Gitlab builds: [{ stage_idx: 1, stage: "test", - commands: "rspec", tag_list: [], name: "rspec", allow_failure: false, @@ -171,7 +169,6 @@ module Gitlab builds: [{ stage_idx: 2, stage: "deploy", - commands: "cap prod", tag_list: [], name: "prod", allow_failure: false, @@ -271,7 +268,7 @@ module Gitlab end it "return commands with scripts concencaced" do - expect(subject[:commands]).to eq("global script\nscript") + expect(subject[:options][:before_script]).to eq(["global script"]) end end @@ -284,7 +281,7 @@ module Gitlab end it "return commands with scripts concencaced" do - expect(subject[:commands]).to eq("local script\nscript") + expect(subject[:options][:before_script]).to eq(["local script"]) end end end @@ -297,7 +294,7 @@ module Gitlab end it "return commands with scripts concencaced" do - expect(subject[:commands]).to eq("script") + expect(subject[:options][:script]).to eq(["script"]) end end @@ -347,7 +344,6 @@ module Gitlab stage: "test", stage_idx: 1, name: "rspec", - commands: "pwd\nrspec", coverage_regex: nil, tag_list: [], options: { @@ -382,7 +378,6 @@ module Gitlab stage: "test", stage_idx: 1, name: "rspec", - commands: "pwd\nrspec", coverage_regex: nil, tag_list: [], options: { @@ -415,7 +410,6 @@ module Gitlab stage: "test", stage_idx: 1, name: "rspec", - commands: "pwd\nrspec", coverage_regex: nil, tag_list: [], options: { @@ -444,7 +438,6 @@ module Gitlab stage: "test", stage_idx: 1, name: "rspec", - commands: "pwd\nrspec", coverage_regex: nil, tag_list: [], options: { @@ -596,7 +589,7 @@ module Gitlab it 'correctly extends rspec job' do expect(config_processor.builds).to be_one - expect(subject.dig(:commands)).to eq 'test' + expect(subject.dig(:options, :script)).to eq %w(test) expect(subject.dig(:options, :image, :name)).to eq 'ruby:alpine' end end @@ -622,7 +615,8 @@ module Gitlab it 'correctly extends rspec job' do expect(config_processor.builds).to be_one - expect(subject.dig(:commands)).to eq "bundle install\nrspec" + expect(subject.dig(:options, :before_script)).to eq ["bundle install"] + expect(subject.dig(:options, :script)).to eq %w(rspec) expect(subject.dig(:options, :image, :name)).to eq 'image:test' expect(subject.dig(:when)).to eq 'always' end @@ -769,7 +763,6 @@ module Gitlab stage: "test", stage_idx: 1, name: "rspec", - commands: "pwd\nrspec", coverage_regex: nil, tag_list: [], options: { @@ -983,7 +976,6 @@ module Gitlab stage: "test", stage_idx: 1, name: "normal_job", - commands: "test", coverage_regex: nil, tag_list: [], options: { @@ -1031,7 +1023,6 @@ module Gitlab stage: "build", stage_idx: 0, name: "job1", - commands: "execute-script-for-job", coverage_regex: nil, tag_list: [], options: { @@ -1046,7 +1037,6 @@ module Gitlab stage: "build", stage_idx: 0, name: "job2", - commands: "execute-script-for-job", coverage_regex: nil, tag_list: [], options: { diff --git a/spec/lib/gitlab/utils_spec.rb b/spec/lib/gitlab/utils_spec.rb index f5a4b7e2ebf..8f5029b3565 100644 --- a/spec/lib/gitlab/utils_spec.rb +++ b/spec/lib/gitlab/utils_spec.rb @@ -197,4 +197,20 @@ describe Gitlab::Utils do end end end + + describe '.deep_indifferent_access' do + let(:hash) do + { "variables" => [{ "key" => "VAR1", "value" => "VALUE2" }] } + end + + subject { described_class.deep_indifferent_access(hash) } + + it 'allows to access hash keys with symbols' do + expect(subject[:variables]).to be_a(Array) + end + + it 'allows to access array keys with symbols' do + expect(subject[:variables].first[:key]).to eq('VAR1') + end + end end diff --git a/spec/lib/serializers/json_spec.rb b/spec/lib/serializers/json_spec.rb new file mode 100644 index 00000000000..5d59d66e8b8 --- /dev/null +++ b/spec/lib/serializers/json_spec.rb @@ -0,0 +1,102 @@ +require 'fast_spec_helper' + +describe Serializers::JSON do + describe '.dump' do + let(:obj) { { key: "value" } } + + subject { described_class.dump(obj) } + + context 'when MySQL is used' do + before do + allow(Gitlab::Database).to receive(:adapter_name) { 'mysql2' } + end + + it 'encodes as string' do + is_expected.to eq('{"key":"value"}') + end + end + + context 'when PostgreSQL is used' do + before do + allow(Gitlab::Database).to receive(:adapter_name) { 'postgresql' } + end + + it 'returns a hash' do + is_expected.to eq(obj) + end + end + end + + describe '.load' do + let(:data_string) { '{"key":"value","variables":[{"key":"VAR1","value":"VALUE1"}]}' } + let(:data_hash) { JSON.parse(data_string) } + + shared_examples 'having consistent accessor' do + it 'allows to access with symbols' do + expect(subject[:key]).to eq('value') + expect(subject[:variables].first[:key]).to eq('VAR1') + end + + it 'allows to access with strings' do + expect(subject["key"]).to eq('value') + expect(subject["variables"].first["key"]).to eq('VAR1') + end + end + + context 'when MySQL is used' do + before do + allow(Gitlab::Database).to receive(:adapter_name) { 'mysql2' } + end + + context 'when loading a string' do + subject { described_class.load(data_string) } + + it 'decodes a string' do + is_expected.to be_a(Hash) + end + + it_behaves_like 'having consistent accessor' + end + + context 'when loading a different type' do + subject { described_class.load({ key: 'hash' }) } + + it 'raises an exception' do + expect { subject }.to raise_error(TypeError) + end + end + + context 'when loading a nil' do + subject { described_class.load(nil) } + + it 'returns nil' do + is_expected.to be_nil + end + end + end + + context 'when PostgreSQL is used' do + before do + allow(Gitlab::Database).to receive(:adapter_name) { 'postgresql' } + end + + context 'when loading a hash' do + subject { described_class.load(data_hash) } + + it 'decodes a string' do + is_expected.to be_a(Hash) + end + + it_behaves_like 'having consistent accessor' + end + + context 'when loading a nil' do + subject { described_class.load(nil) } + + it 'returns nil' do + is_expected.to be_nil + end + end + end + end +end diff --git a/spec/migrations/delete_inconsistent_internal_id_records_spec.rb b/spec/migrations/delete_inconsistent_internal_id_records_spec.rb index 8c55daf0d37..51291cb362a 100644 --- a/spec/migrations/delete_inconsistent_internal_id_records_spec.rb +++ b/spec/migrations/delete_inconsistent_internal_id_records_spec.rb @@ -90,6 +90,13 @@ describe DeleteInconsistentInternalIdRecords, :migration do context 'for ci_pipelines' do let(:scope) { :ci_pipeline } + + let(:create_models) do + create_list(:ci_empty_pipeline, 3, project: project1) + create_list(:ci_empty_pipeline, 3, project: project2) + create_list(:ci_empty_pipeline, 3, project: project3) + end + it_behaves_like 'deleting inconsistent internal_id records' end diff --git a/spec/models/ci/build_metadata_spec.rb b/spec/models/ci/build_metadata_spec.rb index 519968b9e48..016a5899eef 100644 --- a/spec/models/ci/build_metadata_spec.rb +++ b/spec/models/ci/build_metadata_spec.rb @@ -13,12 +13,12 @@ describe Ci::BuildMetadata do end let(:build) { create(:ci_build, pipeline: pipeline) } - let(:build_metadata) { build.metadata } + let(:metadata) { build.metadata } it_behaves_like 'having unique enum values' describe '#update_timeout_state' do - subject { build_metadata } + subject { metadata } context 'when runner is not assigned to the job' do it "doesn't change timeout value" do diff --git a/spec/models/ci/build_spec.rb b/spec/models/ci/build_spec.rb index 7baf4d93804..7e9f62b7419 100644 --- a/spec/models/ci/build_spec.rb +++ b/spec/models/ci/build_spec.rb @@ -1457,8 +1457,24 @@ describe Ci::Build do context 'with retries max config option' do subject { create(:ci_build, options: { retry: { max: 1 } }) } - it 'returns the number of configured max retries' do - expect(subject.retries_max).to eq 1 + context 'when build_metadata_config is set' do + before do + stub_feature_flags(ci_build_metadata_config: true) + end + + it 'returns the number of configured max retries' do + expect(subject.retries_max).to eq 1 + end + end + + context 'when build_metadata_config is not set' do + before do + stub_feature_flags(ci_build_metadata_config: false) + end + + it 'returns the number of configured max retries' do + expect(subject.retries_max).to eq 1 + end end end @@ -1679,14 +1695,49 @@ describe Ci::Build do let(:options) do { image: "ruby:2.1", - services: [ - "postgres" - ] + services: ["postgres"], + script: ["ls -a"] } end it 'contains options' do - expect(build.options).to eq(options) + expect(build.options).to eq(options.stringify_keys) + end + + it 'allows to access with keys' do + expect(build.options[:image]).to eq('ruby:2.1') + end + + it 'allows to access with strings' do + expect(build.options['image']).to eq('ruby:2.1') + end + + context 'when ci_build_metadata_config is set' do + before do + stub_feature_flags(ci_build_metadata_config: true) + end + + it 'persist data in build metadata' do + expect(build.metadata.read_attribute(:config_options)).to eq(options.stringify_keys) + end + + it 'does not persist data in build' do + expect(build.read_attribute(:options)).to be_nil + end + end + + context 'when ci_build_metadata_config is disabled' do + before do + stub_feature_flags(ci_build_metadata_config: false) + end + + it 'persist data in build' do + expect(build.read_attribute(:options)).to eq(options.symbolize_keys) + end + + it 'does not persist data in build metadata' do + expect(build.metadata.read_attribute(:config_options)).to be_nil + end end end @@ -2030,56 +2081,6 @@ describe Ci::Build do end end - describe '#when' do - subject { build.when } - - context 'when `when` is undefined' do - before do - build.when = nil - end - - context 'use from gitlab-ci.yml' do - let(:project) { create(:project, :repository) } - let(:pipeline) { create(:ci_pipeline, project: project) } - - before do - stub_ci_pipeline_yaml_file(config) - end - - context 'when config is not found' do - let(:config) { nil } - - it { is_expected.to eq('on_success') } - end - - context 'when config does not have a questioned job' do - let(:config) do - YAML.dump({ - test_other: { - script: 'Hello World' - } - }) - end - - it { is_expected.to eq('on_success') } - end - - context 'when config has `when`' do - let(:config) do - YAML.dump({ - test: { - script: 'Hello World', - when: 'always' - } - }) - end - - it { is_expected.to eq('always') } - end - end - end - end - describe '#variables' do let(:container_registry_enabled) { false } @@ -2148,62 +2149,6 @@ describe Ci::Build do it { is_expected.to include(*predefined_variables) } - context 'when yaml variables are undefined' do - let(:pipeline) do - create(:ci_pipeline, project: project, - sha: project.commit.id, - ref: project.default_branch) - end - - before do - build.yaml_variables = nil - end - - context 'use from gitlab-ci.yml' do - before do - stub_ci_pipeline_yaml_file(config) - end - - context 'when config is not found' do - let(:config) { nil } - - it { is_expected.to include(*predefined_variables) } - end - - context 'when config does not have a questioned job' do - let(:config) do - YAML.dump({ - test_other: { - script: 'Hello World' - } - }) - end - - it { is_expected.to include(*predefined_variables) } - end - - context 'when config has variables' do - let(:config) do - YAML.dump({ - test: { - script: 'Hello World', - variables: { - KEY: 'value' - } - } - }) - end - - let(:variables) do - [{ key: 'KEY', value: 'value', public: true }] - end - - it { is_expected.to include(*predefined_variables) } - it { is_expected.to include(*variables) } - end - end - end - describe 'variables ordering' do context 'when variables hierarchy is stubbed' do let(:build_pre_var) { { key: 'build', value: 'value', public: true } } @@ -2792,29 +2737,53 @@ describe Ci::Build do end describe '#yaml_variables' do - before do - build.update_attribute(:yaml_variables, variables) + let(:build) { create(:ci_build, pipeline: pipeline, yaml_variables: variables) } + + let(:variables) do + [ + { 'key' => :VARIABLE, 'value' => 'my value' }, + { 'key' => 'VARIABLE2', 'value' => 'my value 2' } + ] end - context 'when serialized valu is a symbolized hash' do - let(:variables) do - [{ key: :VARIABLE, value: 'my value 1' }] + shared_examples 'having consistent representation' do + it 'allows to access using symbols' do + expect(build.reload.yaml_variables.first[:key]).to eq('VARIABLE') + expect(build.reload.yaml_variables.first[:value]).to eq('my value') + expect(build.reload.yaml_variables.second[:key]).to eq('VARIABLE2') + expect(build.reload.yaml_variables.second[:value]).to eq('my value 2') end + end + + context 'when ci_build_metadata_config is set' do + before do + stub_feature_flags(ci_build_metadata_config: true) + end + + it_behaves_like 'having consistent representation' - it 'keeps symbolizes keys and stringifies variables names' do - expect(build.yaml_variables) - .to eq [{ key: 'VARIABLE', value: 'my value 1' }] + it 'persist data in build metadata' do + expect(build.metadata.read_attribute(:config_variables)).not_to be_nil + end + + it 'does not persist data in build' do + expect(build.read_attribute(:yaml_variables)).to be_nil end end - context 'when serialized value is a hash with string keys' do - let(:variables) do - [{ 'key' => :VARIABLE, 'value' => 'my value 2' }] + context 'when ci_build_metadata_config is disabled' do + before do + stub_feature_flags(ci_build_metadata_config: false) end - it 'symblizes variables hash' do - expect(build.yaml_variables) - .to eq [{ key: 'VARIABLE', value: 'my value 2' }] + it_behaves_like 'having consistent representation' + + it 'persist data in build' do + expect(build.read_attribute(:yaml_variables)).not_to be_nil + end + + it 'does not persist data in build metadata' do + expect(build.metadata.read_attribute(:config_variables)).to be_nil end end end @@ -2986,7 +2955,7 @@ describe Ci::Build do end context 'when build is configured to be retried' do - subject { create(:ci_build, :running, options: { retry: { max: 3 } }, project: project, user: user) } + subject { create(:ci_build, :running, options: { script: ["ls -al"], retry: 3 }, project: project, user: user) } it 'retries build and assigns the same user to it' do expect(described_class).to receive(:retry) @@ -3475,6 +3444,23 @@ describe Ci::Build do end end + describe 'degenerate!' do + let(:build) { create(:ci_build) } + + subject { build.degenerate! } + + before do + build.ensure_metadata + end + + it 'drops metadata' do + subject + + expect(build.reload).to be_degenerated + expect(build.metadata).to be_nil + end + end + describe '#archived?' do context 'when build is degenerated' do subject { create(:ci_build, :degenerated) } @@ -3502,4 +3488,97 @@ describe Ci::Build do end end end + + describe '#read_metadata_attribute' do + let(:build) { create(:ci_build, :degenerated) } + let(:build_options) { { "key" => "build" } } + let(:metadata_options) { { "key" => "metadata" } } + let(:default_options) { { "key" => "default" } } + + subject { build.send(:read_metadata_attribute, :options, :config_options, default_options) } + + context 'when build and metadata options is set' do + before do + build.write_attribute(:options, build_options) + build.ensure_metadata.write_attribute(:config_options, metadata_options) + end + + it 'prefers build options' do + is_expected.to eq(build_options) + end + end + + context 'when only metadata options is set' do + before do + build.write_attribute(:options, nil) + build.ensure_metadata.write_attribute(:config_options, metadata_options) + end + + it 'returns metadata options' do + is_expected.to eq(metadata_options) + end + end + + context 'when none is set' do + it 'returns default value' do + is_expected.to eq(default_options) + end + end + end + + describe '#write_metadata_attribute' do + let(:build) { create(:ci_build, :degenerated) } + let(:options) { { "key" => "new options" } } + let(:existing_options) { { "key" => "existing options" } } + + subject { build.send(:write_metadata_attribute, :options, :config_options, options) } + + context 'when ci_build_metadata_config is set' do + before do + stub_feature_flags(ci_build_metadata_config: true) + end + + context 'when data in build is already set' do + before do + build.write_attribute(:options, existing_options) + end + + it 'does set metadata options' do + subject + + expect(build.metadata.read_attribute(:config_options)).to eq(options) + end + + it 'does reset build options' do + subject + + expect(build.read_attribute(:options)).to be_nil + end + end + end + + context 'when ci_build_metadata_config is disabled' do + before do + stub_feature_flags(ci_build_metadata_config: false) + end + + context 'when data in build metadata is already set' do + before do + build.ensure_metadata.write_attribute(:config_options, existing_options) + end + + it 'does set metadata options' do + subject + + expect(build.read_attribute(:options)).to eq(options) + end + + it 'does reset build options' do + subject + + expect(build.metadata.read_attribute(:config_options)).to be_nil + end + end + end + end end diff --git a/spec/requests/api/runner_spec.rb b/spec/requests/api/runner_spec.rb index 2f322cc7054..ec48bf60426 100644 --- a/spec/requests/api/runner_spec.rb +++ b/spec/requests/api/runner_spec.rb @@ -287,7 +287,7 @@ describe API::Runner, :clean_gitlab_redis_shared_state do let(:runner) { create(:ci_runner, :project, projects: [project]) } let(:job) do create(:ci_build, :artifacts, :extended_options, - pipeline: pipeline, name: 'spinach', stage: 'test', stage_idx: 0, commands: "ls\ndate") + pipeline: pipeline, name: 'spinach', stage: 'test', stage_idx: 0) end describe 'POST /api/v4/jobs/request' do @@ -422,7 +422,7 @@ describe API::Runner, :clean_gitlab_redis_shared_state do let(:expected_steps) do [{ 'name' => 'script', - 'script' => %w(ls date), + 'script' => %w(echo), 'timeout' => job.metadata_timeout, 'when' => 'on_success', 'allow_failure' => false }, @@ -588,7 +588,7 @@ describe API::Runner, :clean_gitlab_redis_shared_state do let!(:test_job) do create(:ci_build, pipeline: pipeline, token: 'test-job-token', name: 'deploy', stage: 'deploy', stage_idx: 1, - options: { dependencies: [job2.name] }) + options: { script: ['bash'], dependencies: [job2.name] }) end before do @@ -612,7 +612,7 @@ describe API::Runner, :clean_gitlab_redis_shared_state do let!(:empty_dependencies_job) do create(:ci_build, pipeline: pipeline, token: 'test-job-token', name: 'empty_dependencies_job', stage: 'deploy', stage_idx: 1, - options: { dependencies: [] }) + options: { script: ['bash'], dependencies: [] }) end before do diff --git a/spec/services/ci/process_pipeline_service_spec.rb b/spec/services/ci/process_pipeline_service_spec.rb index 538992b621e..7ce7d2d882a 100644 --- a/spec/services/ci/process_pipeline_service_spec.rb +++ b/spec/services/ci/process_pipeline_service_spec.rb @@ -671,9 +671,9 @@ describe Ci::ProcessPipelineService, '#execute' do context 'when builds with auto-retries are configured' do before do - create_build('build:1', stage_idx: 0, user: user, options: { retry: { max: 2 } }) + create_build('build:1', stage_idx: 0, user: user, options: { script: 'aa', retry: 2 }) create_build('test:1', stage_idx: 1, user: user, when: :on_failure) - create_build('test:2', stage_idx: 1, user: user, options: { retry: { max: 1 } }) + create_build('test:2', stage_idx: 1, user: user, options: { script: 'aa', retry: 1 }) end it 'automatically retries builds in a valid order' do @@ -770,7 +770,7 @@ describe Ci::ProcessPipelineService, '#execute' do end def delayed_options - { when: 'delayed', options: { start_in: '1 minute' } } + { when: 'delayed', options: { script: %w(echo), start_in: '1 minute' } } end def unschedule diff --git a/spec/services/ci/register_job_service_spec.rb b/spec/services/ci/register_job_service_spec.rb index 9d65ac15213..20181387612 100644 --- a/spec/services/ci/register_job_service_spec.rb +++ b/spec/services/ci/register_job_service_spec.rb @@ -460,7 +460,12 @@ module Ci end let!(:pre_stage_job) { create(:ci_build, :success, pipeline: pipeline, name: 'test', stage_idx: 0) } - let!(:pending_job) { create(:ci_build, :pending, pipeline: pipeline, stage_idx: 1, options: { dependencies: ['test'] } ) } + + let!(:pending_job) do + create(:ci_build, :pending, + pipeline: pipeline, stage_idx: 1, + options: { script: ["bash"], dependencies: ['test'] }) + end subject { execute(specific_runner) } -- GitLab From de9713ed875057941006433dc265533fc56415b8 Mon Sep 17 00:00:00 2001 From: Tim Zallmann Date: Fri, 4 Jan 2019 16:51:19 +0100 Subject: [PATCH 18/63] Show User Popovers on Snippets Page --- app/views/shared/snippets/_snippet.html.haml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/views/shared/snippets/_snippet.html.haml b/app/views/shared/snippets/_snippet.html.haml index 5069e2e4ca6..42af97bc6af 100644 --- a/app/views/shared/snippets/_snippet.html.haml +++ b/app/views/shared/snippets/_snippet.html.haml @@ -25,7 +25,7 @@ #{snippet.to_reference} · authored #{time_ago_with_tooltip(snippet.created_at, placement: 'bottom', html_class: 'snippet-created-ago')} by - = link_to user_snippets_path(snippet.author) do + = link_to user_snippets_path(snippet.author), class: "js-user-link", data: { user_id: snippet.author.id } do = snippet.author_name - if link_project && snippet.project_id? %span.d-none.d-sm-inline-block -- GitLab From 89e0deb5b85ead3907139b7978a3d443f2f70d8a Mon Sep 17 00:00:00 2001 From: Tim Zallmann Date: Fri, 4 Jan 2019 16:55:45 +0100 Subject: [PATCH 19/63] Added Changelog for new Popovers --- ...4981-extended-user-centric-tooltips-add-missing-cases.yml | 5 +++++ 1 file changed, 5 insertions(+) create mode 100644 changelogs/unreleased/54981-extended-user-centric-tooltips-add-missing-cases.yml diff --git a/changelogs/unreleased/54981-extended-user-centric-tooltips-add-missing-cases.yml b/changelogs/unreleased/54981-extended-user-centric-tooltips-add-missing-cases.yml new file mode 100644 index 00000000000..25ae6d88428 --- /dev/null +++ b/changelogs/unreleased/54981-extended-user-centric-tooltips-add-missing-cases.yml @@ -0,0 +1,5 @@ +--- +title: User Popovers for Commit Infos, Member Lists and Snippets +merge_request: 24132 +author: +type: added -- GitLab From c4e491909b4fbf6282ab818cff19e9a928561d3d Mon Sep 17 00:00:00 2001 From: Tim Zallmann Date: Fri, 4 Jan 2019 16:59:03 +0100 Subject: [PATCH 20/63] Added Class check to commits helper Spec --- spec/helpers/commits_helper_spec.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/spec/helpers/commits_helper_spec.rb b/spec/helpers/commits_helper_spec.rb index 9c0e55739d6..824b3ab4fc1 100644 --- a/spec/helpers/commits_helper_spec.rb +++ b/spec/helpers/commits_helper_spec.rb @@ -21,7 +21,7 @@ describe CommitsHelper do expect(helper.commit_author_link(commit)) .to include('Foo <script>') expect(helper.commit_author_link(commit, avatar: true)) - .to include('commit-author-name', 'Foo <script>') + .to include('commit-author-name', 'js-user-link', 'Foo <script>') end end -- GitLab From a5c2d26a2c2d77d6da38239b4b5dc0e52f09b984 Mon Sep 17 00:00:00 2001 From: Tim Zallmann Date: Fri, 4 Jan 2019 18:32:30 +0100 Subject: [PATCH 21/63] Fixed Linting Issue --- app/helpers/commits_helper.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/helpers/commits_helper.rb b/app/helpers/commits_helper.rb index 7abd355287f..04cf16607da 100644 --- a/app/helpers/commits_helper.rb +++ b/app/helpers/commits_helper.rb @@ -154,7 +154,7 @@ module CommitsHelper if user.nil? mail_to(source_email, text, link_options) else - link_to(text, user_path(user), {class: "commit-#{options[:source]}-link js-user-link",data: {user_id: user.id}}) + link_to(text, user_path(user), { class: "commit-#{options[:source]}-link js-user-link", data: { user_id: user.id }}) end end -- GitLab From 9c543a55f30ceb32c1b8f3cc53c58cd71d41d3c7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kamil=20Trzci=C5=84ski?= Date: Tue, 4 Dec 2018 17:16:49 +0100 Subject: [PATCH 22/63] Support new report syntax for common vulnerabilities This MR also removes other reports and uses one common set of fixtures for all test types. --- .../gl-dependency-scanning-report.json | 178 ++ .../deprecated/gl-sast-report.json | 944 +++++++++ .../security-reports/feature-branch.zip | Bin 7163 -> 7140 bytes .../gl-dependency-scanning-report.json | 337 +-- .../gl-license-management-report.json | 222 +- .../feature-branch/gl-sast-report.json | 1825 +++++++++-------- spec/fixtures/security-reports/master.zip | Bin 6710 -> 9413 bytes .../master/gl-dependency-scanning-report.json | 337 +-- .../master/gl-license-management-report.json | 705 ++++++- .../master/gl-sast-report.json | 1825 +++++++++-------- 10 files changed, 3987 insertions(+), 2386 deletions(-) create mode 100644 spec/fixtures/security-reports/deprecated/gl-dependency-scanning-report.json create mode 100644 spec/fixtures/security-reports/deprecated/gl-sast-report.json diff --git a/spec/fixtures/security-reports/deprecated/gl-dependency-scanning-report.json b/spec/fixtures/security-reports/deprecated/gl-dependency-scanning-report.json new file mode 100644 index 00000000000..ce66f562175 --- /dev/null +++ b/spec/fixtures/security-reports/deprecated/gl-dependency-scanning-report.json @@ -0,0 +1,178 @@ +[ + { + "category": "dependency_scanning", + "name": "io.netty/netty - CVE-2014-3488", + "message": "DoS by CPU exhaustion when using malicious SSL packets", + "cve": "app/pom.xml:io.netty/netty@3.9.1.Final:CVE-2014-3488", + "severity": "Unknown", + "solution": "Upgrade to the latest version", + "scanner": { + "id": "gemnasium", + "name": "Gemnasium" + }, + "location": { + "file": "app/pom.xml", + "dependency": { + "package": { + "name": "io.netty/netty" + }, + "version": "3.9.1.Final" + } + }, + "identifiers": [ + { + "type": "gemnasium", + "name": "Gemnasium-d1bf36d9-9f07-46cd-9cfc-8675338ada8f", + "value": "d1bf36d9-9f07-46cd-9cfc-8675338ada8f", + "url": "https://deps.sec.gitlab.com/packages/maven/io.netty/netty/versions/3.9.1.Final/advisories" + }, + { + "type": "cve", + "name": "CVE-2014-3488", + "value": "CVE-2014-3488", + "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3488" + } + ], + "links": [ + { + "url": "https://bugzilla.redhat.com/CVE-2014-3488" + }, + { + "url": "http://netty.io/news/2014/06/11/3.html" + }, + { + "url": "https://github.com/netty/netty/issues/2562" + } + ], + "priority": "Unknown", + "file": "app/pom.xml", + "url": "https://bugzilla.redhat.com/CVE-2014-3488", + "tool": "gemnasium" + }, + { + "category": "dependency_scanning", + "name": "Django - CVE-2017-12794", + "message": "Possible XSS in traceback section of technical 500 debug page", + "cve": "app/requirements.txt:Django@1.11.3:CVE-2017-12794", + "severity": "Unknown", + "solution": "Upgrade to latest version or apply patch.", + "scanner": { + "id": "gemnasium", + "name": "Gemnasium" + }, + "location": { + "file": "app/requirements.txt", + "dependency": { + "package": { + "name": "Django" + }, + "version": "1.11.3" + } + }, + "identifiers": [ + { + "type": "gemnasium", + "name": "Gemnasium-6162a015-8635-4a15-8d7c-dc9321db366f", + "value": "6162a015-8635-4a15-8d7c-dc9321db366f", + "url": "https://deps.sec.gitlab.com/packages/pypi/Django/versions/1.11.3/advisories" + }, + { + "type": "cve", + "name": "CVE-2017-12794", + "value": "CVE-2017-12794", + "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12794" + } + ], + "links": [ + { + "url": "https://www.djangoproject.com/weblog/2017/sep/05/security-releases/" + } + ], + "priority": "Unknown", + "file": "app/requirements.txt", + "url": "https://www.djangoproject.com/weblog/2017/sep/05/security-releases/", + "tool": "gemnasium" + }, + { + "category": "dependency_scanning", + "name": "nokogiri - USN-3424-1", + "message": "Vulnerabilities in libxml2", + "cve": "rails/Gemfile.lock:nokogiri@1.8.0:USN-3424-1", + "severity": "Unknown", + "solution": "Upgrade to latest version.", + "scanner": { + "id": "gemnasium", + "name": "Gemnasium" + }, + "location": { + "file": "rails/Gemfile.lock", + "dependency": { + "package": { + "name": "nokogiri" + }, + "version": "1.8.0" + } + }, + "identifiers": [ + { + "type": "gemnasium", + "name": "Gemnasium-06565b64-486d-4326-b906-890d9915804d", + "value": "06565b64-486d-4326-b906-890d9915804d", + "url": "https://deps.sec.gitlab.com/packages/gem/nokogiri/versions/1.8.0/advisories" + }, + { + "type": "usn", + "name": "USN-3424-1", + "value": "USN-3424-1", + "url": "https://usn.ubuntu.com/3424-1/" + } + ], + "links": [ + { + "url": "https://github.com/sparklemotion/nokogiri/issues/1673" + } + ], + "priority": "Unknown", + "file": "rails/Gemfile.lock", + "url": "https://github.com/sparklemotion/nokogiri/issues/1673", + "tool": "gemnasium" + }, + { + "category": "dependency_scanning", + "name": "ffi - CVE-2018-1000201", + "message": "ruby-ffi DDL loading issue on Windows OS", + "cve": "ffi:1.9.18:CVE-2018-1000201", + "severity": "High", + "solution": "upgrade to \u003e= 1.9.24", + "scanner": { + "id": "bundler_audit", + "name": "bundler-audit" + }, + "location": { + "file": "sast-sample-rails/Gemfile.lock", + "dependency": { + "package": { + "name": "ffi" + }, + "version": "1.9.18" + } + }, + "identifiers": [ + { + "type": "cve", + "name": "CVE-2018-1000201", + "value": "CVE-2018-1000201", + "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000201" + } + ], + "links": [ + { + "url": "https://github.com/ffi/ffi/releases/tag/1.9.24" + } + ], + "priority": "High", + "file": "sast-sample-rails/Gemfile.lock", + "url": "https://github.com/ffi/ffi/releases/tag/1.9.24", + "tool": "bundler_audit" + } +] diff --git a/spec/fixtures/security-reports/deprecated/gl-sast-report.json b/spec/fixtures/security-reports/deprecated/gl-sast-report.json new file mode 100644 index 00000000000..a85b9be8b5f --- /dev/null +++ b/spec/fixtures/security-reports/deprecated/gl-sast-report.json @@ -0,0 +1,944 @@ +[ + { + "category": "sast", + "message": "Probable insecure usage of temp file/directory.", + "cve": "python/hardcoded/hardcoded-tmp.py:52865813c884a507be1f152d654245af34aba8a391626d01f1ab6d3f52ec8779:B108", + "severity": "Medium", + "confidence": "Medium", + "scanner": { + "id": "bandit", + "name": "Bandit" + }, + "location": { + "file": "python/hardcoded/hardcoded-tmp.py", + "start_line": 1, + "end_line": 1 + }, + "identifiers": [ + { + "type": "bandit_test_id", + "name": "Bandit Test ID B108", + "value": "B108", + "url": "https://docs.openstack.org/bandit/latest/plugins/b108_hardcoded_tmp_directory.html" + } + ], + "priority": "Medium", + "file": "python/hardcoded/hardcoded-tmp.py", + "line": 1, + "url": "https://docs.openstack.org/bandit/latest/plugins/b108_hardcoded_tmp_directory.html", + "tool": "bandit" + }, + { + "category": "sast", + "name": "Predictable pseudorandom number generator", + "message": "Predictable pseudorandom number generator", + "cve": "groovy/src/main/java/com/gitlab/security_products/tests/App.groovy:47:PREDICTABLE_RANDOM", + "severity": "Medium", + "confidence": "Medium", + "scanner": { + "id": "find_sec_bugs", + "name": "Find Security Bugs" + }, + "location": { + "file": "groovy/src/main/java/com/gitlab/security_products/tests/App.groovy", + "start_line": 47, + "end_line": 47, + "class": "com.gitlab.security_products.tests.App", + "method": "generateSecretToken2" + }, + "identifiers": [ + { + "type": "find_sec_bugs_type", + "name": "Find Security Bugs-PREDICTABLE_RANDOM", + "value": "PREDICTABLE_RANDOM", + "url": "https://find-sec-bugs.github.io/bugs.htm#PREDICTABLE_RANDOM" + } + ], + "priority": "Medium", + "file": "groovy/src/main/java/com/gitlab/security_products/tests/App.groovy", + "line": 47, + "url": "https://find-sec-bugs.github.io/bugs.htm#PREDICTABLE_RANDOM", + "tool": "find_sec_bugs" + }, + { + "category": "sast", + "name": "Predictable pseudorandom number generator", + "message": "Predictable pseudorandom number generator", + "cve": "groovy/src/main/java/com/gitlab/security_products/tests/App.groovy:41:PREDICTABLE_RANDOM", + "severity": "Medium", + "confidence": "Medium", + "scanner": { + "id": "find_sec_bugs", + "name": "Find Security Bugs" + }, + "location": { + "file": "groovy/src/main/java/com/gitlab/security_products/tests/App.groovy", + "start_line": 41, + "end_line": 41, + "class": "com.gitlab.security_products.tests.App", + "method": "generateSecretToken1" + }, + "identifiers": [ + { + "type": "find_sec_bugs_type", + "name": "Find Security Bugs-PREDICTABLE_RANDOM", + "value": "PREDICTABLE_RANDOM", + "url": "https://find-sec-bugs.github.io/bugs.htm#PREDICTABLE_RANDOM" + } + ], + "priority": "Medium", + "file": "groovy/src/main/java/com/gitlab/security_products/tests/App.groovy", + "line": 41, + "url": "https://find-sec-bugs.github.io/bugs.htm#PREDICTABLE_RANDOM", + "tool": "find_sec_bugs" + }, + { + "category": "sast", + "message": "Use of insecure MD2, MD4, or MD5 hash function.", + "cve": "python/imports/imports-aliases.py:cb203b465dffb0cb3a8e8bd8910b84b93b0a5995a938e4b903dbb0cd6ffa1254:B303", + "severity": "Medium", + "confidence": "High", + "scanner": { + "id": "bandit", + "name": "Bandit" + }, + "location": { + "file": "python/imports/imports-aliases.py", + "start_line": 11, + "end_line": 11 + }, + "identifiers": [ + { + "type": "bandit_test_id", + "name": "Bandit Test ID B303", + "value": "B303" + } + ], + "priority": "Medium", + "file": "python/imports/imports-aliases.py", + "line": 11, + "tool": "bandit" + }, + { + "category": "sast", + "message": "Use of insecure MD2, MD4, or MD5 hash function.", + "cve": "python/imports/imports-aliases.py:a7173c43ae66bd07466632d819d450e0071e02dbf782763640d1092981f9631b:B303", + "severity": "Medium", + "confidence": "High", + "scanner": { + "id": "bandit", + "name": "Bandit" + }, + "location": { + "file": "python/imports/imports-aliases.py", + "start_line": 12, + "end_line": 12 + }, + "identifiers": [ + { + "type": "bandit_test_id", + "name": "Bandit Test ID B303", + "value": "B303" + } + ], + "priority": "Medium", + "file": "python/imports/imports-aliases.py", + "line": 12, + "tool": "bandit" + }, + { + "category": "sast", + "message": "Use of insecure MD2, MD4, or MD5 hash function.", + "cve": "python/imports/imports-aliases.py:017017b77deb0b8369b6065947833eeea752a92ec8a700db590fece3e934cf0d:B303", + "severity": "Medium", + "confidence": "High", + "scanner": { + "id": "bandit", + "name": "Bandit" + }, + "location": { + "file": "python/imports/imports-aliases.py", + "start_line": 13, + "end_line": 13 + }, + "identifiers": [ + { + "type": "bandit_test_id", + "name": "Bandit Test ID B303", + "value": "B303" + } + ], + "priority": "Medium", + "file": "python/imports/imports-aliases.py", + "line": 13, + "tool": "bandit" + }, + { + "category": "sast", + "message": "Use of insecure MD2, MD4, or MD5 hash function.", + "cve": "python/imports/imports-aliases.py:45fc8c53aea7b84f06bc4e590cc667678d6073c4c8a1d471177ca2146fb22db2:B303", + "severity": "Medium", + "confidence": "High", + "scanner": { + "id": "bandit", + "name": "Bandit" + }, + "location": { + "file": "python/imports/imports-aliases.py", + "start_line": 14, + "end_line": 14 + }, + "identifiers": [ + { + "type": "bandit_test_id", + "name": "Bandit Test ID B303", + "value": "B303" + } + ], + "priority": "Medium", + "file": "python/imports/imports-aliases.py", + "line": 14, + "tool": "bandit" + }, + { + "category": "sast", + "message": "Pickle library appears to be in use, possible security issue.", + "cve": "python/imports/imports-aliases.py:5f200d47291e7bbd8352db23019b85453ca048dd98ea0c291260fa7d009963a4:B301", + "severity": "Medium", + "confidence": "High", + "scanner": { + "id": "bandit", + "name": "Bandit" + }, + "location": { + "file": "python/imports/imports-aliases.py", + "start_line": 15, + "end_line": 15 + }, + "identifiers": [ + { + "type": "bandit_test_id", + "name": "Bandit Test ID B301", + "value": "B301" + } + ], + "priority": "Medium", + "file": "python/imports/imports-aliases.py", + "line": 15, + "tool": "bandit" + }, + { + "category": "sast", + "name": "ECB mode is insecure", + "message": "ECB mode is insecure", + "cve": "groovy/src/main/java/com/gitlab/security_products/tests/App.groovy:29:ECB_MODE", + "severity": "Medium", + "confidence": "High", + "scanner": { + "id": "find_sec_bugs", + "name": "Find Security Bugs" + }, + "location": { + "file": "groovy/src/main/java/com/gitlab/security_products/tests/App.groovy", + "start_line": 29, + "end_line": 29, + "class": "com.gitlab.security_products.tests.App", + "method": "insecureCypher" + }, + "identifiers": [ + { + "type": "find_sec_bugs_type", + "name": "Find Security Bugs-ECB_MODE", + "value": "ECB_MODE", + "url": "https://find-sec-bugs.github.io/bugs.htm#ECB_MODE" + } + ], + "priority": "Medium", + "file": "groovy/src/main/java/com/gitlab/security_products/tests/App.groovy", + "line": 29, + "url": "https://find-sec-bugs.github.io/bugs.htm#ECB_MODE", + "tool": "find_sec_bugs" + }, + { + "category": "sast", + "name": "Cipher with no integrity", + "message": "Cipher with no integrity", + "cve": "groovy/src/main/java/com/gitlab/security_products/tests/App.groovy:29:CIPHER_INTEGRITY", + "severity": "Medium", + "confidence": "High", + "scanner": { + "id": "find_sec_bugs", + "name": "Find Security Bugs" + }, + "location": { + "file": "groovy/src/main/java/com/gitlab/security_products/tests/App.groovy", + "start_line": 29, + "end_line": 29, + "class": "com.gitlab.security_products.tests.App", + "method": "insecureCypher" + }, + "identifiers": [ + { + "type": "find_sec_bugs_type", + "name": "Find Security Bugs-CIPHER_INTEGRITY", + "value": "CIPHER_INTEGRITY", + "url": "https://find-sec-bugs.github.io/bugs.htm#CIPHER_INTEGRITY" + } + ], + "priority": "Medium", + "file": "groovy/src/main/java/com/gitlab/security_products/tests/App.groovy", + "line": 29, + "url": "https://find-sec-bugs.github.io/bugs.htm#CIPHER_INTEGRITY", + "tool": "find_sec_bugs" + }, + { + "category": "sast", + "message": "Probable insecure usage of temp file/directory.", + "cve": "python/hardcoded/hardcoded-tmp.py:63dd4d626855555b816985d82c4614a790462a0a3ada89dc58eb97f9c50f3077:B108", + "severity": "Medium", + "confidence": "Medium", + "scanner": { + "id": "bandit", + "name": "Bandit" + }, + "location": { + "file": "python/hardcoded/hardcoded-tmp.py", + "start_line": 14, + "end_line": 14 + }, + "identifiers": [ + { + "type": "bandit_test_id", + "name": "Bandit Test ID B108", + "value": "B108", + "url": "https://docs.openstack.org/bandit/latest/plugins/b108_hardcoded_tmp_directory.html" + } + ], + "priority": "Medium", + "file": "python/hardcoded/hardcoded-tmp.py", + "line": 14, + "url": "https://docs.openstack.org/bandit/latest/plugins/b108_hardcoded_tmp_directory.html", + "tool": "bandit" + }, + { + "category": "sast", + "message": "Probable insecure usage of temp file/directory.", + "cve": "python/hardcoded/hardcoded-tmp.py:4ad6d4c40a8c263fc265f3384724014e0a4f8dd6200af83e51ff120420038031:B108", + "severity": "Medium", + "confidence": "Medium", + "scanner": { + "id": "bandit", + "name": "Bandit" + }, + "location": { + "file": "python/hardcoded/hardcoded-tmp.py", + "start_line": 10, + "end_line": 10 + }, + "identifiers": [ + { + "type": "bandit_test_id", + "name": "Bandit Test ID B108", + "value": "B108", + "url": "https://docs.openstack.org/bandit/latest/plugins/b108_hardcoded_tmp_directory.html" + } + ], + "priority": "Medium", + "file": "python/hardcoded/hardcoded-tmp.py", + "line": 10, + "url": "https://docs.openstack.org/bandit/latest/plugins/b108_hardcoded_tmp_directory.html", + "tool": "bandit" + }, + { + "category": "sast", + "message": "Consider possible security implications associated with Popen module.", + "cve": "python/imports/imports-aliases.py:2c3e1fa1e54c3c6646e8bcfaee2518153c6799b77587ff8d9a7b0631f6d34785:B404", + "severity": "Low", + "confidence": "High", + "scanner": { + "id": "bandit", + "name": "Bandit" + }, + "location": { + "file": "python/imports/imports-aliases.py", + "start_line": 1, + "end_line": 1 + }, + "identifiers": [ + { + "type": "bandit_test_id", + "name": "Bandit Test ID B404", + "value": "B404" + } + ], + "priority": "Low", + "file": "python/imports/imports-aliases.py", + "line": 1, + "tool": "bandit" + }, + { + "category": "sast", + "message": "Consider possible security implications associated with pickle module.", + "cve": "python/imports/imports.py:af58d07f6ad519ef5287fcae65bf1a6999448a1a3a8bc1ac2a11daa80d0b96bf:B403", + "severity": "Low", + "confidence": "High", + "scanner": { + "id": "bandit", + "name": "Bandit" + }, + "location": { + "file": "python/imports/imports.py", + "start_line": 2, + "end_line": 2 + }, + "identifiers": [ + { + "type": "bandit_test_id", + "name": "Bandit Test ID B403", + "value": "B403" + } + ], + "priority": "Low", + "file": "python/imports/imports.py", + "line": 2, + "tool": "bandit" + }, + { + "category": "sast", + "message": "Consider possible security implications associated with subprocess module.", + "cve": "python/imports/imports.py:8de9bc98029d212db530785a5f6780cfa663548746ff228ab8fa96c5bb82f089:B404", + "severity": "Low", + "confidence": "High", + "scanner": { + "id": "bandit", + "name": "Bandit" + }, + "location": { + "file": "python/imports/imports.py", + "start_line": 4, + "end_line": 4 + }, + "identifiers": [ + { + "type": "bandit_test_id", + "name": "Bandit Test ID B404", + "value": "B404" + } + ], + "priority": "Low", + "file": "python/imports/imports.py", + "line": 4, + "tool": "bandit" + }, + { + "category": "sast", + "message": "Possible hardcoded password: 'blerg'", + "cve": "python/hardcoded/hardcoded-passwords.py:97c30f1d76d2a88913e3ce9ae74087874d740f87de8af697a9c455f01119f633:B106", + "severity": "Low", + "confidence": "Medium", + "scanner": { + "id": "bandit", + "name": "Bandit" + }, + "location": { + "file": "python/hardcoded/hardcoded-passwords.py", + "start_line": 22, + "end_line": 22 + }, + "identifiers": [ + { + "type": "bandit_test_id", + "name": "Bandit Test ID B106", + "value": "B106", + "url": "https://docs.openstack.org/bandit/latest/plugins/b106_hardcoded_password_funcarg.html" + } + ], + "priority": "Low", + "file": "python/hardcoded/hardcoded-passwords.py", + "line": 22, + "url": "https://docs.openstack.org/bandit/latest/plugins/b106_hardcoded_password_funcarg.html", + "tool": "bandit" + }, + { + "category": "sast", + "message": "Possible hardcoded password: 'root'", + "cve": "python/hardcoded/hardcoded-passwords.py:7431c73a0bc16d94ece2a2e75ef38f302574d42c37ac0c3c38ad0b3bf8a59f10:B105", + "severity": "Low", + "confidence": "Medium", + "scanner": { + "id": "bandit", + "name": "Bandit" + }, + "location": { + "file": "python/hardcoded/hardcoded-passwords.py", + "start_line": 5, + "end_line": 5 + }, + "identifiers": [ + { + "type": "bandit_test_id", + "name": "Bandit Test ID B105", + "value": "B105", + "url": "https://docs.openstack.org/bandit/latest/plugins/b105_hardcoded_password_string.html" + } + ], + "priority": "Low", + "file": "python/hardcoded/hardcoded-passwords.py", + "line": 5, + "url": "https://docs.openstack.org/bandit/latest/plugins/b105_hardcoded_password_string.html", + "tool": "bandit" + }, + { + "category": "sast", + "message": "Possible hardcoded password: ''", + "cve": "python/hardcoded/hardcoded-passwords.py:d2d1857c27caedd49c57bfbcdc23afcc92bd66a22701fcdc632869aab4ca73ee:B105", + "severity": "Low", + "confidence": "Medium", + "scanner": { + "id": "bandit", + "name": "Bandit" + }, + "location": { + "file": "python/hardcoded/hardcoded-passwords.py", + "start_line": 9, + "end_line": 9 + }, + "identifiers": [ + { + "type": "bandit_test_id", + "name": "Bandit Test ID B105", + "value": "B105", + "url": "https://docs.openstack.org/bandit/latest/plugins/b105_hardcoded_password_string.html" + } + ], + "priority": "Low", + "file": "python/hardcoded/hardcoded-passwords.py", + "line": 9, + "url": "https://docs.openstack.org/bandit/latest/plugins/b105_hardcoded_password_string.html", + "tool": "bandit" + }, + { + "category": "sast", + "message": "Possible hardcoded password: 'ajklawejrkl42348swfgkg'", + "cve": "python/hardcoded/hardcoded-passwords.py:fb3866215a61393a5c9c32a3b60e2058171a23219c353f722cbd3567acab21d2:B105", + "severity": "Low", + "confidence": "Medium", + "scanner": { + "id": "bandit", + "name": "Bandit" + }, + "location": { + "file": "python/hardcoded/hardcoded-passwords.py", + "start_line": 13, + "end_line": 13 + }, + "identifiers": [ + { + "type": "bandit_test_id", + "name": "Bandit Test ID B105", + "value": "B105", + "url": "https://docs.openstack.org/bandit/latest/plugins/b105_hardcoded_password_string.html" + } + ], + "priority": "Low", + "file": "python/hardcoded/hardcoded-passwords.py", + "line": 13, + "url": "https://docs.openstack.org/bandit/latest/plugins/b105_hardcoded_password_string.html", + "tool": "bandit" + }, + { + "category": "sast", + "message": "Possible hardcoded password: 'blerg'", + "cve": "python/hardcoded/hardcoded-passwords.py:63c62a8b7e1e5224439bd26b28030585ac48741e28ca64561a6071080c560a5f:B105", + "severity": "Low", + "confidence": "Medium", + "scanner": { + "id": "bandit", + "name": "Bandit" + }, + "location": { + "file": "python/hardcoded/hardcoded-passwords.py", + "start_line": 23, + "end_line": 23 + }, + "identifiers": [ + { + "type": "bandit_test_id", + "name": "Bandit Test ID B105", + "value": "B105", + "url": "https://docs.openstack.org/bandit/latest/plugins/b105_hardcoded_password_string.html" + } + ], + "priority": "Low", + "file": "python/hardcoded/hardcoded-passwords.py", + "line": 23, + "url": "https://docs.openstack.org/bandit/latest/plugins/b105_hardcoded_password_string.html", + "tool": "bandit" + }, + { + "category": "sast", + "message": "Possible hardcoded password: 'blerg'", + "cve": "python/hardcoded/hardcoded-passwords.py:4311b06d08df8fa58229b341c531da8e1a31ec4520597bdff920cd5c098d86f9:B105", + "severity": "Low", + "confidence": "Medium", + "scanner": { + "id": "bandit", + "name": "Bandit" + }, + "location": { + "file": "python/hardcoded/hardcoded-passwords.py", + "start_line": 24, + "end_line": 24 + }, + "identifiers": [ + { + "type": "bandit_test_id", + "name": "Bandit Test ID B105", + "value": "B105", + "url": "https://docs.openstack.org/bandit/latest/plugins/b105_hardcoded_password_string.html" + } + ], + "priority": "Low", + "file": "python/hardcoded/hardcoded-passwords.py", + "line": 24, + "url": "https://docs.openstack.org/bandit/latest/plugins/b105_hardcoded_password_string.html", + "tool": "bandit" + }, + { + "category": "sast", + "message": "Consider possible security implications associated with subprocess module.", + "cve": "python/imports/imports-function.py:5858400c2f39047787702de44d03361ef8d954c9d14bd54ee1c2bef9e6a7df93:B404", + "severity": "Low", + "confidence": "High", + "scanner": { + "id": "bandit", + "name": "Bandit" + }, + "location": { + "file": "python/imports/imports-function.py", + "start_line": 4, + "end_line": 4 + }, + "identifiers": [ + { + "type": "bandit_test_id", + "name": "Bandit Test ID B404", + "value": "B404" + } + ], + "priority": "Low", + "file": "python/imports/imports-function.py", + "line": 4, + "tool": "bandit" + }, + { + "category": "sast", + "message": "Consider possible security implications associated with pickle module.", + "cve": "python/imports/imports-function.py:dbda3cf4190279d30e0aad7dd137eca11272b0b225e8af4e8bf39682da67d956:B403", + "severity": "Low", + "confidence": "High", + "scanner": { + "id": "bandit", + "name": "Bandit" + }, + "location": { + "file": "python/imports/imports-function.py", + "start_line": 2, + "end_line": 2 + }, + "identifiers": [ + { + "type": "bandit_test_id", + "name": "Bandit Test ID B403", + "value": "B403" + } + ], + "priority": "Low", + "file": "python/imports/imports-function.py", + "line": 2, + "tool": "bandit" + }, + { + "category": "sast", + "message": "Consider possible security implications associated with Popen module.", + "cve": "python/imports/imports-from.py:eb8a0db9cd1a8c1ab39a77e6025021b1261cc2a0b026b2f4a11fca4e0636d8dd:B404", + "severity": "Low", + "confidence": "High", + "scanner": { + "id": "bandit", + "name": "Bandit" + }, + "location": { + "file": "python/imports/imports-from.py", + "start_line": 7, + "end_line": 7 + }, + "identifiers": [ + { + "type": "bandit_test_id", + "name": "Bandit Test ID B404", + "value": "B404" + } + ], + "priority": "Low", + "file": "python/imports/imports-from.py", + "line": 7, + "tool": "bandit" + }, + { + "category": "sast", + "message": "subprocess call with shell=True seems safe, but may be changed in the future, consider rewriting without shell", + "cve": "python/imports/imports-aliases.py:f99f9721e27537fbcb6699a4cf39c6740d6234d2c6f06cfc2d9ea977313c483d:B602", + "severity": "Low", + "confidence": "High", + "scanner": { + "id": "bandit", + "name": "Bandit" + }, + "location": { + "file": "python/imports/imports-aliases.py", + "start_line": 9, + "end_line": 9 + }, + "identifiers": [ + { + "type": "bandit_test_id", + "name": "Bandit Test ID B602", + "value": "B602", + "url": "https://docs.openstack.org/bandit/latest/plugins/b602_subprocess_popen_with_shell_equals_true.html" + } + ], + "priority": "Low", + "file": "python/imports/imports-aliases.py", + "line": 9, + "url": "https://docs.openstack.org/bandit/latest/plugins/b602_subprocess_popen_with_shell_equals_true.html", + "tool": "bandit" + }, + { + "category": "sast", + "message": "Consider possible security implications associated with subprocess module.", + "cve": "python/imports/imports-from.py:332a12ab1146698f614a905ce6a6a5401497a12281aef200e80522711c69dcf4:B404", + "severity": "Low", + "confidence": "High", + "scanner": { + "id": "bandit", + "name": "Bandit" + }, + "location": { + "file": "python/imports/imports-from.py", + "start_line": 6, + "end_line": 6 + }, + "identifiers": [ + { + "type": "bandit_test_id", + "name": "Bandit Test ID B404", + "value": "B404" + } + ], + "priority": "Low", + "file": "python/imports/imports-from.py", + "line": 6, + "tool": "bandit" + }, + { + "category": "sast", + "message": "Consider possible security implications associated with Popen module.", + "cve": "python/imports/imports-from.py:0a48de4a3d5348853a03666cb574697e3982998355e7a095a798bd02a5947276:B404", + "severity": "Low", + "confidence": "High", + "scanner": { + "id": "bandit", + "name": "Bandit" + }, + "location": { + "file": "python/imports/imports-from.py", + "start_line": 1, + "end_line": 2 + }, + "identifiers": [ + { + "type": "bandit_test_id", + "name": "Bandit Test ID B404", + "value": "B404" + } + ], + "priority": "Low", + "file": "python/imports/imports-from.py", + "line": 1, + "tool": "bandit" + }, + { + "category": "sast", + "message": "Consider possible security implications associated with pickle module.", + "cve": "python/imports/imports-aliases.py:51b71661dff994bde3529639a727a678c8f5c4c96f00d300913f6d5be1bbdf26:B403", + "severity": "Low", + "confidence": "High", + "scanner": { + "id": "bandit", + "name": "Bandit" + }, + "location": { + "file": "python/imports/imports-aliases.py", + "start_line": 7, + "end_line": 8 + }, + "identifiers": [ + { + "type": "bandit_test_id", + "name": "Bandit Test ID B403", + "value": "B403" + } + ], + "priority": "Low", + "file": "python/imports/imports-aliases.py", + "line": 7, + "tool": "bandit" + }, + { + "category": "sast", + "message": "Consider possible security implications associated with loads module.", + "cve": "python/imports/imports-aliases.py:6ff02aeb3149c01ab68484d794a94f58d5d3e3bb0d58557ef4153644ea68ea54:B403", + "severity": "Low", + "confidence": "High", + "scanner": { + "id": "bandit", + "name": "Bandit" + }, + "location": { + "file": "python/imports/imports-aliases.py", + "start_line": 6, + "end_line": 6 + }, + "identifiers": [ + { + "type": "bandit_test_id", + "name": "Bandit Test ID B403", + "value": "B403" + } + ], + "priority": "Low", + "file": "python/imports/imports-aliases.py", + "line": 6, + "tool": "bandit" + }, + { + "category": "sast", + "message": "Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120)", + "cve": "c/subdir/utils.c:b466873101951fe96e1332f6728eb7010acbbd5dfc3b65d7d53571d091a06d9e:CWE-119!/CWE-120", + "confidence": "Low", + "solution": "Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length", + "scanner": { + "id": "flawfinder", + "name": "Flawfinder" + }, + "location": { + "file": "c/subdir/utils.c", + "start_line": 4 + }, + "identifiers": [ + { + "type": "cwe", + "name": "CWE-119", + "value": "119", + "url": "https://cwe.mitre.org/data/definitions/119.html" + }, + { + "type": "cwe", + "name": "CWE-120", + "value": "120", + "url": "https://cwe.mitre.org/data/definitions/120.html" + } + ], + "file": "c/subdir/utils.c", + "line": 4, + "url": "https://cwe.mitre.org/data/definitions/119.html", + "tool": "flawfinder" + }, + { + "category": "sast", + "message": "Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362)", + "cve": "c/subdir/utils.c:bab681140fcc8fc3085b6bba74081b44ea145c1c98b5e70cf19ace2417d30770:CWE-362", + "confidence": "Low", + "scanner": { + "id": "flawfinder", + "name": "Flawfinder" + }, + "location": { + "file": "c/subdir/utils.c", + "start_line": 8 + }, + "identifiers": [ + { + "type": "cwe", + "name": "CWE-362", + "value": "362", + "url": "https://cwe.mitre.org/data/definitions/362.html" + } + ], + "file": "c/subdir/utils.c", + "line": 8, + "url": "https://cwe.mitre.org/data/definitions/362.html", + "tool": "flawfinder" + }, + { + "category": "sast", + "message": "Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120)", + "cve": "cplusplus/src/hello.cpp:c8c6dd0afdae6814194cf0930b719f757ab7b379cf8f261e7f4f9f2f323a818a:CWE-119!/CWE-120", + "confidence": "Low", + "solution": "Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length", + "scanner": { + "id": "flawfinder", + "name": "Flawfinder" + }, + "location": { + "file": "cplusplus/src/hello.cpp", + "start_line": 6 + }, + "identifiers": [ + { + "type": "cwe", + "name": "CWE-119", + "value": "119", + "url": "https://cwe.mitre.org/data/definitions/119.html" + }, + { + "type": "cwe", + "name": "CWE-120", + "value": "120", + "url": "https://cwe.mitre.org/data/definitions/120.html" + } + ], + "file": "cplusplus/src/hello.cpp", + "line": 6, + "url": "https://cwe.mitre.org/data/definitions/119.html", + "tool": "flawfinder" + }, + { + "category": "sast", + "message": "Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120)", + "cve": "cplusplus/src/hello.cpp:331c04062c4fe0c7c486f66f59e82ad146ab33cdd76ae757ca41f392d568cbd0:CWE-120", + "confidence": "Low", + "solution": "Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)", + "scanner": { + "id": "flawfinder", + "name": "Flawfinder" + }, + "location": { + "file": "cplusplus/src/hello.cpp", + "start_line": 7 + }, + "identifiers": [ + { + "type": "cwe", + "name": "CWE-120", + "value": "120", + "url": "https://cwe.mitre.org/data/definitions/120.html" + } + ], + "file": "cplusplus/src/hello.cpp", + "line": 7, + "url": "https://cwe.mitre.org/data/definitions/120.html", + "tool": "flawfinder" + } +] diff --git a/spec/fixtures/security-reports/feature-branch.zip b/spec/fixtures/security-reports/feature-branch.zip index 730ce3dc5f8b3d7917eb66901cabd7e759f61fc3..dd49f4e9e1d8c0f53e2441f790fb60531318b031 100644 GIT binary patch delta 6851 zcmexu{={55z?+#xgqeYXgMq8P#n=4Z_0JlN3=B?83=E2sWu#Qd*Oa9!Nkev>eiV@j6F=!&bY{1uS$Fov!KR(^&1YQZ*nWX99k93`+LsxAe+#m zf=iynaFtq2^9ou%iRdR}ARFz?3v;=FVF>-JncE_**XF6?RF znb!47(_i$m>Z?fga6DXBSXRuv$tT^_x;p!Jg4m}hqXzyPHNaV7vT}rknUHonYn-VvE_Y{ZtF)br0$^ zOBL?-eLuaV@?ZV72{QV6_Z*Y&|BK|QYo7M_uA5fT<(PH#n|9{ZF`|ZK#3PqmKbaXA z-g7cA2s1EDUdSj?e>L=e_hkoxy6@{HxE480-u80tJz1@;Irayf4^|6=^!XZPhE2Yk znpV71>EHWvYMHa=i8y{aIDOLGn?Ik;&QDu@|2>0GMD?6Gjz6YNUNyny^v~e(wuAS6 z-Y}c8@Z3@BNWW#)?yD_cpY49U(Kfr#z+PrHC%1};B-{1m?_0jyn|n5`-t@WJx>C1k zxep(oxn^tHat)JqFMWDe z)|Deja~5x0V8S!Q_7dJ(HB<9*edkYHp47PQN+jn@p_T)@N6lN(!k(xww{Gw_xvfV< zZ*jNN?5k?AtFHx2SnIq&EnsGTh`5$Wjk}#(NX@&4pPy`vn>t^;Xyyd(=%=4VKc$|M zP|2uwj!L#I5oUHWSzU5Kkgcbr*Q7(~;yEd|zI^U8+p?TGoA*6$ljfSLDKGKuQ<~PD z8Cz%M1xVVK{}Z?U_`+z#z3&D`CX_CjdOXXPHT9F6|L@p4$1`Lk_ZBNM=L_sF(<%AwkQRym!6B@nso9`pnX(g8vz+qw6LYulc}iR<`1tIR&8@QFp9eCz%691SHi{@--!fM&Q80nu^Tpf5AMv}U z+&uQ-)BEYyB-g zcQ@^}4Sr6_OFt&8W>8%FQ167;2e%C;JTCm~U9F>7D*SnoO7vm|Sqa{3r`Oy4`GRJj z)-EvnaA{ID@64>GlKpYq3pAVfDrFZQ-*b9KcG=XZ_Q@OWMvEoX-t5n*pKp46O;F3v ze{PN9ynz;X-Cdm&X6pCJm0S>A7qac%>R(IMbl&*xkC8fdct=6Jcu?Mcri=D7m{!Wp zb(GcoVt#n7Z^azRcmF;f`(L#?GknRb!^N5%)z`DXEPXrg*y_)xZ=Y)``M^_Owenxv z%4z3Z-grp3t@>zo>fk(1_}6`%a?(}z{N=8D^QJ)dlC z|L%`03!;eV%j@;^$|!zQ!NR~GFUr86#4!1;luG^4>ACAC8;Bgg|327c-!_qB$IOHl zclPV|%+j$_$?|DD^vbI{cW1HG{@qJ`tXs~$e5!SF@6C+!FD?Ji`{(z)lFV8ES@EldhDKGLuF56ZQjy|$xbI~lc!GX`q1;COGm~*2rd-Y_Wb2 zH~;o2Gdc0g4_}I1n|LAb-}X4QD=bSg{W?oj)92;YRK-u+7qgtTIda02#3^eZXnhwi z5L+r4v$T?H`o$!|tn5=R;A@{58*7_@N z?^pE%?&g#eeRkMy;W6G%$|5Xj)@Hj>#CH`liiPCAD!bobK2s}H_;J0Q@A=L^Ppw~H zEUORw4^mHG*_v?ovuWYaxW&viKRPNEWqyhq%+L$l?D%EBfY-$q!4GMB*`_e-7J3O4 z=QSv;%w<+$pS48VFZj%XJKr7MeEJp`@v+rgH>k|d((?4&5jOANn#X2ysvE^;tP?L! z-X-^M_X~C>CSiu#vu~8_`uML{`$uT|#44xN&s_H|2>o+^d!t6jvK#!**zP@)Ialym zGkS@Eclbk-6O#emnwyM@OPR-RNMDSw$2Mf91<-6xj zkG!d+X;(jK%hFqYDn24BA_X*q6zltXK9m-BEL7=9NL7(<-O22p`Ntt&=5$PstD`Eb zz@8X;+g5!8rbSE}C{bTI3%0ngs&+AZfJ&#c>-Co8hc@Y*51#XQFY zg@TWB^*L)S{=ZMZY;g|``ydZ!*v^je}pf3{x#3Zc+R)y%XN-&`F6RjdL4DVF2aU=TInIxI}vvm zx7HVjp0Ny-6*LV?axr^u-~4E4QTgLkk=<{q^?p{w_D=AdI8o{1i}2LhPdtusEqxt# zZ7ILzwM(m3smtCunBx7ZfzRl6XwFGF1!eAh=HseOUOSSEp0dhqbgi?W-;yp~<962k zwEdKAxr?u*PVM8d`e(n6r)K^sjpr-l``0~*;G6cr_um2a`+vo3gR)IJMcV2TWq4D( zlsP6h9gP#UXgd2V@$05o*Ho^Qh0BCu7y8s?i#HoraqUBD8&1jV_2miHy19>+fkCNk zvLlaF{hZAF&n^ND`#)>@{ABRR-TXa}Q!#JCjw6aK0$pk8>Cw(Y?6((+9H~z?w`EdU zr{Md3->cbX)m7=wB;TL0`uTY3s$0LO-ddNJR_%UO&R(SY_vuYXQ`~f0s)D|omhODl z9upI~)cNQ3_6wH_FVCAACtFhct}M`a>AL1*Ez$UGz73Q2^GMaVTgCJ??$`T${`{}W zX=YZ9W=X=D>;752SpNC&&zlp)&Se}|wOa0AEZw2L&ebG}bE%>yE2E6Z`CfyGPrW$Q zPAy?wxcQp=-qSOq&)yCcbGxe_{#Ej5m0|4FL}TyLC6bqx-Qr7}raEo4p6e9u*AcVW zW*oKR&Iq+@epxi3{Cu{aR{g&{QaP7WKBi6mQ@llI?SHkY`~9zez3}a^r>%DE&-+># zV(YuE>n&Kbd3~_&Td%L$U*k<)oqx6^>i&-9>*TK&TK+uXwK~6O_N&R?S9`BqFZGXW z^3hFCtFA7ZJEd##zWL?uivx2uSm!)5IqiLTKL6}*6(x17i#excOPp2jewi>72&y)NXlD_WK*51R9cHBPlr+ug6*RMy9hQEIn_P_bRtY_K< zM~&Uj6tA5wWQq;fQ#oH*VfXyutvT(dE%`sssh^+YHFL(&IeH@gkwUs(@0-|P_IZ>0 zzWthuz24H*E9=)^KX7o@OrDD62ise+4O#y zDnnGO%ly6i-#&NWT0hI||Fx@}CF-G3XEtmwl@Pglx$^S2yHDRU&$tqGAuzm2iKpr0 zf}TE2);7l`W${Iy=ddnsn%>y>Ev|Wb-=}J|ADabm`Iwowz4 z7J~@_2Y+_l3jAPJc}2%F?X7Y3oR^HQ8_s`iRQp;nFJo8mBvBV(Q7tyU)`^Dtt(d3^=K$qZXZdoyF@Br$uI~P;X#c%mEe`r{d$KdYkXD zXK&rCIr-f|wlo!gHLujUc2(hqTW7xapM6>SIP3P7Zw(G|$BmCiK5$NWzUseM%(ZiV zo3i-XTYnlE{8+*H-FjpOK z>2K+r9CGcVwt+~diUgw^Wb7|2<~e$kh>uX^mCXA+P7Uz^6@ zUn~DsE@}x`XYG63{(i#wxlJX+3hkdA~w^rX08#CSajtW zlaqi=S33K5=cZ zEcCc!oVs@Nv`!B%SGA=Nr^I}TTG$`cxgSz{ zGtbYR_x?X~yM&U5Pgk|tn*K?G%pGQKdb)}QdTTgzI2N9C40_`9?3jh%!5chXl|t-) z!-Xm>KkkpSb$xy3!aHznAQD=kD8`Y^d zJvh2%OjO$?G5df|Kxp7zc!}h&=hf<0*GFmM>`DAVW zE!T&Q%VMuOF8Zsb^DB!hJ#+z=e?pnh#+qk4>=$b3{&Jli{Xo@UckZ*+=X>uK9Z)Ne z>DzhKdD6+>Pu4zASu@RymFHLmKiA|h8EcX*a;#kBFnPwo7Nsht{IySnrcRzYt)A!F z;^j|c6#AbmQR1%Qm=Uveae`*QNu1>Sia4v@?v1_ErY2w%44i)tsbN6{w zc}L}J+OxBFjsF+qO?vh)pY67y3f%?W|^-cRRDJFvu%t$Ew23hztS5BE-vn#}sl zG~&He3e%SGu!zq#91r+4BC0f4Y`&dm{qtBlqhiAyiMUS><61p}xbwY^sOU(%zM$I6 zwb!%9_2i7_Ml)A1e-ua(@>j_%P@JIqNVQyE;ZEtb2TnHSB1XBV4=riDahHL0vXHQY zW6{%zh4mcAG?y>>%C*PqmaDAlNr8wfe%aohg}S{#EXM>hzUBl}cVL}qC7gAB|F$)&?^V3t&Ch4?eSP1wdX8_;>ZNQfP6@iNxqWfbdiA@C za;&L6n?ga-yHG1@w!&Ke$^e)OZQ)}UhV6abL&m4-}!$#{VVgD zZj{w}ou5;c?&$PoF}zF*reEH(WBzXQ@2h(>gATsTnxYnZcg}_#ON|mjLn8M& zwjXc*9l9hwdr4~LOPky}-P+>y>zcN0h`S@Tjm0)JU~5CjrbUIC6H}YE~qHTNuI&k2eRg#AH5s z5qlv;Qtch1r$*l5lxv$7cduMmSkixZ?T+XY?MpnVX2oZH3(npxZ(n_yH9GD{?xSA` zX55yCZ%zGwI)A>_$}7(Vo_|&@$w*3>pcLTdS-9T7P(O0R9re|^EYeH9&WI6eo9wIg zQ)QA!y^u`#hfV1>_}(Q>U1PX!@!CJ9uO+5Ow=*7HdsL3UnEhj&bF69hui`7KrWkT{ zPgxOLIpgzRRzJ7i4(u~#ecE5iqh(tZ=zbgIz_Ct@86E)LVR=M!#YNbyy z^sFvoQVM5lnj*2-)FCXI<>=%uN?DH$T*|gAogbNMAQoF68Df6=;>7#TuxtL{#^!U*G|TYx$*fNViJBY2j;pHx#ZhZ2!ZojCc9lq#xAzejI= z1acu7jqFm)&Ofr5o?Hx*7qTk_AiI>|-uHt~CtYD=c(&{#h;B$;dmcn1n~K`^1z_3l85o?H7#I{8WG2cg)rW>~GBDf9CPY_e z9*Hik;AUWCdBM!U048cD`uZO>;AwmRTQvB*O6-f{ZmLHZ3!j`~Ej-bFJJS2IhNt$b z%>Q$jtyT+Dnbe)U|JvtUmigN*dv18jt8&$>@WKNAyd}JBXIZDl&gQadbXa?Q%J+rJ zTy5v74wWtO$$qe~+@YoZv74Osjr27Fe^#E!7HBd&_;jJ(5-rDPk;{%Wrq2;=*Qwl* zRDF1D>0O4br22C^E&u=e=q6X5;~x5 z&0F_gx9*w7^T4J|ZI#5_JUW zV*hrnxi}~3pG4Ew&{?M#GrA8lzKxlDimlT@c=JT}<=?$|=KcTv?D3J)BJUS$$p5dy zw%@VyW1ezq(dC$R^_zC))G?rjbHpQ;TRbcb4DUG^7=#&Q7}9feQxc0ybc<38@{3CJ zvWoNbpy6JRHQ=v?-p#(_CQ$!9-jKs7$D(%5xw4$eY_lI+X`3PTs@+NWjF;5QZ5Q9_ z?bbf+e&YYVnNw3<&)LDhwDv{!g>!Gt{CQ?B|GSi5q3BX_30wTj`F@LBU(3$@&yg}AXwkNte|J}sxUlq1B46-t)2RBD zS+(Z zUwgO2J%Z(w$kiw7*KPa~;kc1?<-aBME3XP%)b(Kc8#OIkgS9dt$79#UEmvHYhXx3D z9eQ;y(C)#MHQ6g?X~yVp3y9vEn4IZ2WuNfDDfJ3J80;h?_k8%ExogtdU%@WZb$4ye z)Bg3iVrc-E?iZP`O#X$*4Gq&=*nTRqi2R+mj%Ue)trt%%^qwdDrsQ^Em-7DUr%I<8 z3(phe`!cO5e~GQw4M;Zc`|krECfqpn=hU_xyW_ZTjK{Ffh+gx)OVC=2|g6qR%H0q zfKBdU3tK+c0_zn&S@tyz|E?l!Bi?7Cpb1r95g)V`5( zJD3;0U_w#N#lPjDTBXZvrfbai_PuQy)O&eu>d&HeJh}&GiLcmKFSTOd!fVSqioI3M ze)RLKEs6JfWc=V}>-wxn-`i^SdBF>{BR>Xy-%#H?^^F<(XY0v!XY3EPelp^#`D->c z`OR!`fy-Q6F~Q&8ZV6*boExCH@`J-=SG^S`dJ-?C)}5Rlno{yJAu4z0)|JWk)@RmC zl>NKIG=ppBm&+#{7i!O9S}a*VeMv-g*0jErzyC>DFV&kQb3NjT+oO)DCCfyk?FzNe zPiJjmJ!xyAquc_!uO*sr z_R57_@cgE+Xt{aEKi6~W*Dv4u<-ba5mE>G=54ZPvwmAzW79OVlL_GV;YP-JCbP-2joyk1HfZ&Chsimm@) z1A(^h|GI*ospVecUl7gOv6Lw!WZJ6cZ0kZ@z1@13U{J+V9DWQCscmPmhva@*-Ge=Yioex+o+lsPT+j>nfxb+eE6 zB(a|L1+DxO7P0ncWWImXFY0;X;wdq=j@HjBQj5Pjs%=g53$@CaboJows>jp6Wq<#D zhv(3bBpbWCXFtrCz4MBPkVV$n9)_Kh_tY!3vbm@>3S4T+b(CBX^XpKz*NNY^mN2`e zT;28Q@Qg!AcFk3FSrzZr3Z1@l|H|wmA78}3=YJ*37(d$iY5t*n%QtJR@=>E=y7IlNUMvg@?6tDsT6J<7 z7yfGX?acW6+hzg>?tj+gdw1B(VcUdnYx8qAZIzvLsQdGUg&bU7R;PP3gH%`UaGKzM zL4V8oE%_T4|J$)m>G+ikjIs*M8)ZMft9a6X-1^dYb%*tx4-CDU(>@8=h56rkUH5zK zq|Q)9-FnVB`#8QytDK%N&tLC;tp7G${)2|r=lN$;_DfgnwUAGG^`&8DxB2I8S?jCY zXGfJyO6W6kl>EHB{jLvh=Noeysj3eywG^f+S5-j-*aj8VR`jf&a}yR-LDj3la0@IKJ~JiTmM?rspZ(Awy6oCDL$J- z7A_HFJY6isSiHzy^2Y32a)&K9uRgcr{nqnp{qyd>@$Wf)>xX<%_tYNlwSl)*>Mi=T zBYpPSv}=Kj{u}epn6Blho48uWdWn}rgcfi3IleuU)t*ZUcX<5>rcrx?e)~8JK<-cdQ z-w)bgy)=L7nmfPJjxs-JO5dU>?aeb+s5hfGVTy*b3LP@z^ZY zxz2J+?wLRO@cDlH|6i;-7V2>1uh-XS`tjhN*m}DwogcX*pT?bPz4hgKhCSb|Z6g1# z|L~~%l~kn`@p12ur+am*0>ulZML$aAKCSod@_ga7ICFnq`(vBZHysXBpEh`NT~qD8 zICamvmw#g5!;&&CktO9K>vC@j$8D_GTYXQm z_&LL_`dMn{mFwo-SmQZ2rd4i+WQvw1%WB1gY>V4&o7K7d95(PRUYis9gMU@TZKLIX zw@4YDnX$UkiGTOq4{KW+m-cukADm`+bZ$XIBj4nd^DG+zt8x>Z?HGiaZgDIX(@PFi zSr@V^DW>PSpTs5(gNJ)(-+m~xJ!s|qiPmci%f| z&Gh>FF^+rH>u+%yOqx}{Yjse35O>gu)4|;$xo4CtzBVnjP+QGdvFhgQwIBJ?SKn3& zJRQ{DUb=gK!*q~Z#WQEc6o__kuP&6%Q9mavEnXH-x^nHQh@D{zFMr|O@J*`v zz07>kLq$n(;qtdnIL|EldH;V(Y0!4NIe(bJ1rjr;mH#6rz<0h~SbgerUIvEgd7$Pe z1E~2~jMn^o8+(JBFa!KkT#=kMIgjw`dV?x>#Y8H{JYX+g;wJ3jeIj zE^+VDHSxXtdhIQf?CQ63KYq4(Et&u6a(3v~^na^YiF4S>n!Nqk{r8nCd+h(D^iaE{ z>zbKaw2sDapPa=bQ*V9C`YmI9^gLVpcl@(&z7V+8;k%^bU*7il=e|EX{yWNIvF!90 zbC}NND9qa-b}>VBN}Gx(OM!x|`5~8S+KMwYCX2P4i`xI+F8y7}mA<;g+ulw8R^zxa z&gcBPmTj+vzlpg zb7raW?i=3U&i?;==%+v|f3E$!E1Qdy?6sFg+GzhdzTxPyeSW4}W7qx8y!!7AS5fo7 z3cu&uda7UjDwLhh%oi0}J3TsNer<&4{A&D%2TtmR5|`<4ZqciVp;-{4T1mDP&hoGpP9TZ|+h zSKdBS&-(4IMzz}hedhDuuRV7+yzKw$e7j#CHuLYRe*gEpy;S|@d(-9Xz8;koG`l)e z{pYM>iG>$ppS?Z4bJwqLPbRJYUOfB%(TBX1kGLjjS5JJ(ywsv`o%Zwz?zf|Rx0PpZ z+50r3x^m0s#AQ<|H+(sL@=MURy-WY?ex`c%NcZg5Csf7zz3X4TY`9)s_1%br?dsE0 zY0e_L;+tpdr)`h%`FQrB(wnPiSICGx+grGEyL88?yJ!A)a~to`oUQlb^is?c9>wk5YN`*MR{#C3I@x^c1pn8~hjZD*!hbxNbs))N(~YQ%iGQt5oC+#rezxXm zw|M$BzICVM75XMe^J~-}vJh*w5IfIx{L#h-GYV(dH*cND#O)^~&trT``}GnPr43OH z;w^kS$%Yx{g%mwM1tlhZOY{<^_WXXZ<&sdNrugD= z7M^15#0Vy7$fE@<-rW>;05jFG}3(E#}Dw?S9L0@#Pf$pjTTy znVnp4*-p-fYsHy+YjtjVJbGT@Ww+w=nsE2Z9a+~>s-8bPI>+0np!Bl!#3p{b-@h*R z?~|}Y27h*ym-|v&#AM)q+qF#?ZwsWE3-Qh6p#UQ+25V=%RUY4RldOuJ2vcALU$ z?wH8mT>S7c``InMtY;g=+uk_P^W>z<$~BjNzt>*Y7V)dH_{$7ox9`91 zq?Nriuq{4XZ>(PZ@7m5qzuCUl%(U1mxQct0Vy5^^U$#Zh=1mfl+{%$s;vv)XJx-Hd zMkQrJu><2AcZT}oO5FEaLN4gYOV3*G_VK~JSJ$?MZPs4zwDFEYm;U1NFWMg6 zBC{^>-HT%!WfN;0-p}|DSRmLu?Ti(#mE>y)H3PS-r)!KfIUg$QV7a$|?_lSVIrUSj zYD}BhA5UA`svCXj;c1S0ci66I7M!1EaMfn<*A%OL~%izEF=YPHS@5{l{J-&*m zdfP+^vsyggsnYqRaZS>>w3cIk)GVb>IvU+;a$j1SG^coe&y>{K{B;hmoa67zw|Zpt zR#xo(+Lifb??Sz6HZN4&w{wGm-PaR4a!xr{Z-|jze}3ZYyLL-{KKjP}_w}2bZ=(KJ zMQ!uFy#BP;Y87|wM%E{4RjwXPEKZTWp1V|LUYI$)iL8>7nBNMgw@&@_ za#K-(d`0%{12?yZ7Y5~bOs?WM9DD!T=C#2=_vcLvkKP>Ww9fn3WKUtW`XeVTc4$A1 zpZHPl#Ebbnk`Jd(7q(awe`~t1>XM?nfmRheziFAVzU&c? zEIBkQ^sX93DjK+~>}73Hs1Wg=v*`QZh}WN$G^hKwE#1zg+v}oyfYp1>76C6$`9%hf z7HY=orU@q-3WWF$YUEl-q*)g8Y^_gRa9LP=sf5bX3fEKCiXc)|bLtZt1L2w7Csi-_ zamX)uv_iH2K}YkG7BB8)dwC62^(EYT&+LBT^T~hil&lF;qECm~83*M(uSujaqD#d#_?lJr%#I}?DM3l9`LTKThl_-S)3O%jUMC&F!}jE4`iO))q*fE(?y>w_%dQ z3?IK~;_W6g_k51st#M*mW_am@jOAS2`(_;~6kT!1d4_C&&is%!{42e>>n=VMt2os& zt#8xH%Dr3OY>51_+AjZ(K-4F@N^J|y)k}RDn+@+ZA5yWES{-5Hv`XWGN}9pKj(G>7 zwRgHaO{qUtyX?f`!+%dP@|)Sui?!nU8?$j@gVJ|nJN9Q4aeh+b3cb@cq%N=Lo>B7H zj`_>AhetQOf3M_U$Glpua!O&*tVt~+4dn{uEbtVcV)nE9bafKboG zZo06oAcpCAr05EU-MP=M`1P%xb}ElCE#iHMa8m@+ z!+j@HUUbh+3^J9B&b%a38hSa*mv7K(i0s5b1Ib>*_v z{!4Eb*x%8dc6m+omMyDvDq9|1d()A{RR5N7>(ZL3@iPv+|5{>b8$3Bw{{PuMCXI_j z&MR$YzJI(R?E8KRixfK7Nz6-KDl^-v}ar(~9SH(+0pPh={e>I@=_~o1nr{BGus};<1v^O z=WOWkdbvSMIBc(LHG8#n=#u+cOHwN>D`$nO&!2t%)us~BePV%!rY%^`wMwk$_L-kM zz8p51d42m?m3X&2yTdw}zPCkh%}e?3<(e5{vbMThHRe)B{r_v)9LEaRML3mksuo+# z5ICUqtRkSRLAzIGFZV2+!$)itIFIH|ITN+5-sr+qqpty}2XkY@mPnpE^7PZ!mDBzA z*?x_&i^+a*Hu!zxoo&T(8?@_B=a*=5?oZ=?{<*d!BPnHqQoyp-M{$Wsahno$`iDhx zn0dT5+^NE&K0D--r%Ju1ip9GJSMUD*f4QWBYh9FS{+zYz^By^S75&{ZXZ<7jb9?_B zRuitf_C&PSB!nG4f&MRXNX&t4j%O-g0HLs>$m4`+k&}i<~(=fA#h}4e_9& zlrG6eEkWn*Q!`V1F3p?MaAInsg6gph-U(O596ze;?YL#ZGx6>Eg+k9S{;6N2{j6lO z%)+z3wgji{Jo58n#a68o?2~Ik_Lj2bM$UROeNv>R;)_>0>o4y*y-DbP-Gd|BXRH5n zR-Yc*AJg<#zG&~a&)N0N0p5&Ea?H4cn3)4wNk1s#JUhRA_f@{ zLpG;{eR3+7vKKys?3qQFk$SR79a$Ans4*}wC^T$o)Z_tswRp0>l#H(P;twvVR~Q+V jPm*v=y~5bQbXfpI2Y9oxfwZtPurhpMWMKFx3E}|&=oh}p diff --git a/spec/fixtures/security-reports/feature-branch/gl-dependency-scanning-report.json b/spec/fixtures/security-reports/feature-branch/gl-dependency-scanning-report.json index ce66f562175..8555be6618c 100644 --- a/spec/fixtures/security-reports/feature-branch/gl-dependency-scanning-report.json +++ b/spec/fixtures/security-reports/feature-branch/gl-dependency-scanning-report.json @@ -1,178 +1,181 @@ -[ - { - "category": "dependency_scanning", - "name": "io.netty/netty - CVE-2014-3488", - "message": "DoS by CPU exhaustion when using malicious SSL packets", - "cve": "app/pom.xml:io.netty/netty@3.9.1.Final:CVE-2014-3488", - "severity": "Unknown", - "solution": "Upgrade to the latest version", - "scanner": { - "id": "gemnasium", - "name": "Gemnasium" - }, - "location": { - "file": "app/pom.xml", - "dependency": { - "package": { - "name": "io.netty/netty" +{ + "version": "1.3", + "vulnerabilities": [ + { + "category": "dependency_scanning", + "name": "io.netty/netty - CVE-2014-3488", + "message": "DoS by CPU exhaustion when using malicious SSL packets", + "cve": "app/pom.xml:io.netty/netty@3.9.1.Final:CVE-2014-3488", + "severity": "Unknown", + "solution": "Upgrade to the latest version", + "scanner": { + "id": "gemnasium", + "name": "Gemnasium" + }, + "location": { + "file": "app/pom.xml", + "dependency": { + "package": { + "name": "io.netty/netty" + }, + "version": "3.9.1.Final" + } + }, + "identifiers": [ + { + "type": "gemnasium", + "name": "Gemnasium-d1bf36d9-9f07-46cd-9cfc-8675338ada8f", + "value": "d1bf36d9-9f07-46cd-9cfc-8675338ada8f", + "url": "https://deps.sec.gitlab.com/packages/maven/io.netty/netty/versions/3.9.1.Final/advisories" + }, + { + "type": "cve", + "name": "CVE-2014-3488", + "value": "CVE-2014-3488", + "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3488" + } + ], + "links": [ + { + "url": "https://bugzilla.redhat.com/CVE-2014-3488" }, - "version": "3.9.1.Final" - } + { + "url": "http://netty.io/news/2014/06/11/3.html" + }, + { + "url": "https://github.com/netty/netty/issues/2562" + } + ], + "priority": "Unknown", + "file": "app/pom.xml", + "url": "https://bugzilla.redhat.com/CVE-2014-3488", + "tool": "gemnasium" }, - "identifiers": [ - { - "type": "gemnasium", - "name": "Gemnasium-d1bf36d9-9f07-46cd-9cfc-8675338ada8f", - "value": "d1bf36d9-9f07-46cd-9cfc-8675338ada8f", - "url": "https://deps.sec.gitlab.com/packages/maven/io.netty/netty/versions/3.9.1.Final/advisories" - }, - { - "type": "cve", - "name": "CVE-2014-3488", - "value": "CVE-2014-3488", - "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3488" - } - ], - "links": [ - { - "url": "https://bugzilla.redhat.com/CVE-2014-3488" + { + "category": "dependency_scanning", + "name": "Django - CVE-2017-12794", + "message": "Possible XSS in traceback section of technical 500 debug page", + "cve": "app/requirements.txt:Django@1.11.3:CVE-2017-12794", + "severity": "Unknown", + "solution": "Upgrade to latest version or apply patch.", + "scanner": { + "id": "gemnasium", + "name": "Gemnasium" }, - { - "url": "http://netty.io/news/2014/06/11/3.html" + "location": { + "file": "app/requirements.txt", + "dependency": { + "package": { + "name": "Django" + }, + "version": "1.11.3" + } }, - { - "url": "https://github.com/netty/netty/issues/2562" - } - ], - "priority": "Unknown", - "file": "app/pom.xml", - "url": "https://bugzilla.redhat.com/CVE-2014-3488", - "tool": "gemnasium" - }, - { - "category": "dependency_scanning", - "name": "Django - CVE-2017-12794", - "message": "Possible XSS in traceback section of technical 500 debug page", - "cve": "app/requirements.txt:Django@1.11.3:CVE-2017-12794", - "severity": "Unknown", - "solution": "Upgrade to latest version or apply patch.", - "scanner": { - "id": "gemnasium", - "name": "Gemnasium" - }, - "location": { - "file": "app/requirements.txt", - "dependency": { - "package": { - "name": "Django" + "identifiers": [ + { + "type": "gemnasium", + "name": "Gemnasium-6162a015-8635-4a15-8d7c-dc9321db366f", + "value": "6162a015-8635-4a15-8d7c-dc9321db366f", + "url": "https://deps.sec.gitlab.com/packages/pypi/Django/versions/1.11.3/advisories" }, - "version": "1.11.3" - } + { + "type": "cve", + "name": "CVE-2017-12794", + "value": "CVE-2017-12794", + "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12794" + } + ], + "links": [ + { + "url": "https://www.djangoproject.com/weblog/2017/sep/05/security-releases/" + } + ], + "priority": "Unknown", + "file": "app/requirements.txt", + "url": "https://www.djangoproject.com/weblog/2017/sep/05/security-releases/", + "tool": "gemnasium" }, - "identifiers": [ - { - "type": "gemnasium", - "name": "Gemnasium-6162a015-8635-4a15-8d7c-dc9321db366f", - "value": "6162a015-8635-4a15-8d7c-dc9321db366f", - "url": "https://deps.sec.gitlab.com/packages/pypi/Django/versions/1.11.3/advisories" + { + "category": "dependency_scanning", + "name": "nokogiri - USN-3424-1", + "message": "Vulnerabilities in libxml2", + "cve": "rails/Gemfile.lock:nokogiri@1.8.0:USN-3424-1", + "severity": "Unknown", + "solution": "Upgrade to latest version.", + "scanner": { + "id": "gemnasium", + "name": "Gemnasium" }, - { - "type": "cve", - "name": "CVE-2017-12794", - "value": "CVE-2017-12794", - "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12794" - } - ], - "links": [ - { - "url": "https://www.djangoproject.com/weblog/2017/sep/05/security-releases/" - } - ], - "priority": "Unknown", - "file": "app/requirements.txt", - "url": "https://www.djangoproject.com/weblog/2017/sep/05/security-releases/", - "tool": "gemnasium" - }, - { - "category": "dependency_scanning", - "name": "nokogiri - USN-3424-1", - "message": "Vulnerabilities in libxml2", - "cve": "rails/Gemfile.lock:nokogiri@1.8.0:USN-3424-1", - "severity": "Unknown", - "solution": "Upgrade to latest version.", - "scanner": { - "id": "gemnasium", - "name": "Gemnasium" - }, - "location": { - "file": "rails/Gemfile.lock", - "dependency": { - "package": { - "name": "nokogiri" + "location": { + "file": "rails/Gemfile.lock", + "dependency": { + "package": { + "name": "nokogiri" + }, + "version": "1.8.0" + } + }, + "identifiers": [ + { + "type": "gemnasium", + "name": "Gemnasium-06565b64-486d-4326-b906-890d9915804d", + "value": "06565b64-486d-4326-b906-890d9915804d", + "url": "https://deps.sec.gitlab.com/packages/gem/nokogiri/versions/1.8.0/advisories" }, - "version": "1.8.0" - } + { + "type": "usn", + "name": "USN-3424-1", + "value": "USN-3424-1", + "url": "https://usn.ubuntu.com/3424-1/" + } + ], + "links": [ + { + "url": "https://github.com/sparklemotion/nokogiri/issues/1673" + } + ], + "priority": "Unknown", + "file": "rails/Gemfile.lock", + "url": "https://github.com/sparklemotion/nokogiri/issues/1673", + "tool": "gemnasium" }, - "identifiers": [ - { - "type": "gemnasium", - "name": "Gemnasium-06565b64-486d-4326-b906-890d9915804d", - "value": "06565b64-486d-4326-b906-890d9915804d", - "url": "https://deps.sec.gitlab.com/packages/gem/nokogiri/versions/1.8.0/advisories" + { + "category": "dependency_scanning", + "name": "ffi - CVE-2018-1000201", + "message": "ruby-ffi DDL loading issue on Windows OS", + "cve": "ffi:1.9.18:CVE-2018-1000201", + "severity": "High", + "solution": "upgrade to \u003e= 1.9.24", + "scanner": { + "id": "bundler_audit", + "name": "bundler-audit" }, - { - "type": "usn", - "name": "USN-3424-1", - "value": "USN-3424-1", - "url": "https://usn.ubuntu.com/3424-1/" - } - ], - "links": [ - { - "url": "https://github.com/sparklemotion/nokogiri/issues/1673" - } - ], - "priority": "Unknown", - "file": "rails/Gemfile.lock", - "url": "https://github.com/sparklemotion/nokogiri/issues/1673", - "tool": "gemnasium" - }, - { - "category": "dependency_scanning", - "name": "ffi - CVE-2018-1000201", - "message": "ruby-ffi DDL loading issue on Windows OS", - "cve": "ffi:1.9.18:CVE-2018-1000201", - "severity": "High", - "solution": "upgrade to \u003e= 1.9.24", - "scanner": { - "id": "bundler_audit", - "name": "bundler-audit" - }, - "location": { + "location": { + "file": "sast-sample-rails/Gemfile.lock", + "dependency": { + "package": { + "name": "ffi" + }, + "version": "1.9.18" + } + }, + "identifiers": [ + { + "type": "cve", + "name": "CVE-2018-1000201", + "value": "CVE-2018-1000201", + "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000201" + } + ], + "links": [ + { + "url": "https://github.com/ffi/ffi/releases/tag/1.9.24" + } + ], + "priority": "High", "file": "sast-sample-rails/Gemfile.lock", - "dependency": { - "package": { - "name": "ffi" - }, - "version": "1.9.18" - } - }, - "identifiers": [ - { - "type": "cve", - "name": "CVE-2018-1000201", - "value": "CVE-2018-1000201", - "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000201" - } - ], - "links": [ - { - "url": "https://github.com/ffi/ffi/releases/tag/1.9.24" - } - ], - "priority": "High", - "file": "sast-sample-rails/Gemfile.lock", - "url": "https://github.com/ffi/ffi/releases/tag/1.9.24", - "tool": "bundler_audit" - } -] + "url": "https://github.com/ffi/ffi/releases/tag/1.9.24", + "tool": "bundler_audit" + } + ] +} diff --git a/spec/fixtures/security-reports/feature-branch/gl-license-management-report.json b/spec/fixtures/security-reports/feature-branch/gl-license-management-report.json index c1d20fa02fa..5fd81fd69bd 100644 --- a/spec/fixtures/security-reports/feature-branch/gl-license-management-report.json +++ b/spec/fixtures/security-reports/feature-branch/gl-license-management-report.json @@ -1,16 +1,12 @@ { "licenses": [ { - "count": 13, - "name": "MIT" - }, - { - "count": 2, - "name": "New BSD" + "count": 1, + "name": "WTFPL" }, { "count": 1, - "name": "LGPL" + "name": "MIT" } ], "dependencies": [ @@ -20,107 +16,9 @@ "url": "http://opensource.org/licenses/mit-license" }, "dependency": { - "name": "bundler", - "url": "http://bundler.io", - "description": "The best way to manage your application's dependencies", - "pathes": [ - "." - ] - } - }, - { - "license": { - "name": "MIT", - "url": "http://opensource.org/licenses/mit-license" - }, - "dependency": { - "name": "concurrent-ruby", - "url": "http://www.concurrent-ruby.com", - "description": "Modern concurrency tools for Ruby. Inspired by Erlang, Clojure, Scala, Haskell, F#, C#, Java, and classic concurrency patterns.", - "pathes": [ - "." - ] - } - }, - { - "license": { - "name": "MIT", - "url": "http://opensource.org/licenses/mit-license" - }, - "dependency": { - "name": "connection_pool", - "url": "https://github.com/mperham/connection_pool", - "description": "Generic connection pool for Ruby", - "pathes": [ - "." - ] - } - }, - { - "license": { - "name": "MIT", - "url": "http://opensource.org/licenses/mit-license" - }, - "dependency": { - "name": "mini_portile2", - "url": "http://github.com/flavorjones/mini_portile", - "description": "Simplistic port-like solution for developers", - "pathes": [ - "." - ] - } - }, - { - "license": { - "name": "MIT", - "url": "http://opensource.org/licenses/mit-license" - }, - "dependency": { - "name": "mustermann", - "url": "https://github.com/sinatra/mustermann", - "description": "Your personal string matching expert.", - "pathes": [ - "." - ] - } - }, - { - "license": { - "name": "MIT", - "url": "http://opensource.org/licenses/mit-license" - }, - "dependency": { - "name": "nokogiri", - "url": "http://nokogiri.org", - "description": "Nokogiri (鋸) is an HTML, XML, SAX, and Reader parser", - "pathes": [ - "." - ] - } - }, - { - "license": { - "name": "New BSD", - "url": "http://opensource.org/licenses/BSD-3-Clause" - }, - "dependency": { - "name": "pg", - "url": "https://bitbucket.org/ged/ruby-pg", - "description": "Pg is the Ruby interface to the {PostgreSQL RDBMS}[http://www.postgresql.org/]", - "pathes": [ - "." - ] - } - }, - { - "license": { - "name": "New BSD", - "url": "http://opensource.org/licenses/BSD-3-Clause" - }, - "dependency": { - "name": "puma", - "url": "http://puma.io", - "description": "Puma is a simple, fast, threaded, and highly concurrent HTTP 1.1 server for Ruby/Rack applications", + "name": "actioncable", + "url": "http://rubyonrails.org", + "description": "WebSocket framework for Rails.", "pathes": [ "." ] @@ -128,111 +26,13 @@ }, { "license": { - "name": "MIT", - "url": "http://opensource.org/licenses/mit-license" - }, - "dependency": { - "name": "rack", - "url": "https://rack.github.io/", - "description": "a modular Ruby webserver interface", - "pathes": [ - "." - ] - } - }, - { - "license": { - "name": "MIT", - "url": "http://opensource.org/licenses/mit-license" - }, - "dependency": { - "name": "rack-protection", - "url": "http://github.com/sinatra/sinatra/tree/master/rack-protection", - "description": "Protect against typical web attacks, works with all Rack apps, including Rails.", - "pathes": [ - "." - ] - } - }, - { - "license": { - "name": "MIT", - "url": "http://opensource.org/licenses/mit-license" - }, - "dependency": { - "name": "redis", - "url": "https://github.com/redis/redis-rb", - "description": "A Ruby client library for Redis", - "pathes": [ - "." - ] - } - }, - { - "license": { - "name": "LGPL", - "url": "http://www.gnu.org/licenses/lgpl.txt" - }, - "dependency": { - "name": "sidekiq", - "url": "http://sidekiq.org", - "description": "Simple, efficient background processing for Ruby", - "pathes": [ - "." - ] - } - }, - { - "license": { - "name": "MIT", - "url": "http://opensource.org/licenses/mit-license" - }, - "dependency": { - "name": "sinatra", - "url": "http://www.sinatrarb.com/", - "description": "Classy web-development dressed in a DSL", - "pathes": [ - "." - ] - } - }, - { - "license": { - "name": "MIT", - "url": "http://opensource.org/licenses/mit-license" - }, - "dependency": { - "name": "slim", - "url": "http://slim-lang.com/", - "description": "Slim is a template language.", - "pathes": [ - "." - ] - } - }, - { - "license": { - "name": "MIT", - "url": "http://opensource.org/licenses/mit-license" - }, - "dependency": { - "name": "temple", - "url": "https://github.com/judofyr/temple", - "description": "Template compilation framework in Ruby", - "pathes": [ - "." - ] - } - }, - { - "license": { - "name": "MIT", - "url": "http://opensource.org/licenses/mit-license" + "name": "WTFPL", + "url": "http://www.wtfpl.net/" }, "dependency": { - "name": "tilt", - "url": "http://github.com/rtomayko/tilt/", - "description": "Generic interface to multiple Ruby template engines", + "name": "wtfpl_init", + "url": "https://rubygems.org/gems/wtfpl_init", + "description": "Download WTFPL license file and rename to LICENSE.md or something", "pathes": [ "." ] diff --git a/spec/fixtures/security-reports/feature-branch/gl-sast-report.json b/spec/fixtures/security-reports/feature-branch/gl-sast-report.json index a85b9be8b5f..4bef3d22f70 100644 --- a/spec/fixtures/security-reports/feature-branch/gl-sast-report.json +++ b/spec/fixtures/security-reports/feature-branch/gl-sast-report.json @@ -1,944 +1,947 @@ -[ - { - "category": "sast", - "message": "Probable insecure usage of temp file/directory.", - "cve": "python/hardcoded/hardcoded-tmp.py:52865813c884a507be1f152d654245af34aba8a391626d01f1ab6d3f52ec8779:B108", - "severity": "Medium", - "confidence": "Medium", - "scanner": { - "id": "bandit", - "name": "Bandit" - }, - "location": { +{ + "version": "1.2", + "vulnerabilities": [ + { + "category": "sast", + "message": "Probable insecure usage of temp file/directory.", + "cve": "python/hardcoded/hardcoded-tmp.py:52865813c884a507be1f152d654245af34aba8a391626d01f1ab6d3f52ec8779:B108", + "severity": "Medium", + "confidence": "Medium", + "scanner": { + "id": "bandit", + "name": "Bandit" + }, + "location": { + "file": "python/hardcoded/hardcoded-tmp.py", + "start_line": 1, + "end_line": 1 + }, + "identifiers": [ + { + "type": "bandit_test_id", + "name": "Bandit Test ID B108", + "value": "B108", + "url": "https://docs.openstack.org/bandit/latest/plugins/b108_hardcoded_tmp_directory.html" + } + ], + "priority": "Medium", "file": "python/hardcoded/hardcoded-tmp.py", - "start_line": 1, - "end_line": 1 - }, - "identifiers": [ - { - "type": "bandit_test_id", - "name": "Bandit Test ID B108", - "value": "B108", - "url": "https://docs.openstack.org/bandit/latest/plugins/b108_hardcoded_tmp_directory.html" - } - ], - "priority": "Medium", - "file": "python/hardcoded/hardcoded-tmp.py", - "line": 1, - "url": "https://docs.openstack.org/bandit/latest/plugins/b108_hardcoded_tmp_directory.html", - "tool": "bandit" - }, - { - "category": "sast", - "name": "Predictable pseudorandom number generator", - "message": "Predictable pseudorandom number generator", - "cve": "groovy/src/main/java/com/gitlab/security_products/tests/App.groovy:47:PREDICTABLE_RANDOM", - "severity": "Medium", - "confidence": "Medium", - "scanner": { - "id": "find_sec_bugs", - "name": "Find Security Bugs" - }, - "location": { + "line": 1, + "url": "https://docs.openstack.org/bandit/latest/plugins/b108_hardcoded_tmp_directory.html", + "tool": "bandit" + }, + { + "category": "sast", + "name": "Predictable pseudorandom number generator", + "message": "Predictable pseudorandom number generator", + "cve": "groovy/src/main/java/com/gitlab/security_products/tests/App.groovy:47:PREDICTABLE_RANDOM", + "severity": "Medium", + "confidence": "Medium", + "scanner": { + "id": "find_sec_bugs", + "name": "Find Security Bugs" + }, + "location": { + "file": "groovy/src/main/java/com/gitlab/security_products/tests/App.groovy", + "start_line": 47, + "end_line": 47, + "class": "com.gitlab.security_products.tests.App", + "method": "generateSecretToken2" + }, + "identifiers": [ + { + "type": "find_sec_bugs_type", + "name": "Find Security Bugs-PREDICTABLE_RANDOM", + "value": "PREDICTABLE_RANDOM", + "url": "https://find-sec-bugs.github.io/bugs.htm#PREDICTABLE_RANDOM" + } + ], + "priority": "Medium", "file": "groovy/src/main/java/com/gitlab/security_products/tests/App.groovy", - "start_line": 47, - "end_line": 47, - "class": "com.gitlab.security_products.tests.App", - "method": "generateSecretToken2" - }, - "identifiers": [ - { - "type": "find_sec_bugs_type", - "name": "Find Security Bugs-PREDICTABLE_RANDOM", - "value": "PREDICTABLE_RANDOM", - "url": "https://find-sec-bugs.github.io/bugs.htm#PREDICTABLE_RANDOM" - } - ], - "priority": "Medium", - "file": "groovy/src/main/java/com/gitlab/security_products/tests/App.groovy", - "line": 47, - "url": "https://find-sec-bugs.github.io/bugs.htm#PREDICTABLE_RANDOM", - "tool": "find_sec_bugs" - }, - { - "category": "sast", - "name": "Predictable pseudorandom number generator", - "message": "Predictable pseudorandom number generator", - "cve": "groovy/src/main/java/com/gitlab/security_products/tests/App.groovy:41:PREDICTABLE_RANDOM", - "severity": "Medium", - "confidence": "Medium", - "scanner": { - "id": "find_sec_bugs", - "name": "Find Security Bugs" - }, - "location": { + "line": 47, + "url": "https://find-sec-bugs.github.io/bugs.htm#PREDICTABLE_RANDOM", + "tool": "find_sec_bugs" + }, + { + "category": "sast", + "name": "Predictable pseudorandom number generator", + "message": "Predictable pseudorandom number generator", + "cve": "groovy/src/main/java/com/gitlab/security_products/tests/App.groovy:41:PREDICTABLE_RANDOM", + "severity": "Medium", + "confidence": "Medium", + "scanner": { + "id": "find_sec_bugs", + "name": "Find Security Bugs" + }, + "location": { + "file": "groovy/src/main/java/com/gitlab/security_products/tests/App.groovy", + "start_line": 41, + "end_line": 41, + "class": "com.gitlab.security_products.tests.App", + "method": "generateSecretToken1" + }, + "identifiers": [ + { + "type": "find_sec_bugs_type", + "name": "Find Security Bugs-PREDICTABLE_RANDOM", + "value": "PREDICTABLE_RANDOM", + "url": "https://find-sec-bugs.github.io/bugs.htm#PREDICTABLE_RANDOM" + } + ], + "priority": "Medium", "file": "groovy/src/main/java/com/gitlab/security_products/tests/App.groovy", - "start_line": 41, - "end_line": 41, - "class": "com.gitlab.security_products.tests.App", - "method": "generateSecretToken1" - }, - "identifiers": [ - { - "type": "find_sec_bugs_type", - "name": "Find Security Bugs-PREDICTABLE_RANDOM", - "value": "PREDICTABLE_RANDOM", - "url": "https://find-sec-bugs.github.io/bugs.htm#PREDICTABLE_RANDOM" - } - ], - "priority": "Medium", - "file": "groovy/src/main/java/com/gitlab/security_products/tests/App.groovy", - "line": 41, - "url": "https://find-sec-bugs.github.io/bugs.htm#PREDICTABLE_RANDOM", - "tool": "find_sec_bugs" - }, - { - "category": "sast", - "message": "Use of insecure MD2, MD4, or MD5 hash function.", - "cve": "python/imports/imports-aliases.py:cb203b465dffb0cb3a8e8bd8910b84b93b0a5995a938e4b903dbb0cd6ffa1254:B303", - "severity": "Medium", - "confidence": "High", - "scanner": { - "id": "bandit", - "name": "Bandit" - }, - "location": { + "line": 41, + "url": "https://find-sec-bugs.github.io/bugs.htm#PREDICTABLE_RANDOM", + "tool": "find_sec_bugs" + }, + { + "category": "sast", + "message": "Use of insecure MD2, MD4, or MD5 hash function.", + "cve": "python/imports/imports-aliases.py:cb203b465dffb0cb3a8e8bd8910b84b93b0a5995a938e4b903dbb0cd6ffa1254:B303", + "severity": "Medium", + "confidence": "High", + "scanner": { + "id": "bandit", + "name": "Bandit" + }, + "location": { + "file": "python/imports/imports-aliases.py", + "start_line": 11, + "end_line": 11 + }, + "identifiers": [ + { + "type": "bandit_test_id", + "name": "Bandit Test ID B303", + "value": "B303" + } + ], + "priority": "Medium", "file": "python/imports/imports-aliases.py", - "start_line": 11, - "end_line": 11 - }, - "identifiers": [ - { - "type": "bandit_test_id", - "name": "Bandit Test ID B303", - "value": "B303" - } - ], - "priority": "Medium", - "file": "python/imports/imports-aliases.py", - "line": 11, - "tool": "bandit" - }, - { - "category": "sast", - "message": "Use of insecure MD2, MD4, or MD5 hash function.", - "cve": "python/imports/imports-aliases.py:a7173c43ae66bd07466632d819d450e0071e02dbf782763640d1092981f9631b:B303", - "severity": "Medium", - "confidence": "High", - "scanner": { - "id": "bandit", - "name": "Bandit" - }, - "location": { + "line": 11, + "tool": "bandit" + }, + { + "category": "sast", + "message": "Use of insecure MD2, MD4, or MD5 hash function.", + "cve": "python/imports/imports-aliases.py:a7173c43ae66bd07466632d819d450e0071e02dbf782763640d1092981f9631b:B303", + "severity": "Medium", + "confidence": "High", + "scanner": { + "id": "bandit", + "name": "Bandit" + }, + "location": { + "file": "python/imports/imports-aliases.py", + "start_line": 12, + "end_line": 12 + }, + "identifiers": [ + { + "type": "bandit_test_id", + "name": "Bandit Test ID B303", + "value": "B303" + } + ], + "priority": "Medium", "file": "python/imports/imports-aliases.py", - "start_line": 12, - "end_line": 12 - }, - "identifiers": [ - { - "type": "bandit_test_id", - "name": "Bandit Test ID B303", - "value": "B303" - } - ], - "priority": "Medium", - "file": "python/imports/imports-aliases.py", - "line": 12, - "tool": "bandit" - }, - { - "category": "sast", - "message": "Use of insecure MD2, MD4, or MD5 hash function.", - "cve": "python/imports/imports-aliases.py:017017b77deb0b8369b6065947833eeea752a92ec8a700db590fece3e934cf0d:B303", - "severity": "Medium", - "confidence": "High", - "scanner": { - "id": "bandit", - "name": "Bandit" - }, - "location": { + "line": 12, + "tool": "bandit" + }, + { + "category": "sast", + "message": "Use of insecure MD2, MD4, or MD5 hash function.", + "cve": "python/imports/imports-aliases.py:017017b77deb0b8369b6065947833eeea752a92ec8a700db590fece3e934cf0d:B303", + "severity": "Medium", + "confidence": "High", + "scanner": { + "id": "bandit", + "name": "Bandit" + }, + "location": { + "file": "python/imports/imports-aliases.py", + "start_line": 13, + "end_line": 13 + }, + "identifiers": [ + { + "type": "bandit_test_id", + "name": "Bandit Test ID B303", + "value": "B303" + } + ], + "priority": "Medium", "file": "python/imports/imports-aliases.py", - "start_line": 13, - "end_line": 13 - }, - "identifiers": [ - { - "type": "bandit_test_id", - "name": "Bandit Test ID B303", - "value": "B303" - } - ], - "priority": "Medium", - "file": "python/imports/imports-aliases.py", - "line": 13, - "tool": "bandit" - }, - { - "category": "sast", - "message": "Use of insecure MD2, MD4, or MD5 hash function.", - "cve": "python/imports/imports-aliases.py:45fc8c53aea7b84f06bc4e590cc667678d6073c4c8a1d471177ca2146fb22db2:B303", - "severity": "Medium", - "confidence": "High", - "scanner": { - "id": "bandit", - "name": "Bandit" - }, - "location": { + "line": 13, + "tool": "bandit" + }, + { + "category": "sast", + "message": "Use of insecure MD2, MD4, or MD5 hash function.", + "cve": "python/imports/imports-aliases.py:45fc8c53aea7b84f06bc4e590cc667678d6073c4c8a1d471177ca2146fb22db2:B303", + "severity": "Medium", + "confidence": "High", + "scanner": { + "id": "bandit", + "name": "Bandit" + }, + "location": { + "file": "python/imports/imports-aliases.py", + "start_line": 14, + "end_line": 14 + }, + "identifiers": [ + { + "type": "bandit_test_id", + "name": "Bandit Test ID B303", + "value": "B303" + } + ], + "priority": "Medium", "file": "python/imports/imports-aliases.py", - "start_line": 14, - "end_line": 14 - }, - "identifiers": [ - { - "type": "bandit_test_id", - "name": "Bandit Test ID B303", - "value": "B303" - } - ], - "priority": "Medium", - "file": "python/imports/imports-aliases.py", - "line": 14, - "tool": "bandit" - }, - { - "category": "sast", - "message": "Pickle library appears to be in use, possible security issue.", - "cve": "python/imports/imports-aliases.py:5f200d47291e7bbd8352db23019b85453ca048dd98ea0c291260fa7d009963a4:B301", - "severity": "Medium", - "confidence": "High", - "scanner": { - "id": "bandit", - "name": "Bandit" - }, - "location": { + "line": 14, + "tool": "bandit" + }, + { + "category": "sast", + "message": "Pickle library appears to be in use, possible security issue.", + "cve": "python/imports/imports-aliases.py:5f200d47291e7bbd8352db23019b85453ca048dd98ea0c291260fa7d009963a4:B301", + "severity": "Medium", + "confidence": "High", + "scanner": { + "id": "bandit", + "name": "Bandit" + }, + "location": { + "file": "python/imports/imports-aliases.py", + "start_line": 15, + "end_line": 15 + }, + "identifiers": [ + { + "type": "bandit_test_id", + "name": "Bandit Test ID B301", + "value": "B301" + } + ], + "priority": "Medium", "file": "python/imports/imports-aliases.py", - "start_line": 15, - "end_line": 15 - }, - "identifiers": [ - { - "type": "bandit_test_id", - "name": "Bandit Test ID B301", - "value": "B301" - } - ], - "priority": "Medium", - "file": "python/imports/imports-aliases.py", - "line": 15, - "tool": "bandit" - }, - { - "category": "sast", - "name": "ECB mode is insecure", - "message": "ECB mode is insecure", - "cve": "groovy/src/main/java/com/gitlab/security_products/tests/App.groovy:29:ECB_MODE", - "severity": "Medium", - "confidence": "High", - "scanner": { - "id": "find_sec_bugs", - "name": "Find Security Bugs" - }, - "location": { + "line": 15, + "tool": "bandit" + }, + { + "category": "sast", + "name": "ECB mode is insecure", + "message": "ECB mode is insecure", + "cve": "groovy/src/main/java/com/gitlab/security_products/tests/App.groovy:29:ECB_MODE", + "severity": "Medium", + "confidence": "High", + "scanner": { + "id": "find_sec_bugs", + "name": "Find Security Bugs" + }, + "location": { + "file": "groovy/src/main/java/com/gitlab/security_products/tests/App.groovy", + "start_line": 29, + "end_line": 29, + "class": "com.gitlab.security_products.tests.App", + "method": "insecureCypher" + }, + "identifiers": [ + { + "type": "find_sec_bugs_type", + "name": "Find Security Bugs-ECB_MODE", + "value": "ECB_MODE", + "url": "https://find-sec-bugs.github.io/bugs.htm#ECB_MODE" + } + ], + "priority": "Medium", "file": "groovy/src/main/java/com/gitlab/security_products/tests/App.groovy", - "start_line": 29, - "end_line": 29, - "class": "com.gitlab.security_products.tests.App", - "method": "insecureCypher" - }, - "identifiers": [ - { - "type": "find_sec_bugs_type", - "name": "Find Security Bugs-ECB_MODE", - "value": "ECB_MODE", - "url": "https://find-sec-bugs.github.io/bugs.htm#ECB_MODE" - } - ], - "priority": "Medium", - "file": "groovy/src/main/java/com/gitlab/security_products/tests/App.groovy", - "line": 29, - "url": "https://find-sec-bugs.github.io/bugs.htm#ECB_MODE", - "tool": "find_sec_bugs" - }, - { - "category": "sast", - "name": "Cipher with no integrity", - "message": "Cipher with no integrity", - "cve": "groovy/src/main/java/com/gitlab/security_products/tests/App.groovy:29:CIPHER_INTEGRITY", - "severity": "Medium", - "confidence": "High", - "scanner": { - "id": "find_sec_bugs", - "name": "Find Security Bugs" - }, - "location": { + "line": 29, + "url": "https://find-sec-bugs.github.io/bugs.htm#ECB_MODE", + "tool": "find_sec_bugs" + }, + { + "category": "sast", + "name": "Cipher with no integrity", + "message": "Cipher with no integrity", + "cve": "groovy/src/main/java/com/gitlab/security_products/tests/App.groovy:29:CIPHER_INTEGRITY", + "severity": "Medium", + "confidence": "High", + "scanner": { + "id": "find_sec_bugs", + "name": "Find Security Bugs" + }, + "location": { + "file": "groovy/src/main/java/com/gitlab/security_products/tests/App.groovy", + "start_line": 29, + "end_line": 29, + "class": "com.gitlab.security_products.tests.App", + "method": "insecureCypher" + }, + "identifiers": [ + { + "type": "find_sec_bugs_type", + "name": "Find Security Bugs-CIPHER_INTEGRITY", + "value": "CIPHER_INTEGRITY", + "url": "https://find-sec-bugs.github.io/bugs.htm#CIPHER_INTEGRITY" + } + ], + "priority": "Medium", "file": "groovy/src/main/java/com/gitlab/security_products/tests/App.groovy", - "start_line": 29, - "end_line": 29, - "class": "com.gitlab.security_products.tests.App", - "method": "insecureCypher" - }, - "identifiers": [ - { - "type": "find_sec_bugs_type", - "name": "Find Security Bugs-CIPHER_INTEGRITY", - "value": "CIPHER_INTEGRITY", - "url": "https://find-sec-bugs.github.io/bugs.htm#CIPHER_INTEGRITY" - } - ], - "priority": "Medium", - "file": "groovy/src/main/java/com/gitlab/security_products/tests/App.groovy", - "line": 29, - "url": "https://find-sec-bugs.github.io/bugs.htm#CIPHER_INTEGRITY", - "tool": "find_sec_bugs" - }, - { - "category": "sast", - "message": "Probable insecure usage of temp file/directory.", - "cve": "python/hardcoded/hardcoded-tmp.py:63dd4d626855555b816985d82c4614a790462a0a3ada89dc58eb97f9c50f3077:B108", - "severity": "Medium", - "confidence": "Medium", - "scanner": { - "id": "bandit", - "name": "Bandit" - }, - "location": { + "line": 29, + "url": "https://find-sec-bugs.github.io/bugs.htm#CIPHER_INTEGRITY", + "tool": "find_sec_bugs" + }, + { + "category": "sast", + "message": "Probable insecure usage of temp file/directory.", + "cve": "python/hardcoded/hardcoded-tmp.py:63dd4d626855555b816985d82c4614a790462a0a3ada89dc58eb97f9c50f3077:B108", + "severity": "Medium", + "confidence": "Medium", + "scanner": { + "id": "bandit", + "name": "Bandit" + }, + "location": { + "file": "python/hardcoded/hardcoded-tmp.py", + "start_line": 14, + "end_line": 14 + }, + "identifiers": [ + { + "type": "bandit_test_id", + "name": "Bandit Test ID B108", + "value": "B108", + "url": "https://docs.openstack.org/bandit/latest/plugins/b108_hardcoded_tmp_directory.html" + } + ], + "priority": "Medium", "file": "python/hardcoded/hardcoded-tmp.py", - "start_line": 14, - "end_line": 14 - }, - "identifiers": [ - { - "type": "bandit_test_id", - "name": "Bandit Test ID B108", - "value": "B108", - "url": "https://docs.openstack.org/bandit/latest/plugins/b108_hardcoded_tmp_directory.html" - } - ], - "priority": "Medium", - "file": "python/hardcoded/hardcoded-tmp.py", - "line": 14, - "url": "https://docs.openstack.org/bandit/latest/plugins/b108_hardcoded_tmp_directory.html", - "tool": "bandit" - }, - { - "category": "sast", - "message": "Probable insecure usage of temp file/directory.", - "cve": "python/hardcoded/hardcoded-tmp.py:4ad6d4c40a8c263fc265f3384724014e0a4f8dd6200af83e51ff120420038031:B108", - "severity": "Medium", - "confidence": "Medium", - "scanner": { - "id": "bandit", - "name": "Bandit" - }, - "location": { + "line": 14, + "url": "https://docs.openstack.org/bandit/latest/plugins/b108_hardcoded_tmp_directory.html", + "tool": "bandit" + }, + { + "category": "sast", + "message": "Probable insecure usage of temp file/directory.", + "cve": "python/hardcoded/hardcoded-tmp.py:4ad6d4c40a8c263fc265f3384724014e0a4f8dd6200af83e51ff120420038031:B108", + "severity": "Medium", + "confidence": "Medium", + "scanner": { + "id": "bandit", + "name": "Bandit" + }, + "location": { + "file": "python/hardcoded/hardcoded-tmp.py", + "start_line": 10, + "end_line": 10 + }, + "identifiers": [ + { + "type": "bandit_test_id", + "name": "Bandit Test ID B108", + "value": "B108", + "url": "https://docs.openstack.org/bandit/latest/plugins/b108_hardcoded_tmp_directory.html" + } + ], + "priority": "Medium", "file": "python/hardcoded/hardcoded-tmp.py", - "start_line": 10, - "end_line": 10 - }, - "identifiers": [ - { - "type": "bandit_test_id", - "name": "Bandit Test ID B108", - "value": "B108", - "url": "https://docs.openstack.org/bandit/latest/plugins/b108_hardcoded_tmp_directory.html" - } - ], - "priority": "Medium", - "file": "python/hardcoded/hardcoded-tmp.py", - "line": 10, - "url": "https://docs.openstack.org/bandit/latest/plugins/b108_hardcoded_tmp_directory.html", - "tool": "bandit" - }, - { - "category": "sast", - "message": "Consider possible security implications associated with Popen module.", - "cve": "python/imports/imports-aliases.py:2c3e1fa1e54c3c6646e8bcfaee2518153c6799b77587ff8d9a7b0631f6d34785:B404", - "severity": "Low", - "confidence": "High", - "scanner": { - "id": "bandit", - "name": "Bandit" - }, - "location": { + "line": 10, + "url": "https://docs.openstack.org/bandit/latest/plugins/b108_hardcoded_tmp_directory.html", + "tool": "bandit" + }, + { + "category": "sast", + "message": "Consider possible security implications associated with Popen module.", + "cve": "python/imports/imports-aliases.py:2c3e1fa1e54c3c6646e8bcfaee2518153c6799b77587ff8d9a7b0631f6d34785:B404", + "severity": "Low", + "confidence": "High", + "scanner": { + "id": "bandit", + "name": "Bandit" + }, + "location": { + "file": "python/imports/imports-aliases.py", + "start_line": 1, + "end_line": 1 + }, + "identifiers": [ + { + "type": "bandit_test_id", + "name": "Bandit Test ID B404", + "value": "B404" + } + ], + "priority": "Low", "file": "python/imports/imports-aliases.py", - "start_line": 1, - "end_line": 1 - }, - "identifiers": [ - { - "type": "bandit_test_id", - "name": "Bandit Test ID B404", - "value": "B404" - } - ], - "priority": "Low", - "file": "python/imports/imports-aliases.py", - "line": 1, - "tool": "bandit" - }, - { - "category": "sast", - "message": "Consider possible security implications associated with pickle module.", - "cve": "python/imports/imports.py:af58d07f6ad519ef5287fcae65bf1a6999448a1a3a8bc1ac2a11daa80d0b96bf:B403", - "severity": "Low", - "confidence": "High", - "scanner": { - "id": "bandit", - "name": "Bandit" - }, - "location": { + "line": 1, + "tool": "bandit" + }, + { + "category": "sast", + "message": "Consider possible security implications associated with pickle module.", + "cve": "python/imports/imports.py:af58d07f6ad519ef5287fcae65bf1a6999448a1a3a8bc1ac2a11daa80d0b96bf:B403", + "severity": "Low", + "confidence": "High", + "scanner": { + "id": "bandit", + "name": "Bandit" + }, + "location": { + "file": "python/imports/imports.py", + "start_line": 2, + "end_line": 2 + }, + "identifiers": [ + { + "type": "bandit_test_id", + "name": "Bandit Test ID B403", + "value": "B403" + } + ], + "priority": "Low", "file": "python/imports/imports.py", - "start_line": 2, - "end_line": 2 - }, - "identifiers": [ - { - "type": "bandit_test_id", - "name": "Bandit Test ID B403", - "value": "B403" - } - ], - "priority": "Low", - "file": "python/imports/imports.py", - "line": 2, - "tool": "bandit" - }, - { - "category": "sast", - "message": "Consider possible security implications associated with subprocess module.", - "cve": "python/imports/imports.py:8de9bc98029d212db530785a5f6780cfa663548746ff228ab8fa96c5bb82f089:B404", - "severity": "Low", - "confidence": "High", - "scanner": { - "id": "bandit", - "name": "Bandit" - }, - "location": { + "line": 2, + "tool": "bandit" + }, + { + "category": "sast", + "message": "Consider possible security implications associated with subprocess module.", + "cve": "python/imports/imports.py:8de9bc98029d212db530785a5f6780cfa663548746ff228ab8fa96c5bb82f089:B404", + "severity": "Low", + "confidence": "High", + "scanner": { + "id": "bandit", + "name": "Bandit" + }, + "location": { + "file": "python/imports/imports.py", + "start_line": 4, + "end_line": 4 + }, + "identifiers": [ + { + "type": "bandit_test_id", + "name": "Bandit Test ID B404", + "value": "B404" + } + ], + "priority": "Low", "file": "python/imports/imports.py", - "start_line": 4, - "end_line": 4 - }, - "identifiers": [ - { - "type": "bandit_test_id", - "name": "Bandit Test ID B404", - "value": "B404" - } - ], - "priority": "Low", - "file": "python/imports/imports.py", - "line": 4, - "tool": "bandit" - }, - { - "category": "sast", - "message": "Possible hardcoded password: 'blerg'", - "cve": "python/hardcoded/hardcoded-passwords.py:97c30f1d76d2a88913e3ce9ae74087874d740f87de8af697a9c455f01119f633:B106", - "severity": "Low", - "confidence": "Medium", - "scanner": { - "id": "bandit", - "name": "Bandit" - }, - "location": { + "line": 4, + "tool": "bandit" + }, + { + "category": "sast", + "message": "Possible hardcoded password: 'blerg'", + "cve": "python/hardcoded/hardcoded-passwords.py:97c30f1d76d2a88913e3ce9ae74087874d740f87de8af697a9c455f01119f633:B106", + "severity": "Low", + "confidence": "Medium", + "scanner": { + "id": "bandit", + "name": "Bandit" + }, + "location": { + "file": "python/hardcoded/hardcoded-passwords.py", + "start_line": 22, + "end_line": 22 + }, + "identifiers": [ + { + "type": "bandit_test_id", + "name": "Bandit Test ID B106", + "value": "B106", + "url": "https://docs.openstack.org/bandit/latest/plugins/b106_hardcoded_password_funcarg.html" + } + ], + "priority": "Low", "file": "python/hardcoded/hardcoded-passwords.py", - "start_line": 22, - "end_line": 22 - }, - "identifiers": [ - { - "type": "bandit_test_id", - "name": "Bandit Test ID B106", - "value": "B106", - "url": "https://docs.openstack.org/bandit/latest/plugins/b106_hardcoded_password_funcarg.html" - } - ], - "priority": "Low", - "file": "python/hardcoded/hardcoded-passwords.py", - "line": 22, - "url": "https://docs.openstack.org/bandit/latest/plugins/b106_hardcoded_password_funcarg.html", - "tool": "bandit" - }, - { - "category": "sast", - "message": "Possible hardcoded password: 'root'", - "cve": "python/hardcoded/hardcoded-passwords.py:7431c73a0bc16d94ece2a2e75ef38f302574d42c37ac0c3c38ad0b3bf8a59f10:B105", - "severity": "Low", - "confidence": "Medium", - "scanner": { - "id": "bandit", - "name": "Bandit" - }, - "location": { + "line": 22, + "url": "https://docs.openstack.org/bandit/latest/plugins/b106_hardcoded_password_funcarg.html", + "tool": "bandit" + }, + { + "category": "sast", + "message": "Possible hardcoded password: 'root'", + "cve": "python/hardcoded/hardcoded-passwords.py:7431c73a0bc16d94ece2a2e75ef38f302574d42c37ac0c3c38ad0b3bf8a59f10:B105", + "severity": "Low", + "confidence": "Medium", + "scanner": { + "id": "bandit", + "name": "Bandit" + }, + "location": { + "file": "python/hardcoded/hardcoded-passwords.py", + "start_line": 5, + "end_line": 5 + }, + "identifiers": [ + { + "type": "bandit_test_id", + "name": "Bandit Test ID B105", + "value": "B105", + "url": "https://docs.openstack.org/bandit/latest/plugins/b105_hardcoded_password_string.html" + } + ], + "priority": "Low", "file": "python/hardcoded/hardcoded-passwords.py", - "start_line": 5, - "end_line": 5 - }, - "identifiers": [ - { - "type": "bandit_test_id", - "name": "Bandit Test ID B105", - "value": "B105", - "url": "https://docs.openstack.org/bandit/latest/plugins/b105_hardcoded_password_string.html" - } - ], - "priority": "Low", - "file": "python/hardcoded/hardcoded-passwords.py", - "line": 5, - "url": "https://docs.openstack.org/bandit/latest/plugins/b105_hardcoded_password_string.html", - "tool": "bandit" - }, - { - "category": "sast", - "message": "Possible hardcoded password: ''", - "cve": "python/hardcoded/hardcoded-passwords.py:d2d1857c27caedd49c57bfbcdc23afcc92bd66a22701fcdc632869aab4ca73ee:B105", - "severity": "Low", - "confidence": "Medium", - "scanner": { - "id": "bandit", - "name": "Bandit" - }, - "location": { + "line": 5, + "url": "https://docs.openstack.org/bandit/latest/plugins/b105_hardcoded_password_string.html", + "tool": "bandit" + }, + { + "category": "sast", + "message": "Possible hardcoded password: ''", + "cve": "python/hardcoded/hardcoded-passwords.py:d2d1857c27caedd49c57bfbcdc23afcc92bd66a22701fcdc632869aab4ca73ee:B105", + "severity": "Low", + "confidence": "Medium", + "scanner": { + "id": "bandit", + "name": "Bandit" + }, + "location": { + "file": "python/hardcoded/hardcoded-passwords.py", + "start_line": 9, + "end_line": 9 + }, + "identifiers": [ + { + "type": "bandit_test_id", + "name": "Bandit Test ID B105", + "value": "B105", + "url": "https://docs.openstack.org/bandit/latest/plugins/b105_hardcoded_password_string.html" + } + ], + "priority": "Low", "file": "python/hardcoded/hardcoded-passwords.py", - "start_line": 9, - "end_line": 9 - }, - "identifiers": [ - { - "type": "bandit_test_id", - "name": "Bandit Test ID B105", - "value": "B105", - "url": "https://docs.openstack.org/bandit/latest/plugins/b105_hardcoded_password_string.html" - } - ], - "priority": "Low", - "file": "python/hardcoded/hardcoded-passwords.py", - "line": 9, - "url": "https://docs.openstack.org/bandit/latest/plugins/b105_hardcoded_password_string.html", - "tool": "bandit" - }, - { - "category": "sast", - "message": "Possible hardcoded password: 'ajklawejrkl42348swfgkg'", - "cve": "python/hardcoded/hardcoded-passwords.py:fb3866215a61393a5c9c32a3b60e2058171a23219c353f722cbd3567acab21d2:B105", - "severity": "Low", - "confidence": "Medium", - "scanner": { - "id": "bandit", - "name": "Bandit" - }, - "location": { + "line": 9, + "url": "https://docs.openstack.org/bandit/latest/plugins/b105_hardcoded_password_string.html", + "tool": "bandit" + }, + { + "category": "sast", + "message": "Possible hardcoded password: 'ajklawejrkl42348swfgkg'", + "cve": "python/hardcoded/hardcoded-passwords.py:fb3866215a61393a5c9c32a3b60e2058171a23219c353f722cbd3567acab21d2:B105", + "severity": "Low", + "confidence": "Medium", + "scanner": { + "id": "bandit", + "name": "Bandit" + }, + "location": { + "file": "python/hardcoded/hardcoded-passwords.py", + "start_line": 13, + "end_line": 13 + }, + "identifiers": [ + { + "type": "bandit_test_id", + "name": "Bandit Test ID B105", + "value": "B105", + "url": "https://docs.openstack.org/bandit/latest/plugins/b105_hardcoded_password_string.html" + } + ], + "priority": "Low", "file": "python/hardcoded/hardcoded-passwords.py", - "start_line": 13, - "end_line": 13 - }, - "identifiers": [ - { - "type": "bandit_test_id", - "name": "Bandit Test ID B105", - "value": "B105", - "url": "https://docs.openstack.org/bandit/latest/plugins/b105_hardcoded_password_string.html" - } - ], - "priority": "Low", - "file": "python/hardcoded/hardcoded-passwords.py", - "line": 13, - "url": "https://docs.openstack.org/bandit/latest/plugins/b105_hardcoded_password_string.html", - "tool": "bandit" - }, - { - "category": "sast", - "message": "Possible hardcoded password: 'blerg'", - "cve": "python/hardcoded/hardcoded-passwords.py:63c62a8b7e1e5224439bd26b28030585ac48741e28ca64561a6071080c560a5f:B105", - "severity": "Low", - "confidence": "Medium", - "scanner": { - "id": "bandit", - "name": "Bandit" - }, - "location": { + "line": 13, + "url": "https://docs.openstack.org/bandit/latest/plugins/b105_hardcoded_password_string.html", + "tool": "bandit" + }, + { + "category": "sast", + "message": "Possible hardcoded password: 'blerg'", + "cve": "python/hardcoded/hardcoded-passwords.py:63c62a8b7e1e5224439bd26b28030585ac48741e28ca64561a6071080c560a5f:B105", + "severity": "Low", + "confidence": "Medium", + "scanner": { + "id": "bandit", + "name": "Bandit" + }, + "location": { + "file": "python/hardcoded/hardcoded-passwords.py", + "start_line": 23, + "end_line": 23 + }, + "identifiers": [ + { + "type": "bandit_test_id", + "name": "Bandit Test ID B105", + "value": "B105", + "url": "https://docs.openstack.org/bandit/latest/plugins/b105_hardcoded_password_string.html" + } + ], + "priority": "Low", "file": "python/hardcoded/hardcoded-passwords.py", - "start_line": 23, - "end_line": 23 - }, - "identifiers": [ - { - "type": "bandit_test_id", - "name": "Bandit Test ID B105", - "value": "B105", - "url": "https://docs.openstack.org/bandit/latest/plugins/b105_hardcoded_password_string.html" - } - ], - "priority": "Low", - "file": "python/hardcoded/hardcoded-passwords.py", - "line": 23, - "url": "https://docs.openstack.org/bandit/latest/plugins/b105_hardcoded_password_string.html", - "tool": "bandit" - }, - { - "category": "sast", - "message": "Possible hardcoded password: 'blerg'", - "cve": "python/hardcoded/hardcoded-passwords.py:4311b06d08df8fa58229b341c531da8e1a31ec4520597bdff920cd5c098d86f9:B105", - "severity": "Low", - "confidence": "Medium", - "scanner": { - "id": "bandit", - "name": "Bandit" - }, - "location": { + "line": 23, + "url": "https://docs.openstack.org/bandit/latest/plugins/b105_hardcoded_password_string.html", + "tool": "bandit" + }, + { + "category": "sast", + "message": "Possible hardcoded password: 'blerg'", + "cve": "python/hardcoded/hardcoded-passwords.py:4311b06d08df8fa58229b341c531da8e1a31ec4520597bdff920cd5c098d86f9:B105", + "severity": "Low", + "confidence": "Medium", + "scanner": { + "id": "bandit", + "name": "Bandit" + }, + "location": { + "file": "python/hardcoded/hardcoded-passwords.py", + "start_line": 24, + "end_line": 24 + }, + "identifiers": [ + { + "type": "bandit_test_id", + "name": "Bandit Test ID B105", + "value": "B105", + "url": "https://docs.openstack.org/bandit/latest/plugins/b105_hardcoded_password_string.html" + } + ], + "priority": "Low", "file": "python/hardcoded/hardcoded-passwords.py", - "start_line": 24, - "end_line": 24 - }, - "identifiers": [ - { - "type": "bandit_test_id", - "name": "Bandit Test ID B105", - "value": "B105", - "url": "https://docs.openstack.org/bandit/latest/plugins/b105_hardcoded_password_string.html" - } - ], - "priority": "Low", - "file": "python/hardcoded/hardcoded-passwords.py", - "line": 24, - "url": "https://docs.openstack.org/bandit/latest/plugins/b105_hardcoded_password_string.html", - "tool": "bandit" - }, - { - "category": "sast", - "message": "Consider possible security implications associated with subprocess module.", - "cve": "python/imports/imports-function.py:5858400c2f39047787702de44d03361ef8d954c9d14bd54ee1c2bef9e6a7df93:B404", - "severity": "Low", - "confidence": "High", - "scanner": { - "id": "bandit", - "name": "Bandit" - }, - "location": { + "line": 24, + "url": "https://docs.openstack.org/bandit/latest/plugins/b105_hardcoded_password_string.html", + "tool": "bandit" + }, + { + "category": "sast", + "message": "Consider possible security implications associated with subprocess module.", + "cve": "python/imports/imports-function.py:5858400c2f39047787702de44d03361ef8d954c9d14bd54ee1c2bef9e6a7df93:B404", + "severity": "Low", + "confidence": "High", + "scanner": { + "id": "bandit", + "name": "Bandit" + }, + "location": { + "file": "python/imports/imports-function.py", + "start_line": 4, + "end_line": 4 + }, + "identifiers": [ + { + "type": "bandit_test_id", + "name": "Bandit Test ID B404", + "value": "B404" + } + ], + "priority": "Low", "file": "python/imports/imports-function.py", - "start_line": 4, - "end_line": 4 - }, - "identifiers": [ - { - "type": "bandit_test_id", - "name": "Bandit Test ID B404", - "value": "B404" - } - ], - "priority": "Low", - "file": "python/imports/imports-function.py", - "line": 4, - "tool": "bandit" - }, - { - "category": "sast", - "message": "Consider possible security implications associated with pickle module.", - "cve": "python/imports/imports-function.py:dbda3cf4190279d30e0aad7dd137eca11272b0b225e8af4e8bf39682da67d956:B403", - "severity": "Low", - "confidence": "High", - "scanner": { - "id": "bandit", - "name": "Bandit" - }, - "location": { + "line": 4, + "tool": "bandit" + }, + { + "category": "sast", + "message": "Consider possible security implications associated with pickle module.", + "cve": "python/imports/imports-function.py:dbda3cf4190279d30e0aad7dd137eca11272b0b225e8af4e8bf39682da67d956:B403", + "severity": "Low", + "confidence": "High", + "scanner": { + "id": "bandit", + "name": "Bandit" + }, + "location": { + "file": "python/imports/imports-function.py", + "start_line": 2, + "end_line": 2 + }, + "identifiers": [ + { + "type": "bandit_test_id", + "name": "Bandit Test ID B403", + "value": "B403" + } + ], + "priority": "Low", "file": "python/imports/imports-function.py", - "start_line": 2, - "end_line": 2 - }, - "identifiers": [ - { - "type": "bandit_test_id", - "name": "Bandit Test ID B403", - "value": "B403" - } - ], - "priority": "Low", - "file": "python/imports/imports-function.py", - "line": 2, - "tool": "bandit" - }, - { - "category": "sast", - "message": "Consider possible security implications associated with Popen module.", - "cve": "python/imports/imports-from.py:eb8a0db9cd1a8c1ab39a77e6025021b1261cc2a0b026b2f4a11fca4e0636d8dd:B404", - "severity": "Low", - "confidence": "High", - "scanner": { - "id": "bandit", - "name": "Bandit" - }, - "location": { + "line": 2, + "tool": "bandit" + }, + { + "category": "sast", + "message": "Consider possible security implications associated with Popen module.", + "cve": "python/imports/imports-from.py:eb8a0db9cd1a8c1ab39a77e6025021b1261cc2a0b026b2f4a11fca4e0636d8dd:B404", + "severity": "Low", + "confidence": "High", + "scanner": { + "id": "bandit", + "name": "Bandit" + }, + "location": { + "file": "python/imports/imports-from.py", + "start_line": 7, + "end_line": 7 + }, + "identifiers": [ + { + "type": "bandit_test_id", + "name": "Bandit Test ID B404", + "value": "B404" + } + ], + "priority": "Low", "file": "python/imports/imports-from.py", - "start_line": 7, - "end_line": 7 - }, - "identifiers": [ - { - "type": "bandit_test_id", - "name": "Bandit Test ID B404", - "value": "B404" - } - ], - "priority": "Low", - "file": "python/imports/imports-from.py", - "line": 7, - "tool": "bandit" - }, - { - "category": "sast", - "message": "subprocess call with shell=True seems safe, but may be changed in the future, consider rewriting without shell", - "cve": "python/imports/imports-aliases.py:f99f9721e27537fbcb6699a4cf39c6740d6234d2c6f06cfc2d9ea977313c483d:B602", - "severity": "Low", - "confidence": "High", - "scanner": { - "id": "bandit", - "name": "Bandit" - }, - "location": { + "line": 7, + "tool": "bandit" + }, + { + "category": "sast", + "message": "subprocess call with shell=True seems safe, but may be changed in the future, consider rewriting without shell", + "cve": "python/imports/imports-aliases.py:f99f9721e27537fbcb6699a4cf39c6740d6234d2c6f06cfc2d9ea977313c483d:B602", + "severity": "Low", + "confidence": "High", + "scanner": { + "id": "bandit", + "name": "Bandit" + }, + "location": { + "file": "python/imports/imports-aliases.py", + "start_line": 9, + "end_line": 9 + }, + "identifiers": [ + { + "type": "bandit_test_id", + "name": "Bandit Test ID B602", + "value": "B602", + "url": "https://docs.openstack.org/bandit/latest/plugins/b602_subprocess_popen_with_shell_equals_true.html" + } + ], + "priority": "Low", "file": "python/imports/imports-aliases.py", - "start_line": 9, - "end_line": 9 - }, - "identifiers": [ - { - "type": "bandit_test_id", - "name": "Bandit Test ID B602", - "value": "B602", - "url": "https://docs.openstack.org/bandit/latest/plugins/b602_subprocess_popen_with_shell_equals_true.html" - } - ], - "priority": "Low", - "file": "python/imports/imports-aliases.py", - "line": 9, - "url": "https://docs.openstack.org/bandit/latest/plugins/b602_subprocess_popen_with_shell_equals_true.html", - "tool": "bandit" - }, - { - "category": "sast", - "message": "Consider possible security implications associated with subprocess module.", - "cve": "python/imports/imports-from.py:332a12ab1146698f614a905ce6a6a5401497a12281aef200e80522711c69dcf4:B404", - "severity": "Low", - "confidence": "High", - "scanner": { - "id": "bandit", - "name": "Bandit" - }, - "location": { + "line": 9, + "url": "https://docs.openstack.org/bandit/latest/plugins/b602_subprocess_popen_with_shell_equals_true.html", + "tool": "bandit" + }, + { + "category": "sast", + "message": "Consider possible security implications associated with subprocess module.", + "cve": "python/imports/imports-from.py:332a12ab1146698f614a905ce6a6a5401497a12281aef200e80522711c69dcf4:B404", + "severity": "Low", + "confidence": "High", + "scanner": { + "id": "bandit", + "name": "Bandit" + }, + "location": { + "file": "python/imports/imports-from.py", + "start_line": 6, + "end_line": 6 + }, + "identifiers": [ + { + "type": "bandit_test_id", + "name": "Bandit Test ID B404", + "value": "B404" + } + ], + "priority": "Low", "file": "python/imports/imports-from.py", - "start_line": 6, - "end_line": 6 - }, - "identifiers": [ - { - "type": "bandit_test_id", - "name": "Bandit Test ID B404", - "value": "B404" - } - ], - "priority": "Low", - "file": "python/imports/imports-from.py", - "line": 6, - "tool": "bandit" - }, - { - "category": "sast", - "message": "Consider possible security implications associated with Popen module.", - "cve": "python/imports/imports-from.py:0a48de4a3d5348853a03666cb574697e3982998355e7a095a798bd02a5947276:B404", - "severity": "Low", - "confidence": "High", - "scanner": { - "id": "bandit", - "name": "Bandit" - }, - "location": { + "line": 6, + "tool": "bandit" + }, + { + "category": "sast", + "message": "Consider possible security implications associated with Popen module.", + "cve": "python/imports/imports-from.py:0a48de4a3d5348853a03666cb574697e3982998355e7a095a798bd02a5947276:B404", + "severity": "Low", + "confidence": "High", + "scanner": { + "id": "bandit", + "name": "Bandit" + }, + "location": { + "file": "python/imports/imports-from.py", + "start_line": 1, + "end_line": 2 + }, + "identifiers": [ + { + "type": "bandit_test_id", + "name": "Bandit Test ID B404", + "value": "B404" + } + ], + "priority": "Low", "file": "python/imports/imports-from.py", - "start_line": 1, - "end_line": 2 - }, - "identifiers": [ - { - "type": "bandit_test_id", - "name": "Bandit Test ID B404", - "value": "B404" - } - ], - "priority": "Low", - "file": "python/imports/imports-from.py", - "line": 1, - "tool": "bandit" - }, - { - "category": "sast", - "message": "Consider possible security implications associated with pickle module.", - "cve": "python/imports/imports-aliases.py:51b71661dff994bde3529639a727a678c8f5c4c96f00d300913f6d5be1bbdf26:B403", - "severity": "Low", - "confidence": "High", - "scanner": { - "id": "bandit", - "name": "Bandit" - }, - "location": { + "line": 1, + "tool": "bandit" + }, + { + "category": "sast", + "message": "Consider possible security implications associated with pickle module.", + "cve": "python/imports/imports-aliases.py:51b71661dff994bde3529639a727a678c8f5c4c96f00d300913f6d5be1bbdf26:B403", + "severity": "Low", + "confidence": "High", + "scanner": { + "id": "bandit", + "name": "Bandit" + }, + "location": { + "file": "python/imports/imports-aliases.py", + "start_line": 7, + "end_line": 8 + }, + "identifiers": [ + { + "type": "bandit_test_id", + "name": "Bandit Test ID B403", + "value": "B403" + } + ], + "priority": "Low", "file": "python/imports/imports-aliases.py", - "start_line": 7, - "end_line": 8 - }, - "identifiers": [ - { - "type": "bandit_test_id", - "name": "Bandit Test ID B403", - "value": "B403" - } - ], - "priority": "Low", - "file": "python/imports/imports-aliases.py", - "line": 7, - "tool": "bandit" - }, - { - "category": "sast", - "message": "Consider possible security implications associated with loads module.", - "cve": "python/imports/imports-aliases.py:6ff02aeb3149c01ab68484d794a94f58d5d3e3bb0d58557ef4153644ea68ea54:B403", - "severity": "Low", - "confidence": "High", - "scanner": { - "id": "bandit", - "name": "Bandit" - }, - "location": { + "line": 7, + "tool": "bandit" + }, + { + "category": "sast", + "message": "Consider possible security implications associated with loads module.", + "cve": "python/imports/imports-aliases.py:6ff02aeb3149c01ab68484d794a94f58d5d3e3bb0d58557ef4153644ea68ea54:B403", + "severity": "Low", + "confidence": "High", + "scanner": { + "id": "bandit", + "name": "Bandit" + }, + "location": { + "file": "python/imports/imports-aliases.py", + "start_line": 6, + "end_line": 6 + }, + "identifiers": [ + { + "type": "bandit_test_id", + "name": "Bandit Test ID B403", + "value": "B403" + } + ], + "priority": "Low", "file": "python/imports/imports-aliases.py", - "start_line": 6, - "end_line": 6 - }, - "identifiers": [ - { - "type": "bandit_test_id", - "name": "Bandit Test ID B403", - "value": "B403" - } - ], - "priority": "Low", - "file": "python/imports/imports-aliases.py", - "line": 6, - "tool": "bandit" - }, - { - "category": "sast", - "message": "Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120)", - "cve": "c/subdir/utils.c:b466873101951fe96e1332f6728eb7010acbbd5dfc3b65d7d53571d091a06d9e:CWE-119!/CWE-120", - "confidence": "Low", - "solution": "Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length", - "scanner": { - "id": "flawfinder", - "name": "Flawfinder" - }, - "location": { + "line": 6, + "tool": "bandit" + }, + { + "category": "sast", + "message": "Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120)", + "cve": "c/subdir/utils.c:b466873101951fe96e1332f6728eb7010acbbd5dfc3b65d7d53571d091a06d9e:CWE-119!/CWE-120", + "confidence": "Low", + "solution": "Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length", + "scanner": { + "id": "flawfinder", + "name": "Flawfinder" + }, + "location": { + "file": "c/subdir/utils.c", + "start_line": 4 + }, + "identifiers": [ + { + "type": "cwe", + "name": "CWE-119", + "value": "119", + "url": "https://cwe.mitre.org/data/definitions/119.html" + }, + { + "type": "cwe", + "name": "CWE-120", + "value": "120", + "url": "https://cwe.mitre.org/data/definitions/120.html" + } + ], "file": "c/subdir/utils.c", - "start_line": 4 - }, - "identifiers": [ - { - "type": "cwe", - "name": "CWE-119", - "value": "119", - "url": "https://cwe.mitre.org/data/definitions/119.html" - }, - { - "type": "cwe", - "name": "CWE-120", - "value": "120", - "url": "https://cwe.mitre.org/data/definitions/120.html" - } - ], - "file": "c/subdir/utils.c", - "line": 4, - "url": "https://cwe.mitre.org/data/definitions/119.html", - "tool": "flawfinder" - }, - { - "category": "sast", - "message": "Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362)", - "cve": "c/subdir/utils.c:bab681140fcc8fc3085b6bba74081b44ea145c1c98b5e70cf19ace2417d30770:CWE-362", - "confidence": "Low", - "scanner": { - "id": "flawfinder", - "name": "Flawfinder" - }, - "location": { + "line": 4, + "url": "https://cwe.mitre.org/data/definitions/119.html", + "tool": "flawfinder" + }, + { + "category": "sast", + "message": "Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362)", + "cve": "c/subdir/utils.c:bab681140fcc8fc3085b6bba74081b44ea145c1c98b5e70cf19ace2417d30770:CWE-362", + "confidence": "Low", + "scanner": { + "id": "flawfinder", + "name": "Flawfinder" + }, + "location": { + "file": "c/subdir/utils.c", + "start_line": 8 + }, + "identifiers": [ + { + "type": "cwe", + "name": "CWE-362", + "value": "362", + "url": "https://cwe.mitre.org/data/definitions/362.html" + } + ], "file": "c/subdir/utils.c", - "start_line": 8 - }, - "identifiers": [ - { - "type": "cwe", - "name": "CWE-362", - "value": "362", - "url": "https://cwe.mitre.org/data/definitions/362.html" - } - ], - "file": "c/subdir/utils.c", - "line": 8, - "url": "https://cwe.mitre.org/data/definitions/362.html", - "tool": "flawfinder" - }, - { - "category": "sast", - "message": "Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120)", - "cve": "cplusplus/src/hello.cpp:c8c6dd0afdae6814194cf0930b719f757ab7b379cf8f261e7f4f9f2f323a818a:CWE-119!/CWE-120", - "confidence": "Low", - "solution": "Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length", - "scanner": { - "id": "flawfinder", - "name": "Flawfinder" - }, - "location": { + "line": 8, + "url": "https://cwe.mitre.org/data/definitions/362.html", + "tool": "flawfinder" + }, + { + "category": "sast", + "message": "Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120)", + "cve": "cplusplus/src/hello.cpp:c8c6dd0afdae6814194cf0930b719f757ab7b379cf8f261e7f4f9f2f323a818a:CWE-119!/CWE-120", + "confidence": "Low", + "solution": "Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length", + "scanner": { + "id": "flawfinder", + "name": "Flawfinder" + }, + "location": { + "file": "cplusplus/src/hello.cpp", + "start_line": 6 + }, + "identifiers": [ + { + "type": "cwe", + "name": "CWE-119", + "value": "119", + "url": "https://cwe.mitre.org/data/definitions/119.html" + }, + { + "type": "cwe", + "name": "CWE-120", + "value": "120", + "url": "https://cwe.mitre.org/data/definitions/120.html" + } + ], "file": "cplusplus/src/hello.cpp", - "start_line": 6 - }, - "identifiers": [ - { - "type": "cwe", - "name": "CWE-119", - "value": "119", - "url": "https://cwe.mitre.org/data/definitions/119.html" - }, - { - "type": "cwe", - "name": "CWE-120", - "value": "120", - "url": "https://cwe.mitre.org/data/definitions/120.html" - } - ], - "file": "cplusplus/src/hello.cpp", - "line": 6, - "url": "https://cwe.mitre.org/data/definitions/119.html", - "tool": "flawfinder" - }, - { - "category": "sast", - "message": "Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120)", - "cve": "cplusplus/src/hello.cpp:331c04062c4fe0c7c486f66f59e82ad146ab33cdd76ae757ca41f392d568cbd0:CWE-120", - "confidence": "Low", - "solution": "Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)", - "scanner": { - "id": "flawfinder", - "name": "Flawfinder" - }, - "location": { + "line": 6, + "url": "https://cwe.mitre.org/data/definitions/119.html", + "tool": "flawfinder" + }, + { + "category": "sast", + "message": "Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120)", + "cve": "cplusplus/src/hello.cpp:331c04062c4fe0c7c486f66f59e82ad146ab33cdd76ae757ca41f392d568cbd0:CWE-120", + "confidence": "Low", + "solution": "Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)", + "scanner": { + "id": "flawfinder", + "name": "Flawfinder" + }, + "location": { + "file": "cplusplus/src/hello.cpp", + "start_line": 7 + }, + "identifiers": [ + { + "type": "cwe", + "name": "CWE-120", + "value": "120", + "url": "https://cwe.mitre.org/data/definitions/120.html" + } + ], "file": "cplusplus/src/hello.cpp", - "start_line": 7 - }, - "identifiers": [ - { - "type": "cwe", - "name": "CWE-120", - "value": "120", - "url": "https://cwe.mitre.org/data/definitions/120.html" - } - ], - "file": "cplusplus/src/hello.cpp", - "line": 7, - "url": "https://cwe.mitre.org/data/definitions/120.html", - "tool": "flawfinder" - } -] + "line": 7, + "url": "https://cwe.mitre.org/data/definitions/120.html", + "tool": "flawfinder" + } + ] +} diff --git a/spec/fixtures/security-reports/master.zip b/spec/fixtures/security-reports/master.zip index 4684aecb738db3cdf456879463820f5cdedc167e..2261b5a16741a7b5b9bedd188f6049804fc77850 100644 GIT binary patch delta 9113 zcmdmHa@12cz?+#xgqeYXgMq8P#W%>nzfPTzfx(H1fkBahVWO;3eeFcs?862EZQuWN zE!a6}@h|0-3rjR)cb93(ekm;MJF#g(N^tO}``MOi0^(IsOLl*+cxU@JXIrp9jw|z$ zdqVuYZ7s5&_Viwf6uYSX!^i6KXmqV+9d4JED9%K`G zRB*|Y7_L%_Xf6n!N4h+jxi^14o1LGw{Qi3epNQ%?a~yw6o4jg*&FP=PFm8%->lCmylNokTl)3ar%!)FJGI;&H5e?*tnFOlo5((E z`qH!uXLy;aV?!6rS#4re!R?X4`RA6RMg3Nx+kY4TOyY9?{8Xgx`De`q=j9qE?Oyuy ztgI_XkmfAjxWI&GhV3Q1w`!*5=laf{xIC$G+m%SpnL;fGc#oR5q=h|EVQ$^vadKOa zir(UGr`cE4Vpm@an6TD)gId7M{19<1ks5b9xsaN74?jQI8aH*mdeO`Y-qBA#iGE5w zC83g0?;MqETO!QtWU{*CfFN5>Nv}zV(#3O9ZhiUOXSQWIbvEyN-X_g8Ra0K#+ov?G zJ2SS<$P19PE&nHO`|*X*ihJJ;j!Y1Z(^`G3 z?9$!WPeOv0FM02JhvUmKhV+@GQ47C(6DypuhF7^&o~@qsO>6t2Im$CLS9(g`H(b3| z#e}iu@@6^Z?I-4L;q#QZQtI7XsJ+>rQ$OGI_?n=W zpa0w%#d!lQ?z+1=Da_RGlPkF(x-Mkfz16>#s_DG(-5(=$?C_3)c=4dT{Y)3_XE3dl zo$Dy8`NjP3THlH}lJEX~Jodk8cV_sKSBHx=JF2f|e_8r=-m%r6Pv1V*R`P+TzG~&a zww2S)xxDd^a9j1!?9|6wR(%}nO}7O$)}JzO3G}*HGLST^`G@j0sbYuangG^iSN_^1ScRWUI!XFC!<-IV(Q--=`0&cFh&H?|MGj z+Wy@iITl0_p_13@>y=Ubrh*U^>8RuVG{-5{H?|UiJfwkI7 zqN0Doc=A}|Dqe4^4L9~v@zYp5ODOf&J->#^p2pg|r4f^zPShq(o!IrE=R?VV$E7oh zPjSCK>i1-a%2}0qEgQcr_mqFjI~4rC>TL0~S&}FH^wQb!LQ4x0edRh#J-$8o*FC+V z=H7#-OkuSfxg6|Ujk+6zjAsP}YHx_MXBG9^?xOu%YwxDKg3yItQ|>*Vbo8#qyViTB zxc9hENfw*m;V!tC|Ek%=={2X1_Q~^dg_%3vJh*Ctg|Y+p0&^Av<@yPi9w@9c-pD1G zsk3Ia$G@0YcgWDZQlLM_Mc^i#P4sHRfRRT1(wu2oAP(ozR%TrGS97%%`Dks z{UC1s?NerQ;+G%36uUO@Lf*gaacWmsmSp;MmZ+xB%d4r1pSUk(Icsy|geQqp);`es zE?ywER5E61CD-(eNpfx8a~`JNtN&Wq8ksxy&(2KU$mAUtcLfN}@6F`jmB@U{ez13S+Nte(@7nLI3KEakNWL*y<#s~uSKF=i zSKi*Q>IvMA53p-oG`E&E`}$iqBXl zUY@*5?%(bg>`qL=47X?BDB1P#U$OR&(DsQ{POG1}?p+Z2=l=FajgDnE_@A-ednj|R z;In4*5(Dq>hbAW`8Fcw=ZRGY@f01oft!tq6g2nZ#FZDLu7p>I4es783#rh8xa=*)W z&z&B5Q%lpXe$tkuxB66kL{>x!Xa*_P_w{@zE$&#T(vy&?BHy}`**)`*L%z)Em>gF} zRaSvLG4{rL6ResKDolwltrszgNi#8wO~0kQ?#L9)lyh;5r>C#j(p$eKxnuX2KR4Ez zs^$DwkNs`gf8?6{saTir)$jJVua-Z%xKilsgB;1!0x>`38TD)aaOj2CZHr?4ywv`* zAH#E@%lq3`pJezeaN*+BRbRpj){4qsJ0$w0)8=l==9@EE_gJmmxh_{}Evr=jEO+ss z(8QgoOGJDFt*7#pUsi}}x&G|QgM|{x8>F8n%?mCMk3DqY``?xJJZ_Qd)i=)6e|Vso zz?6PWal=8Tg9o!u8E*`JQ2%pRyJxa6``Pn*Qtw1(Oz85@*eL0i^mf9Jb>IF@xWm}{ z{N)=ZrCC*{B__%j%niJ|c+qTzw=MRniw}7@x1R12tVo`6<}){A=2yAi3D5PT^PJmP zUYKw8sP*;o^U{s&7jOUjyJuBK%z|xC^cJ-*bKu~Yu>!Q{Dp(vN_P(%Ve|bxwvQ#3 z@88S(?zvpLD5vwYd*UB9+Y8tI+4}K$oT_zVZ1Z`$nQ!6+ZcMVSfB)vmqkG-j`~BBl zF8*K7o3(GDX^my=j76^=o3E%^upvsIrs&H>-;CEsf=+C`5h&VM_j30A)t(bqc!s<= zd%m#dn&0DshrQ>EKD~PCS6pA3xc1i~oux%xDa*C3ChgMPE^vC<&7|t-fye*duibxo zcKtivuxXxw4|^_u-FxY7j&iHpvEKLBUbAEwO-(zc{k5sy{!)(CYSqXY+2zN#Uh$sc z&HLQ(_-hf3E!}^Y@2UTr@&CQ7!CU*zx!)hwv#)YJ=6RoOrF)!d$fnRs2K7ZuriI&- z_ReJJk}?TB66RxKtzjRqLia@F`Ok-WOe9wv%BqyMnEOz)Sns;6)qTai{eGp_ei`%e z{VCw_IdGHzxa5my=K5H}sQYXeKEIYoYcX#waGhRMCe1Sc#7(~4rkl9~_GC-he?PQd zwscDRk&=kDYdY_Kew*G!QbKyy~@7F|3LxZkwZ~XZ3%_Obp zj7Km072Cz8D$U(HL;6U%)zT%~wjazlac0lh!Czo@d4=T62lwV!FAebYt#=5Y)>1g> zn0(fC%T=-&H-BkvI&NKbeonB(>umSP$GDcOLBwEwWSBI<%wwM8HmMdB!gmCiB~Z8%(vVd0HQbv>%(mdUVS72uXwT$xPxw^Azii*Lui7!|z(Z>Z^F?V< z`Tq6ZA#<;(#rA2Z`pIx^@G)9(@e(Z4ez5kbkA`A|H$Fj66h1mYy7+| zt8dZF1BTP5&t1mpqy5C9as5S|&d;1Sb=PA{>gPS+`mOq@Yq8;)Tf1AC^F6!wY?=He zEW>1FamM1OU8fWxkNM2MyfS$)Z|01Jg(sGB7%#WCzgy4I9bVw2{ir~`XOY%p?*s1V zv}Sg0eww=7t(*0@T(UqfQ-^_j^4`0-hwJwDc_j*^u6=Z6(&87RBPC~=+!5M=i8?D6g9a>1h!jlon+c7I_JMbi~SUHnRBN(#lLqa_uchn zoP9pBMRJp>^)1C`^(}wqNA!RF_;~W}vrqGG1{{9MW4Zcq+i_>1*5XTchuk;5+$>tV zj`QK~&y)2RByJ7v^_qGxS~GI)!=s0jK>f@@^b!xh`XWNE~g|Mtrrkz+j{ZP z4PNyM3)`~{j~R{3^$2oVRs#;mpHkG)loii5PHf3J=v}-4KgF?*x!zZ4` z|1;>>x+BHzoS8~ZQ>{kCp#q=Wb;3SRJKUBTT))WG~wO+PbT>FS?_P$bGW*q~?x5k{63psDJew*{^fR2RP{R1;B%To0Bwf6Vhv9T9!4R(!~ zm%R0kZs)0MGabTr*SCusKKqq+dkXX9!k7EPuE`#k6IzpLR&e{=Y|Dw$J63K;x#TrF ztx7o{|5Turk;}rh%+kvo_fN~J-FG)SYS}cW-oj#O*KhsS=eUz)`SK%nH^=Kux1SRd zczT;e+#lyjeEQm*ia!IkCGMM@_t(#)ZOi_wW4+fa%c`~4aNoAdc05?GQ(YHfr5SX7 zwP^bp2WQz``KI(}roG+VK+<@*BT#QblMUn=Y8&G|e_d+wzj zhKjng^DmuQ_cGx6Qw`b8T~;owQd6apeg>=U(v}GEk?~fWwL5;bSxx7QHijRu8i(~Z z*2M?v&D(L&{LX^T58O4Y1M+0xz0m z=be&fUs3Xd>yG0ew}%q?d!ob=?azx%w{Gm6|Lg3rh%Do+C0UEV%AC! z%8Pb)_C9ugChN0xX1wL*68ple;1$#7M7@-+w5(sj@mnW3e1+4ZHU`V-*}^iPb5(K< zoH9(j{NB6Z&mVEyKd}qky6;srwrq}U;x8+6YMIyK{_Wx2I>C3-1aG%q5sdZ~%b58w zH@Wr-_jR*1<$JyvM=oZ5ePyf0tETFC(O=5|FLfTbntur?I8?I>el}S{5E{~tYP*$a8DSX<6KXb}$%O1m{ z;=S!Z;vaOGDpm{FJ^!4=CEmODb*opoXy(QH@7Yf9&FX5qWpbkaao!7o%TKZns!TdR zbH?e{)>pPmdrwLVdb{Ic;_H^eZ|YLaJKTH|BE8QqU9d3A{Cq3tmR)U|EtTh*$QQlQ zF@73m)^taEXVd$=Z=RhjxqfZVs|})F&n6l-E?9q>`(t%r_BJmS%j3LL^|Lt^reCr* zU9e@#rb#kl5<&9%_1Qm{)XZ|6DA!c-XHV9x8i^hI{CpE;KRCE=!kypWo_p+@-FUc*1EZmmw`d4Y;p~kRQ;UH{Ld}|4f{W9`}}0^$ld%s zkW(>l!j2<~EdpI>>FLqVLhQE}iX5p=H@9U{S*PIpe&4IvX4O^c&m`ZUvHJOV>Z)76 zr`}qZmsah5RnA_d`uFKgM^oH%TdIP-o0jf;*B%oSy43mS_Vx>x3op-`8Yf#)`>rg| zcu+8JyJQB zQa+|l{ZqU}XYGHrsr&t}e!cMRv8Sze?9cmJ8Di_ZuInvWvw3~6?_000+F#>MUY&oo zCF=f;(R%sy zDhBzl)6NQQ3p;Ypi*ftD6{|IWEsH!S7#21y^v`^QxJ*6cIpO_(g&tSBci-4jxhE~^ ztk`9T+)|&Tflppuw>e<8H~fwKcHhshZ?4ELG-<6e`^8z;Drk23V&PqXg`O^FO)jbP zx7GAEysvkQ^!xdB?$19T_Pn3C$vwXA>%rgi_k2HV{l4zk!5^#3?dtz`pU;#07Lva1 z)7IX@k9OQX@~3^LvyMHlYyXaw?5~#nI9wWB|Jn3@nJPn6tIPbo`rkfx-&#M*?Ekf^oF(d^ zQD-)6FqIIwdb#rQx4Tc@GtamZbs;dkNr|WFp00oG{L|zubxVb`1x8zI^I5 z4xgP8dzBMrL~|Y%x^ZI0cef@joe$3sHOVD7-e>2onZa7euk%87W5Lb`{P(K2&oZ01 zDKq{q_q7hmtO{vPi--N6LLQ&rSMk3&dTagn<8w=d>x`8Ty|;Q77! z_L2r$K}_g5^V4JgeNy$GewxeIe7UNAzvlm=ptzV*Q@taN`_8UQU2t=n!N2M)%b#Zb+q+A4 z_Z;imIVbB+NQ9akvWWf1dc3#X%Bt~H0qZs6R2G8?0tbI~+zR|)R(VCoGwrQ$^_-WC zt{cvOZB+YOF)w3R@FYJbvxpr0IhFfR8 z_n&=P`Z(+MmTwIXa>tF2M?P>)c)setSIo6@ew(uR*;{`a8UD48)ZlTrq-Qjn$K|Z8 zs_qxpDbBlp_3Y*`|N7Zxa-r*= zcYXWu^}q1en6kKA+qY{(KDszd5L;9o2MRxWA@S!eBg-2Q&T`MFIc$2is< zEO@D!@kN96M1ln8GTH4iEh0A4vu3UlkXUr(7?YELO;Wrx_m)kgjL5vbCObl;PYX*5}qo zBlkSm!SyB<_7U4teD=o54DqB2Kuv~blDKp>M=OlMqpz>!utI2;pACBaG zP{VKeAiejq-@NlX+2_3flkoh(tK#&TPjMH$6DIW=vGuB{Ba*ucG&3E3W!CX#sjmu)MIxhOFrSmI`D?M}pmw!T; z&&HZ(JM0%~>Hcz^9sNMnUw7`a*5`Zg79CJ4kLlZa)Opg$-%r*)P+2q0jFsnD1wYs1 zFBxl+E^@3~0!4{<|ru?-}gr-iOIjx@O+T!I;V-)(IEK%aF;g}J#b#a1bze$|r z`-(WL-tLXP)2Ep&ix)F^d92p#(cD(Q*;|XE)y4iNxB6=|?b_k#rP;vEF=zFe-QI25 zAAFQ04Hk$#K6U$!g9YCdmgFZh#10kp9dq}2Re49{Y}&K4ca8rS^t`hT8 zCCv$e_1;hCOgpf|kga*!sS58))(`hij+)H+%rxS?Qwr0T@UV!_HXIN5H6p4sSZuzX zXZ`b7I-_F49f`P4593-rg1Ga&j;QEJyuP5?%eB|D$Mxil=SDMEFn<(C67pBcEl`}G z`$)B1Ug1vZwFgc%z1pm>Pdl! zD}LGDo`t%-K`h4vGrr~oRCw%O#NKj9H>YRcyUk4A_a3}iu)2PEgyZc)k)En&RynY? zZ<`rxZMiy1E8TWR;*IrcEE|`w{ZdoDA})GhN!BLQWuC>irs{vn{w17se*d;LtM663 z-_6fw@qK;Yw0e$j&+4UYEKUi!uep73(R%f}igK)}J)0*PzcclJ!ds~6Y7}O{HLZ|M z!ii07A&;B8^wulW+@Dz*2;0j3tv=^lvF7EnY_)Fg=6k=5^p|HY56uwU++#aW;NKka zz45wMyMEOj(o6SWuwL!!mUHV(tl#;6JN+y3nr@WUdYzwBmG0>DWih?2H{80kW}D9Z zL-}7z3}Y)7J(c+1d)=h*a>#k5tnR& zKC28nRz6v}FmaWY?ZU`VrnQfPPED%c^(x_I!zusxNjj%%p8Q;XV)dDu()+Ikl%`+a zvt#~l^Y5#BG=mPl%$lMWdUwu-9ZQW8LPH|=I<_Bg{~fv{K6^=O3^o>?6O}eSkd|_|xyI)HL z{~xV?>}b$ed{k(Wx5muN2U{4z439SlvBYFPc@cXdMN;h@qo+pR;*@Kf7I&{)S6I@2 zc#7@*2*i-1fG9ZF3Ctr znV=Nl=2^Jjz)(MO!yWb2x-8O5zRrjdYMbn<^;2b%NWG9u`G-yEH~8KqPF-WTZ}Hkc zr>`ZZN4GN`U3*lHznJ}FopY>d_OIeAtEL!obx&ClTRG$NUskivo4NHxR=$3H^U{pf z@^-&}DTqWp>c1-e|Mo+VlM^-5SXR04=xU`;GW4u2Vp0lcYnmdl*wi5`n&s%^FG^XD z4P45$ES(>jY9JO{9~okP`r@-S{=Y-Zc3ap>>zAuMJ*%>R^*xK$Z8_b2UMJT~5hy7w zyL@@q=|0VUKUc)G@AbX@amIu#x0N(+)Vmt(|M%n6{PllW1H2iT?3qPyEc#GkfB=Pt zEsY>ndX8>#eqKppX5K^%@yUNAd0j4BK7HAJg^?j7x9aYsD~t_LKDx1}D;qN|6nlzzUu@o%~0V$A#h7KAT6At}vq0$WFtY)<8DRg9|jt0Woaju>(&* zhCN&M5kxnve{l*#BO8X=vjwg6KsIcS$m9ktQII!v&t)5e9M*tF2Y9oxfdZM8ft5jp LiGiV83B&^cCaqEY delta 6477 zcmX@=xy?j2z?+#xgn@y9gCRKhzfX{Xf1L&+1A`M21A`)i%tTqG`p^(g24-8?gy^8m zBhjT5+zgB?FPIq^z(nmtU;o1fJZO%y~~i5RDW)#<^NwF-Q>!1{38OzbY^nLd!N6M&D`hTW}xt6_p#5qvzB&SAHH3= zZQJ)M#r3Mp7X5QOwcM7^7Czp!^_zKR&!wqnr`ja#eOi=OoO{v1G{q$Tb-hT%%L{F- z`}ML-md~(nOQ@Z?tcc-OQh|f@^(C7el`b5~d2;dPU!msb|M&j1_-J(0TI0=a`|gAJ z0ZDsqd(6CJGX3@Z9KG4{h+q~^_ViE1Q-Fu2?=Hk#T6+vGPO>M5IuQZuH{clBerHy#>nv09HEOWkG+Y?=# zf9_JrW38zlt`-u6J}~MB?_9N48}4eg5;M;HQ@T&i^m(sj9oL|8&{K z;`0YH)Aw%ieRICn&d)fMDwI1rWEGdZ&}Orj?l1q$UH9Iqz4ZFM*t_@sRc&_*Tv+-h zkuUhSY1GR4EZakSV!hcf?c_UHd2^dWPo}EX2dN8Dxd-!kn*@1Je&gT#l!H=-o$IgaNNkc^52sBl~)BW>UuE!jhdFN!CIM+;7+%@U! zuV9zyy1TaKY5#g$u{3~7_lrzeCjY|ZhK6Y_Y(EuQME=fO$FpR@){CbWde0MnQ*yho zOL_nFQ>D|4h35(KeVNvjzrYwh19C@D{j@GO#Sy2D3bU|>yJQ=$Q7J?hoz?J)T>O0D` z1Rn})D>D3Q@>Hcm)ot5F(d#{P`%R^5LS~(r5!F0RAm_oeU(bx{)+|dncbipMc3rUJ z0*4h#YTwAY9n6bgFrldC;@|R6t3OM``$JU>b*QS^=HvK9^Hep#8>Q-s$a2h z;k9KQ#onrBKl*vrmc)BKGJbHgb$wQ(?`^gEyx@h}kskxUZ>Vpc`o@g?v-M=VGxmpC zKN<1W{56}J{ARYez-2D3nBebkw}dez&J9pp`N83`tKJF|J&Bi6>rPG&O)2@A5S6=g z>&oPN>oaR6%KqJ9n!&a6%jFY}3$F=f!>V?IAXERL{llxf`DUqAc;~v#0y! zRPtOm_sFid>p6CQ`u6iv=T2QCDZkgL?qJiVyT|&jP0LEUSScG`vA(xk_n!Bg$5O4! zS%t;T;&MM96FK=xBXZuelb_BO7VYqoTjIH-FD-GO?!Wsxmsp>)`B#5$wznOB!lL5m zQEq|V*Ah)Qd*#9|cz)AZwA{SopX)jG>zD8S@?RyjN^-8b$9q>j+nj|G@@rxa6tRjQ z`{Xg#p{#1!^Yoh=elPl5xa!b3?|UkdTfXPM*GH5vpn`lI&&GUpMh1qN%nS@l3^J1^ zC@bSF$*)eb_djePaP)g!SMW2n%uA~r%#X}p$($8BZB_GYi%!=!o8K7cw*Gi$!6|4^ z!l0 z@%7c!24bEClU5|w8=bM#xai~|ap>2J@4S^~E_Nw)3rLGk+IH8JV`{)G%a@^7GLXzpGcERPYVAmewf{p_0jHZAm_2wyx(zBGbAP-rspLS%nmfNgNP6E`Gws5^{nz&Jg>;72 zhwr_Z_k|5Lm^U1AV_e0=!0*Bq^ zw&n1IFBcLu*p8*im~Bc4DB8T>h47o!Z(h~ifn}4FGA~)Q$Flu?!11U*qgK(?c21+6 z?P1MG|9$0r_g~NaVUy#w)$f&-bjZWEv;S>7P@m*zb$|D-n!C3>!Z4nd?+=BXVhw{On=Ka1*WxRiCP#-(Ym_cBqVsLwi7(L_lW!MTGn=w&A>)*O6uJk zJ$!5LJ-j7@&)_;+r7M4TN%(Cr^~T8c+_g{E7y2smA=u*sWlezNT@?^1<-)@7Ht zcj=n=UVgpymPvN?+qoY<+q{;{|8zM!^lSRR)vLrgY-LT}e(e7H%9TC#e^Pp=-O_c< z%vwj|w@>yKm8rMBW&M`1K6;+5{X72IH(vhN7s@h@-t{Bz%*9seC=u~>Hci#beZ za}?(75WAS6I;BlTl%+ty*8GsmG;PHh8k5CZ&PDD2ZoDq|L8;B%12z2w5umRWnOC0xK4Ze1ozv~z1zw&x9okI zQC+#^bKl3Qt{oeI2Up8E?uKI4o!FKiOsWfL1 zUGdGc_0zV;_*V0 z8Xaa&ZM(nm%!hEJ;`2s_<)@vA3Fv;mTgYt=yI6dUM%kzCTPtUo{l9)yv7|jT>db}> zPrEKGns;vYw)cMj-ye!z($=?2C@Mj~hb^_lN7H~uNM@(N+~+zLqI-CFwtSb`Q!=H0 zW{=|bZZ*{hPOJZZSDkD=b%Ouv=EJ${V&Oj?%sP-{vFS!s#>Br?Cr$+wGCy1Mv|Bv= z8sEB8@(O*EZ6q}64_SycTZozlVuWa9RdlIJnLrTuz|iqeLt2Jsd? zon*s|^FoTApMnyTK5{;e;CmEdr!8~(cvJFHVXG@b961GAhQa}XZrY0suSJOSYB%-r zRfJ3{&K6_|S7TL767ZKeo+WVnRpi5nT(0Bs*MAf_U0uSbyXClO{h8-1x#3@ZMKu;% zt3S$IKFd5dy#3A^Yu@Hp>!L554O}}pLFaI2g`Zi=izRvqQ+s|t*m6mzQB!DUXRrw=ut@VD&tQRG2_7?NxgLc1Vx%hGlf6%KfpUh4! zxNIlq!?ohfy|p?wJsv$T@v>WSdQG@{<&LatDOJy(9i8KCR8V@^dSVm5-S1zQ`}axK ze|uUkU;F87`u)E@yoBcUs>ICtrI@+n$_p`}kMH-%?GO2Ldr_~)F)?{(LnAlQUW0nS z>GL1#_~_@Z9w52yK-IDy1~wrj3;956u6t_zvs6#6slC*{@J?~a_Zm5uK>pvJQ*=KC zI+_G7OnML?G4oTmUyxO5Yf_9L^VFC#EvY<{CNHVpdGhU*uNQ5PZjo7+ z`0m9qjO`20Yzh_EnZT>okSI+Tw=370odMhh- zf9=ZrvUj20HJcZz?%TP+!0zjb9XY3*t2e|*uRlNW^mP%{Nj1tD?5~ zUS5CNYqg5Ib|dQ(wJKK+CKjhiU(a1CGcU}X;k95(1COc~`$SgBNz8AB(_5$hdbz2n zK)xdT_JNyQ!wZA*J0@3g9FDzzZS&gTp!@SChDUD>bz0|rY_gV&TK$oe7CW?`#!vjH zcjCo-9?6H(rwdywioZ2oSanI!-9W2~o!_*~SYP%C#xy^?R`#;CC{&2}&sp^SZ^Y}*N}ALC+m>$U((QFoKEUcdXN!QBr~D!VM+-G$ zb<>2C4Fy7c2Q_jnB+@L4dA8OkF1ReLzEnbGX@%=4Yef*LsyX$Eje+pY?vtt){5a&7 zJX)dJ|DdD!NsAZvvc0^9s`?Ucy=Qj6@cHCFcS_cTDbc4x?Tmx+9$0p-omh1GHplMt z`Q0biT=la)D$%848+^?wduGRykdz=Pzmu-(MSq25|w4@R?inB-b4&^M0{I;rxiYp7W0JF%g+^I_7QDbJm0_PP%eP`lVvC zXiw>jNp7w8RE{l5Ia55-=SpJ*hhe9?l*)XI2W^I}x8;^>7gnCX<00SSuF^o;Oog)S z=37gSumntqsZ6PtX(~LmGGi~(`blMh?w&?0Vp}iY3JQwxUM$jB$P#567;yjltjF^l z_iju*zP)zdEFo3-_hnz@B{yBzRuIGVJW_N8!|vQ?SN!@`Pdk;zm=^IqM7Sw}>EXVU zDKENbCkB~HMrU46|9rTp_x#`2i=TQE^6US1vst_nQ@r*z z9zR{ZreHDN2&sGOVX9n0XYP?HBU6xl3=oGR^&&rGc>R+yB)^ z99P88>0CEcCrsh&@2;B@mdy=Y7B-YvVY<}u1$6jJ0VU3_|JLArs z)R_P0{D;c)z1hM!KW?$?KDw3DOy*X+wfyw$M%Ri@C;X}9TUMIa(JFrRqT<l zc)i@9B^*4=UOFJbomr;=I8}?SW(XY6 zdR7t8)u7!gvzL38&fz1r3Y&of=`)t3) z*u`YOI2-)F@y@nlxeeO&r}IlRIrpdWKmS}?l97}$K`CHa>!Y~Dq_|B9JN?6=Im|p> z8}3x$QJ)?1$y23XQ^n%lgR6Ic|G!*P!L=^RG=I+8^?8q+y^8*BnX~?p{JFh<4yy^* zUHhWFD?~F`Q7358w;1`b@~WI?$JM2THgCDIS=D6q{Cz*l%tg)|pTBy0o`!f(QA(F& zqn4m^_ou-G_t|L!Lt8-)}f3=A)9<>a-XuQ3o$MP zjcK6{wji4m&ptVYOW6ybLH5id%-B1!DxgqfU|>*a*wUE71@>z3WCLXxUFXFgTvD$v dHaI+IaYdp7yjj^mT38ua8NM(wFzA3?0s!kt-#-8V diff --git a/spec/fixtures/security-reports/master/gl-dependency-scanning-report.json b/spec/fixtures/security-reports/master/gl-dependency-scanning-report.json index ce66f562175..8555be6618c 100644 --- a/spec/fixtures/security-reports/master/gl-dependency-scanning-report.json +++ b/spec/fixtures/security-reports/master/gl-dependency-scanning-report.json @@ -1,178 +1,181 @@ -[ - { - "category": "dependency_scanning", - "name": "io.netty/netty - CVE-2014-3488", - "message": "DoS by CPU exhaustion when using malicious SSL packets", - "cve": "app/pom.xml:io.netty/netty@3.9.1.Final:CVE-2014-3488", - "severity": "Unknown", - "solution": "Upgrade to the latest version", - "scanner": { - "id": "gemnasium", - "name": "Gemnasium" - }, - "location": { - "file": "app/pom.xml", - "dependency": { - "package": { - "name": "io.netty/netty" +{ + "version": "1.3", + "vulnerabilities": [ + { + "category": "dependency_scanning", + "name": "io.netty/netty - CVE-2014-3488", + "message": "DoS by CPU exhaustion when using malicious SSL packets", + "cve": "app/pom.xml:io.netty/netty@3.9.1.Final:CVE-2014-3488", + "severity": "Unknown", + "solution": "Upgrade to the latest version", + "scanner": { + "id": "gemnasium", + "name": "Gemnasium" + }, + "location": { + "file": "app/pom.xml", + "dependency": { + "package": { + "name": "io.netty/netty" + }, + "version": "3.9.1.Final" + } + }, + "identifiers": [ + { + "type": "gemnasium", + "name": "Gemnasium-d1bf36d9-9f07-46cd-9cfc-8675338ada8f", + "value": "d1bf36d9-9f07-46cd-9cfc-8675338ada8f", + "url": "https://deps.sec.gitlab.com/packages/maven/io.netty/netty/versions/3.9.1.Final/advisories" + }, + { + "type": "cve", + "name": "CVE-2014-3488", + "value": "CVE-2014-3488", + "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3488" + } + ], + "links": [ + { + "url": "https://bugzilla.redhat.com/CVE-2014-3488" }, - "version": "3.9.1.Final" - } + { + "url": "http://netty.io/news/2014/06/11/3.html" + }, + { + "url": "https://github.com/netty/netty/issues/2562" + } + ], + "priority": "Unknown", + "file": "app/pom.xml", + "url": "https://bugzilla.redhat.com/CVE-2014-3488", + "tool": "gemnasium" }, - "identifiers": [ - { - "type": "gemnasium", - "name": "Gemnasium-d1bf36d9-9f07-46cd-9cfc-8675338ada8f", - "value": "d1bf36d9-9f07-46cd-9cfc-8675338ada8f", - "url": "https://deps.sec.gitlab.com/packages/maven/io.netty/netty/versions/3.9.1.Final/advisories" - }, - { - "type": "cve", - "name": "CVE-2014-3488", - "value": "CVE-2014-3488", - "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3488" - } - ], - "links": [ - { - "url": "https://bugzilla.redhat.com/CVE-2014-3488" + { + "category": "dependency_scanning", + "name": "Django - CVE-2017-12794", + "message": "Possible XSS in traceback section of technical 500 debug page", + "cve": "app/requirements.txt:Django@1.11.3:CVE-2017-12794", + "severity": "Unknown", + "solution": "Upgrade to latest version or apply patch.", + "scanner": { + "id": "gemnasium", + "name": "Gemnasium" }, - { - "url": "http://netty.io/news/2014/06/11/3.html" + "location": { + "file": "app/requirements.txt", + "dependency": { + "package": { + "name": "Django" + }, + "version": "1.11.3" + } }, - { - "url": "https://github.com/netty/netty/issues/2562" - } - ], - "priority": "Unknown", - "file": "app/pom.xml", - "url": "https://bugzilla.redhat.com/CVE-2014-3488", - "tool": "gemnasium" - }, - { - "category": "dependency_scanning", - "name": "Django - CVE-2017-12794", - "message": "Possible XSS in traceback section of technical 500 debug page", - "cve": "app/requirements.txt:Django@1.11.3:CVE-2017-12794", - "severity": "Unknown", - "solution": "Upgrade to latest version or apply patch.", - "scanner": { - "id": "gemnasium", - "name": "Gemnasium" - }, - "location": { - "file": "app/requirements.txt", - "dependency": { - "package": { - "name": "Django" + "identifiers": [ + { + "type": "gemnasium", + "name": "Gemnasium-6162a015-8635-4a15-8d7c-dc9321db366f", + "value": "6162a015-8635-4a15-8d7c-dc9321db366f", + "url": "https://deps.sec.gitlab.com/packages/pypi/Django/versions/1.11.3/advisories" }, - "version": "1.11.3" - } + { + "type": "cve", + "name": "CVE-2017-12794", + "value": "CVE-2017-12794", + "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12794" + } + ], + "links": [ + { + "url": "https://www.djangoproject.com/weblog/2017/sep/05/security-releases/" + } + ], + "priority": "Unknown", + "file": "app/requirements.txt", + "url": "https://www.djangoproject.com/weblog/2017/sep/05/security-releases/", + "tool": "gemnasium" }, - "identifiers": [ - { - "type": "gemnasium", - "name": "Gemnasium-6162a015-8635-4a15-8d7c-dc9321db366f", - "value": "6162a015-8635-4a15-8d7c-dc9321db366f", - "url": "https://deps.sec.gitlab.com/packages/pypi/Django/versions/1.11.3/advisories" + { + "category": "dependency_scanning", + "name": "nokogiri - USN-3424-1", + "message": "Vulnerabilities in libxml2", + "cve": "rails/Gemfile.lock:nokogiri@1.8.0:USN-3424-1", + "severity": "Unknown", + "solution": "Upgrade to latest version.", + "scanner": { + "id": "gemnasium", + "name": "Gemnasium" }, - { - "type": "cve", - "name": "CVE-2017-12794", - "value": "CVE-2017-12794", - "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12794" - } - ], - "links": [ - { - "url": "https://www.djangoproject.com/weblog/2017/sep/05/security-releases/" - } - ], - "priority": "Unknown", - "file": "app/requirements.txt", - "url": "https://www.djangoproject.com/weblog/2017/sep/05/security-releases/", - "tool": "gemnasium" - }, - { - "category": "dependency_scanning", - "name": "nokogiri - USN-3424-1", - "message": "Vulnerabilities in libxml2", - "cve": "rails/Gemfile.lock:nokogiri@1.8.0:USN-3424-1", - "severity": "Unknown", - "solution": "Upgrade to latest version.", - "scanner": { - "id": "gemnasium", - "name": "Gemnasium" - }, - "location": { - "file": "rails/Gemfile.lock", - "dependency": { - "package": { - "name": "nokogiri" + "location": { + "file": "rails/Gemfile.lock", + "dependency": { + "package": { + "name": "nokogiri" + }, + "version": "1.8.0" + } + }, + "identifiers": [ + { + "type": "gemnasium", + "name": "Gemnasium-06565b64-486d-4326-b906-890d9915804d", + "value": "06565b64-486d-4326-b906-890d9915804d", + "url": "https://deps.sec.gitlab.com/packages/gem/nokogiri/versions/1.8.0/advisories" }, - "version": "1.8.0" - } + { + "type": "usn", + "name": "USN-3424-1", + "value": "USN-3424-1", + "url": "https://usn.ubuntu.com/3424-1/" + } + ], + "links": [ + { + "url": "https://github.com/sparklemotion/nokogiri/issues/1673" + } + ], + "priority": "Unknown", + "file": "rails/Gemfile.lock", + "url": "https://github.com/sparklemotion/nokogiri/issues/1673", + "tool": "gemnasium" }, - "identifiers": [ - { - "type": "gemnasium", - "name": "Gemnasium-06565b64-486d-4326-b906-890d9915804d", - "value": "06565b64-486d-4326-b906-890d9915804d", - "url": "https://deps.sec.gitlab.com/packages/gem/nokogiri/versions/1.8.0/advisories" + { + "category": "dependency_scanning", + "name": "ffi - CVE-2018-1000201", + "message": "ruby-ffi DDL loading issue on Windows OS", + "cve": "ffi:1.9.18:CVE-2018-1000201", + "severity": "High", + "solution": "upgrade to \u003e= 1.9.24", + "scanner": { + "id": "bundler_audit", + "name": "bundler-audit" }, - { - "type": "usn", - "name": "USN-3424-1", - "value": "USN-3424-1", - "url": "https://usn.ubuntu.com/3424-1/" - } - ], - "links": [ - { - "url": "https://github.com/sparklemotion/nokogiri/issues/1673" - } - ], - "priority": "Unknown", - "file": "rails/Gemfile.lock", - "url": "https://github.com/sparklemotion/nokogiri/issues/1673", - "tool": "gemnasium" - }, - { - "category": "dependency_scanning", - "name": "ffi - CVE-2018-1000201", - "message": "ruby-ffi DDL loading issue on Windows OS", - "cve": "ffi:1.9.18:CVE-2018-1000201", - "severity": "High", - "solution": "upgrade to \u003e= 1.9.24", - "scanner": { - "id": "bundler_audit", - "name": "bundler-audit" - }, - "location": { + "location": { + "file": "sast-sample-rails/Gemfile.lock", + "dependency": { + "package": { + "name": "ffi" + }, + "version": "1.9.18" + } + }, + "identifiers": [ + { + "type": "cve", + "name": "CVE-2018-1000201", + "value": "CVE-2018-1000201", + "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000201" + } + ], + "links": [ + { + "url": "https://github.com/ffi/ffi/releases/tag/1.9.24" + } + ], + "priority": "High", "file": "sast-sample-rails/Gemfile.lock", - "dependency": { - "package": { - "name": "ffi" - }, - "version": "1.9.18" - } - }, - "identifiers": [ - { - "type": "cve", - "name": "CVE-2018-1000201", - "value": "CVE-2018-1000201", - "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000201" - } - ], - "links": [ - { - "url": "https://github.com/ffi/ffi/releases/tag/1.9.24" - } - ], - "priority": "High", - "file": "sast-sample-rails/Gemfile.lock", - "url": "https://github.com/ffi/ffi/releases/tag/1.9.24", - "tool": "bundler_audit" - } -] + "url": "https://github.com/ffi/ffi/releases/tag/1.9.24", + "tool": "bundler_audit" + } + ] +} diff --git a/spec/fixtures/security-reports/master/gl-license-management-report.json b/spec/fixtures/security-reports/master/gl-license-management-report.json index fe91e4fb7ee..e0de6f58fdf 100644 --- a/spec/fixtures/security-reports/master/gl-license-management-report.json +++ b/spec/fixtures/security-reports/master/gl-license-management-report.json @@ -1,11 +1,386 @@ { "licenses": [ { - "count": 10, + "count": 52, "name": "MIT" + }, + { + "count": 3, + "name": "New BSD" + }, + { + "count": 1, + "name": "Apache 2.0" + }, + { + "count": 1, + "name": "unknown" } ], "dependencies": [ + { + "license": { + "name": "MIT", + "url": "http://opensource.org/licenses/mit-license" + }, + "dependency": { + "name": "actioncable", + "url": "http://rubyonrails.org", + "description": "WebSocket framework for Rails.", + "pathes": [ + "." + ] + } + }, + { + "license": { + "name": "MIT", + "url": "http://opensource.org/licenses/mit-license" + }, + "dependency": { + "name": "actionmailer", + "url": "http://rubyonrails.org", + "description": "Email composition, delivery, and receiving framework (part of Rails).", + "pathes": [ + "." + ] + } + }, + { + "license": { + "name": "MIT", + "url": "http://opensource.org/licenses/mit-license" + }, + "dependency": { + "name": "actionpack", + "url": "http://rubyonrails.org", + "description": "Web-flow and rendering framework putting the VC in MVC (part of Rails).", + "pathes": [ + "." + ] + } + }, + { + "license": { + "name": "MIT", + "url": "http://opensource.org/licenses/mit-license" + }, + "dependency": { + "name": "actionview", + "url": "http://rubyonrails.org", + "description": "Rendering framework putting the V in MVC (part of Rails).", + "pathes": [ + "." + ] + } + }, + { + "license": { + "name": "MIT", + "url": "http://opensource.org/licenses/mit-license" + }, + "dependency": { + "name": "activejob", + "url": "http://rubyonrails.org", + "description": "Job framework with pluggable queues.", + "pathes": [ + "." + ] + } + }, + { + "license": { + "name": "MIT", + "url": "http://opensource.org/licenses/mit-license" + }, + "dependency": { + "name": "activemodel", + "url": "http://rubyonrails.org", + "description": "A toolkit for building modeling frameworks (part of Rails).", + "pathes": [ + "." + ] + } + }, + { + "license": { + "name": "MIT", + "url": "http://opensource.org/licenses/mit-license" + }, + "dependency": { + "name": "activerecord", + "url": "http://rubyonrails.org", + "description": "Object-relational mapper framework (part of Rails).", + "pathes": [ + "." + ] + } + }, + { + "license": { + "name": "MIT", + "url": "http://opensource.org/licenses/mit-license" + }, + "dependency": { + "name": "activesupport", + "url": "http://rubyonrails.org", + "description": "A toolkit of support libraries and Ruby core extensions extracted from the Rails framework.", + "pathes": [ + "." + ] + } + }, + { + "license": { + "name": "MIT", + "url": "http://opensource.org/licenses/mit-license" + }, + "dependency": { + "name": "arel", + "url": "https://github.com/rails/arel", + "description": "Arel Really Exasperates Logicians Arel is a SQL AST manager for Ruby", + "pathes": [ + "." + ] + } + }, + { + "license": { + "name": "MIT", + "url": "http://opensource.org/licenses/mit-license" + }, + "dependency": { + "name": "builder", + "url": "http://onestepback.org", + "description": "Builders for MarkUp.", + "pathes": [ + "." + ] + } + }, + { + "license": { + "name": "MIT", + "url": "http://opensource.org/licenses/mit-license" + }, + "dependency": { + "name": "bundler", + "url": "http://bundler.io", + "description": "The best way to manage your application's dependencies", + "pathes": [ + "." + ] + } + }, + { + "license": { + "name": "MIT", + "url": "http://opensource.org/licenses/mit-license" + }, + "dependency": { + "name": "coffee-rails", + "url": "https://github.com/rails/coffee-rails", + "description": "CoffeeScript adapter for the Rails asset pipeline.", + "pathes": [ + "." + ] + } + }, + { + "license": { + "name": "MIT", + "url": "http://opensource.org/licenses/mit-license" + }, + "dependency": { + "name": "coffee-script", + "url": "http://github.com/josh/ruby-coffee-script", + "description": "Ruby CoffeeScript Compiler", + "pathes": [ + "." + ] + } + }, + { + "license": { + "name": "MIT", + "url": "http://opensource.org/licenses/mit-license" + }, + "dependency": { + "name": "coffee-script-source", + "url": "http://coffeescript.org", + "description": "The CoffeeScript Compiler", + "pathes": [ + "." + ] + } + }, + { + "license": { + "name": "MIT", + "url": "http://opensource.org/licenses/mit-license" + }, + "dependency": { + "name": "concurrent-ruby", + "url": "http://www.concurrent-ruby.com", + "description": "Modern concurrency tools for Ruby. Inspired by Erlang, Clojure, Scala, Haskell, F#, C#, Java, and classic concurrency patterns.", + "pathes": [ + "." + ] + } + }, + { + "license": { + "name": "MIT", + "url": "http://opensource.org/licenses/mit-license" + }, + "dependency": { + "name": "crass", + "url": "https://github.com/rgrove/crass/", + "description": "CSS parser based on the CSS Syntax Level 3 spec.", + "pathes": [ + "." + ] + } + }, + { + "license": { + "name": "MIT", + "url": "http://opensource.org/licenses/mit-license" + }, + "dependency": { + "name": "erubis", + "url": "http://www.kuwata-lab.com/erubis/", + "description": "a fast and extensible eRuby implementation which supports multi-language", + "pathes": [ + "." + ] + } + }, + { + "license": { + "name": "MIT", + "url": "http://opensource.org/licenses/mit-license" + }, + "dependency": { + "name": "execjs", + "url": "https://github.com/rails/execjs", + "description": "Run JavaScript code from Ruby", + "pathes": [ + "." + ] + } + }, + { + "license": { + "name": "New BSD", + "url": "http://opensource.org/licenses/BSD-3-Clause" + }, + "dependency": { + "name": "ffi", + "url": "http://wiki.github.com/ffi/ffi", + "description": "Ruby FFI", + "pathes": [ + "." + ] + } + }, + { + "license": { + "name": "MIT", + "url": "http://opensource.org/licenses/mit-license" + }, + "dependency": { + "name": "globalid", + "url": "http://www.rubyonrails.org", + "description": "Refer to any model with a URI: gid://app/class/id", + "pathes": [ + "." + ] + } + }, + { + "license": { + "name": "MIT", + "url": "http://opensource.org/licenses/mit-license" + }, + "dependency": { + "name": "i18n", + "url": "http://github.com/svenfuchs/i18n", + "description": "New wave Internationalization support for Ruby", + "pathes": [ + "." + ] + } + }, + { + "license": { + "name": "MIT", + "url": "http://opensource.org/licenses/mit-license" + }, + "dependency": { + "name": "jbuilder", + "url": "https://github.com/rails/jbuilder", + "description": "Create JSON structures via a Builder-style DSL", + "pathes": [ + "." + ] + } + }, + { + "license": { + "name": "MIT", + "url": "http://opensource.org/licenses/mit-license" + }, + "dependency": { + "name": "loofah", + "description": "", + "pathes": [ + "." + ] + } + }, + { + "license": { + "name": "MIT", + "url": "http://opensource.org/licenses/mit-license" + }, + "dependency": { + "name": "mail", + "url": "https://github.com/mikel/mail", + "description": "Mail provides a nice Ruby DSL for making, sending and reading emails.", + "pathes": [ + "." + ] + } + }, + { + "license": { + "name": "MIT", + "url": "http://opensource.org/licenses/mit-license" + }, + "dependency": { + "name": "method_source", + "url": "http://banisterfiend.wordpress.com", + "description": "retrieve the sourcecode for a method", + "pathes": [ + "." + ] + } + }, + { + "license": { + "name": "MIT", + "url": "http://opensource.org/licenses/mit-license" + }, + "dependency": { + "name": "mini_mime", + "url": "https://github.com/discourse/mini_mime", + "description": "A lightweight mime type lookup toy", + "pathes": [ + "." + ] + } + }, { "license": { "name": "MIT", @@ -26,9 +401,37 @@ "url": "http://opensource.org/licenses/mit-license" }, "dependency": { - "name": "mustermann", - "url": "https://github.com/sinatra/mustermann", - "description": "Your personal string matching expert.", + "name": "minitest", + "url": "https://github.com/seattlerb/minitest", + "description": "minitest provides a complete suite of testing facilities supporting TDD, BDD, mocking, and benchmarking", + "pathes": [ + "." + ] + } + }, + { + "license": { + "name": "MIT", + "url": "http://opensource.org/licenses/mit-license" + }, + "dependency": { + "name": "multi_json", + "url": "http://github.com/intridea/multi_json", + "description": "A common interface to multiple JSON libraries.", + "pathes": [ + "." + ] + } + }, + { + "license": { + "name": "MIT", + "url": "http://opensource.org/licenses/mit-license" + }, + "dependency": { + "name": "nio4r", + "url": "https://github.com/celluloid/nio4r", + "description": "NIO provides a high performance selector API for monitoring IO objects", "pathes": [ "." ] @@ -48,6 +451,20 @@ ] } }, + { + "license": { + "name": "New BSD", + "url": "http://opensource.org/licenses/BSD-3-Clause" + }, + "dependency": { + "name": "puma", + "url": "http://puma.io", + "description": "Puma is a simple, fast, threaded, and highly concurrent HTTP 1.1 server for Ruby/Rack applications", + "pathes": [ + "." + ] + } + }, { "license": { "name": "MIT", @@ -68,9 +485,147 @@ "url": "http://opensource.org/licenses/mit-license" }, "dependency": { - "name": "rack-protection", - "url": "http://github.com/sinatra/sinatra/tree/master/rack-protection", - "description": "Protect against typical web attacks, works with all Rack apps, including Rails.", + "name": "rack-test", + "url": "http://github.com/brynary/rack-test", + "description": "Simple testing API built on Rack", + "pathes": [ + "." + ] + } + }, + { + "license": { + "name": "MIT", + "url": "http://opensource.org/licenses/mit-license" + }, + "dependency": { + "name": "rails", + "url": "http://rubyonrails.org", + "description": "Full-stack web application framework.", + "pathes": [ + "." + ] + } + }, + { + "license": { + "name": "MIT", + "url": "http://opensource.org/licenses/mit-license" + }, + "dependency": { + "name": "rails-dom-testing", + "url": "https://github.com/rails/rails-dom-testing", + "description": "Dom and Selector assertions for Rails applications", + "pathes": [ + "." + ] + } + }, + { + "license": { + "name": "MIT", + "url": "http://opensource.org/licenses/mit-license" + }, + "dependency": { + "name": "rails-html-sanitizer", + "url": "https://github.com/rails/rails-html-sanitizer", + "description": "This gem is responsible to sanitize HTML fragments in Rails applications.", + "pathes": [ + "." + ] + } + }, + { + "license": { + "name": "MIT", + "url": "http://opensource.org/licenses/mit-license" + }, + "dependency": { + "name": "railties", + "url": "http://rubyonrails.org", + "description": "Tools for creating, working with, and running Rails applications.", + "pathes": [ + "." + ] + } + }, + { + "license": { + "name": "MIT", + "url": "http://opensource.org/licenses/mit-license" + }, + "dependency": { + "name": "rake", + "url": "https://github.com/ruby/rake", + "description": "Rake is a Make-like program implemented in Ruby", + "pathes": [ + "." + ] + } + }, + { + "license": { + "name": "MIT", + "url": "http://opensource.org/licenses/mit-license" + }, + "dependency": { + "name": "rb-fsevent", + "url": "http://rubygems.org/gems/rb-fsevent", + "description": "Very simple & usable FSEvents API", + "pathes": [ + "." + ] + } + }, + { + "license": { + "name": "MIT", + "url": "http://opensource.org/licenses/mit-license" + }, + "dependency": { + "name": "rb-inotify", + "url": "https://github.com/guard/rb-inotify", + "description": "A Ruby wrapper for Linux inotify, using FFI", + "pathes": [ + "." + ] + } + }, + { + "license": { + "name": "unknown" + }, + "dependency": { + "name": "ruby-bundler-rails", + "description": "", + "pathes": [ + "." + ] + } + }, + { + "license": { + "name": "MIT", + "url": "http://opensource.org/licenses/mit-license" + }, + "dependency": { + "name": "sass", + "url": "http://sass-lang.com/", + "description": "A powerful but elegant CSS compiler that makes CSS fun again.", + "pathes": [ + "." + ] + } + }, + { + "license": { + "name": "MIT", + "url": "http://opensource.org/licenses/mit-license" + }, + "dependency": { + "name": "sass-listen", + "url": "https://github.com/sass/listen", + "description": "Fork of guard/listen", "pathes": [ "." ] @@ -82,9 +637,9 @@ "url": "http://opensource.org/licenses/mit-license" }, "dependency": { - "name": "redis", - "url": "https://github.com/redis/redis-rb", - "description": "A Ruby client library for Redis", + "name": "sass-rails", + "url": "https://github.com/rails/sass-rails", + "description": "Sass adapter for the Rails asset pipeline.", "pathes": [ "." ] @@ -96,9 +651,9 @@ "url": "http://opensource.org/licenses/mit-license" }, "dependency": { - "name": "sinatra", - "url": "http://www.sinatrarb.com/", - "description": "Classy web-development dressed in a DSL", + "name": "sprockets", + "url": "https://github.com/rails/sprockets", + "description": "Rack-based asset packaging system", "pathes": [ "." ] @@ -110,9 +665,23 @@ "url": "http://opensource.org/licenses/mit-license" }, "dependency": { - "name": "slim", - "url": "http://slim-lang.com/", - "description": "Slim is a template language.", + "name": "sprockets-rails", + "url": "https://github.com/rails/sprockets-rails", + "description": "Sprockets Rails integration", + "pathes": [ + "." + ] + } + }, + { + "license": { + "name": "New BSD", + "url": "http://opensource.org/licenses/BSD-3-Clause" + }, + "dependency": { + "name": "sqlite3", + "url": "https://github.com/sparklemotion/sqlite3-ruby", + "description": "This module allows Ruby programs to interface with the SQLite3 database engine (http://www.sqlite.org)", "pathes": [ "." ] @@ -124,9 +693,23 @@ "url": "http://opensource.org/licenses/mit-license" }, "dependency": { - "name": "temple", - "url": "https://github.com/judofyr/temple", - "description": "Template compilation framework in Ruby", + "name": "thor", + "url": "http://whatisthor.com/", + "description": "Thor is a toolkit for building powerful command-line interfaces.", + "pathes": [ + "." + ] + } + }, + { + "license": { + "name": "Apache 2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0.txt" + }, + "dependency": { + "name": "thread_safe", + "url": "https://github.com/ruby-concurrency/thread_safe", + "description": "Thread-safe collections and utilities for Ruby", "pathes": [ "." ] @@ -145,6 +728,90 @@ "." ] } + }, + { + "license": { + "name": "MIT", + "url": "http://opensource.org/licenses/mit-license" + }, + "dependency": { + "name": "turbolinks", + "url": "https://github.com/turbolinks/turbolinks", + "description": "Turbolinks makes navigating your web application faster", + "pathes": [ + "." + ] + } + }, + { + "license": { + "name": "MIT", + "url": "http://opensource.org/licenses/mit-license" + }, + "dependency": { + "name": "turbolinks-source", + "url": "https://github.com/turbolinks/turbolinks-source-gem", + "description": "Turbolinks JavaScript assets", + "pathes": [ + "." + ] + } + }, + { + "license": { + "name": "MIT", + "url": "http://opensource.org/licenses/mit-license" + }, + "dependency": { + "name": "tzinfo", + "url": "http://tzinfo.github.io", + "description": "Daylight savings aware timezone library", + "pathes": [ + "." + ] + } + }, + { + "license": { + "name": "MIT", + "url": "http://opensource.org/licenses/mit-license" + }, + "dependency": { + "name": "uglifier", + "url": "http://github.com/lautis/uglifier", + "description": "Ruby wrapper for UglifyJS JavaScript compressor", + "pathes": [ + "." + ] + } + }, + { + "license": { + "name": "MIT", + "url": "http://opensource.org/licenses/mit-license" + }, + "dependency": { + "name": "websocket-driver", + "url": "http://github.com/faye/websocket-driver-ruby", + "description": "WebSocket protocol handler with pluggable I/O", + "pathes": [ + "." + ] + } + }, + { + "license": { + "name": "MIT", + "url": "http://opensource.org/licenses/mit-license" + }, + "dependency": { + "name": "websocket-extensions", + "url": "https://github.com/faye/websocket-extensions-ruby", + "description": "Generic extension manager for WebSocket connections", + "pathes": [ + "." + ] + } } ] } diff --git a/spec/fixtures/security-reports/master/gl-sast-report.json b/spec/fixtures/security-reports/master/gl-sast-report.json index a85b9be8b5f..4bef3d22f70 100644 --- a/spec/fixtures/security-reports/master/gl-sast-report.json +++ b/spec/fixtures/security-reports/master/gl-sast-report.json @@ -1,944 +1,947 @@ -[ - { - "category": "sast", - "message": "Probable insecure usage of temp file/directory.", - "cve": "python/hardcoded/hardcoded-tmp.py:52865813c884a507be1f152d654245af34aba8a391626d01f1ab6d3f52ec8779:B108", - "severity": "Medium", - "confidence": "Medium", - "scanner": { - "id": "bandit", - "name": "Bandit" - }, - "location": { +{ + "version": "1.2", + "vulnerabilities": [ + { + "category": "sast", + "message": "Probable insecure usage of temp file/directory.", + "cve": "python/hardcoded/hardcoded-tmp.py:52865813c884a507be1f152d654245af34aba8a391626d01f1ab6d3f52ec8779:B108", + "severity": "Medium", + "confidence": "Medium", + "scanner": { + "id": "bandit", + "name": "Bandit" + }, + "location": { + "file": "python/hardcoded/hardcoded-tmp.py", + "start_line": 1, + "end_line": 1 + }, + "identifiers": [ + { + "type": "bandit_test_id", + "name": "Bandit Test ID B108", + "value": "B108", + "url": "https://docs.openstack.org/bandit/latest/plugins/b108_hardcoded_tmp_directory.html" + } + ], + "priority": "Medium", "file": "python/hardcoded/hardcoded-tmp.py", - "start_line": 1, - "end_line": 1 - }, - "identifiers": [ - { - "type": "bandit_test_id", - "name": "Bandit Test ID B108", - "value": "B108", - "url": "https://docs.openstack.org/bandit/latest/plugins/b108_hardcoded_tmp_directory.html" - } - ], - "priority": "Medium", - "file": "python/hardcoded/hardcoded-tmp.py", - "line": 1, - "url": "https://docs.openstack.org/bandit/latest/plugins/b108_hardcoded_tmp_directory.html", - "tool": "bandit" - }, - { - "category": "sast", - "name": "Predictable pseudorandom number generator", - "message": "Predictable pseudorandom number generator", - "cve": "groovy/src/main/java/com/gitlab/security_products/tests/App.groovy:47:PREDICTABLE_RANDOM", - "severity": "Medium", - "confidence": "Medium", - "scanner": { - "id": "find_sec_bugs", - "name": "Find Security Bugs" - }, - "location": { + "line": 1, + "url": "https://docs.openstack.org/bandit/latest/plugins/b108_hardcoded_tmp_directory.html", + "tool": "bandit" + }, + { + "category": "sast", + "name": "Predictable pseudorandom number generator", + "message": "Predictable pseudorandom number generator", + "cve": "groovy/src/main/java/com/gitlab/security_products/tests/App.groovy:47:PREDICTABLE_RANDOM", + "severity": "Medium", + "confidence": "Medium", + "scanner": { + "id": "find_sec_bugs", + "name": "Find Security Bugs" + }, + "location": { + "file": "groovy/src/main/java/com/gitlab/security_products/tests/App.groovy", + "start_line": 47, + "end_line": 47, + "class": "com.gitlab.security_products.tests.App", + "method": "generateSecretToken2" + }, + "identifiers": [ + { + "type": "find_sec_bugs_type", + "name": "Find Security Bugs-PREDICTABLE_RANDOM", + "value": "PREDICTABLE_RANDOM", + "url": "https://find-sec-bugs.github.io/bugs.htm#PREDICTABLE_RANDOM" + } + ], + "priority": "Medium", "file": "groovy/src/main/java/com/gitlab/security_products/tests/App.groovy", - "start_line": 47, - "end_line": 47, - "class": "com.gitlab.security_products.tests.App", - "method": "generateSecretToken2" - }, - "identifiers": [ - { - "type": "find_sec_bugs_type", - "name": "Find Security Bugs-PREDICTABLE_RANDOM", - "value": "PREDICTABLE_RANDOM", - "url": "https://find-sec-bugs.github.io/bugs.htm#PREDICTABLE_RANDOM" - } - ], - "priority": "Medium", - "file": "groovy/src/main/java/com/gitlab/security_products/tests/App.groovy", - "line": 47, - "url": "https://find-sec-bugs.github.io/bugs.htm#PREDICTABLE_RANDOM", - "tool": "find_sec_bugs" - }, - { - "category": "sast", - "name": "Predictable pseudorandom number generator", - "message": "Predictable pseudorandom number generator", - "cve": "groovy/src/main/java/com/gitlab/security_products/tests/App.groovy:41:PREDICTABLE_RANDOM", - "severity": "Medium", - "confidence": "Medium", - "scanner": { - "id": "find_sec_bugs", - "name": "Find Security Bugs" - }, - "location": { + "line": 47, + "url": "https://find-sec-bugs.github.io/bugs.htm#PREDICTABLE_RANDOM", + "tool": "find_sec_bugs" + }, + { + "category": "sast", + "name": "Predictable pseudorandom number generator", + "message": "Predictable pseudorandom number generator", + "cve": "groovy/src/main/java/com/gitlab/security_products/tests/App.groovy:41:PREDICTABLE_RANDOM", + "severity": "Medium", + "confidence": "Medium", + "scanner": { + "id": "find_sec_bugs", + "name": "Find Security Bugs" + }, + "location": { + "file": "groovy/src/main/java/com/gitlab/security_products/tests/App.groovy", + "start_line": 41, + "end_line": 41, + "class": "com.gitlab.security_products.tests.App", + "method": "generateSecretToken1" + }, + "identifiers": [ + { + "type": "find_sec_bugs_type", + "name": "Find Security Bugs-PREDICTABLE_RANDOM", + "value": "PREDICTABLE_RANDOM", + "url": "https://find-sec-bugs.github.io/bugs.htm#PREDICTABLE_RANDOM" + } + ], + "priority": "Medium", "file": "groovy/src/main/java/com/gitlab/security_products/tests/App.groovy", - "start_line": 41, - "end_line": 41, - "class": "com.gitlab.security_products.tests.App", - "method": "generateSecretToken1" - }, - "identifiers": [ - { - "type": "find_sec_bugs_type", - "name": "Find Security Bugs-PREDICTABLE_RANDOM", - "value": "PREDICTABLE_RANDOM", - "url": "https://find-sec-bugs.github.io/bugs.htm#PREDICTABLE_RANDOM" - } - ], - "priority": "Medium", - "file": "groovy/src/main/java/com/gitlab/security_products/tests/App.groovy", - "line": 41, - "url": "https://find-sec-bugs.github.io/bugs.htm#PREDICTABLE_RANDOM", - "tool": "find_sec_bugs" - }, - { - "category": "sast", - "message": "Use of insecure MD2, MD4, or MD5 hash function.", - "cve": "python/imports/imports-aliases.py:cb203b465dffb0cb3a8e8bd8910b84b93b0a5995a938e4b903dbb0cd6ffa1254:B303", - "severity": "Medium", - "confidence": "High", - "scanner": { - "id": "bandit", - "name": "Bandit" - }, - "location": { + "line": 41, + "url": "https://find-sec-bugs.github.io/bugs.htm#PREDICTABLE_RANDOM", + "tool": "find_sec_bugs" + }, + { + "category": "sast", + "message": "Use of insecure MD2, MD4, or MD5 hash function.", + "cve": "python/imports/imports-aliases.py:cb203b465dffb0cb3a8e8bd8910b84b93b0a5995a938e4b903dbb0cd6ffa1254:B303", + "severity": "Medium", + "confidence": "High", + "scanner": { + "id": "bandit", + "name": "Bandit" + }, + "location": { + "file": "python/imports/imports-aliases.py", + "start_line": 11, + "end_line": 11 + }, + "identifiers": [ + { + "type": "bandit_test_id", + "name": "Bandit Test ID B303", + "value": "B303" + } + ], + "priority": "Medium", "file": "python/imports/imports-aliases.py", - "start_line": 11, - "end_line": 11 - }, - "identifiers": [ - { - "type": "bandit_test_id", - "name": "Bandit Test ID B303", - "value": "B303" - } - ], - "priority": "Medium", - "file": "python/imports/imports-aliases.py", - "line": 11, - "tool": "bandit" - }, - { - "category": "sast", - "message": "Use of insecure MD2, MD4, or MD5 hash function.", - "cve": "python/imports/imports-aliases.py:a7173c43ae66bd07466632d819d450e0071e02dbf782763640d1092981f9631b:B303", - "severity": "Medium", - "confidence": "High", - "scanner": { - "id": "bandit", - "name": "Bandit" - }, - "location": { + "line": 11, + "tool": "bandit" + }, + { + "category": "sast", + "message": "Use of insecure MD2, MD4, or MD5 hash function.", + "cve": "python/imports/imports-aliases.py:a7173c43ae66bd07466632d819d450e0071e02dbf782763640d1092981f9631b:B303", + "severity": "Medium", + "confidence": "High", + "scanner": { + "id": "bandit", + "name": "Bandit" + }, + "location": { + "file": "python/imports/imports-aliases.py", + "start_line": 12, + "end_line": 12 + }, + "identifiers": [ + { + "type": "bandit_test_id", + "name": "Bandit Test ID B303", + "value": "B303" + } + ], + "priority": "Medium", "file": "python/imports/imports-aliases.py", - "start_line": 12, - "end_line": 12 - }, - "identifiers": [ - { - "type": "bandit_test_id", - "name": "Bandit Test ID B303", - "value": "B303" - } - ], - "priority": "Medium", - "file": "python/imports/imports-aliases.py", - "line": 12, - "tool": "bandit" - }, - { - "category": "sast", - "message": "Use of insecure MD2, MD4, or MD5 hash function.", - "cve": "python/imports/imports-aliases.py:017017b77deb0b8369b6065947833eeea752a92ec8a700db590fece3e934cf0d:B303", - "severity": "Medium", - "confidence": "High", - "scanner": { - "id": "bandit", - "name": "Bandit" - }, - "location": { + "line": 12, + "tool": "bandit" + }, + { + "category": "sast", + "message": "Use of insecure MD2, MD4, or MD5 hash function.", + "cve": "python/imports/imports-aliases.py:017017b77deb0b8369b6065947833eeea752a92ec8a700db590fece3e934cf0d:B303", + "severity": "Medium", + "confidence": "High", + "scanner": { + "id": "bandit", + "name": "Bandit" + }, + "location": { + "file": "python/imports/imports-aliases.py", + "start_line": 13, + "end_line": 13 + }, + "identifiers": [ + { + "type": "bandit_test_id", + "name": "Bandit Test ID B303", + "value": "B303" + } + ], + "priority": "Medium", "file": "python/imports/imports-aliases.py", - "start_line": 13, - "end_line": 13 - }, - "identifiers": [ - { - "type": "bandit_test_id", - "name": "Bandit Test ID B303", - "value": "B303" - } - ], - "priority": "Medium", - "file": "python/imports/imports-aliases.py", - "line": 13, - "tool": "bandit" - }, - { - "category": "sast", - "message": "Use of insecure MD2, MD4, or MD5 hash function.", - "cve": "python/imports/imports-aliases.py:45fc8c53aea7b84f06bc4e590cc667678d6073c4c8a1d471177ca2146fb22db2:B303", - "severity": "Medium", - "confidence": "High", - "scanner": { - "id": "bandit", - "name": "Bandit" - }, - "location": { + "line": 13, + "tool": "bandit" + }, + { + "category": "sast", + "message": "Use of insecure MD2, MD4, or MD5 hash function.", + "cve": "python/imports/imports-aliases.py:45fc8c53aea7b84f06bc4e590cc667678d6073c4c8a1d471177ca2146fb22db2:B303", + "severity": "Medium", + "confidence": "High", + "scanner": { + "id": "bandit", + "name": "Bandit" + }, + "location": { + "file": "python/imports/imports-aliases.py", + "start_line": 14, + "end_line": 14 + }, + "identifiers": [ + { + "type": "bandit_test_id", + "name": "Bandit Test ID B303", + "value": "B303" + } + ], + "priority": "Medium", "file": "python/imports/imports-aliases.py", - "start_line": 14, - "end_line": 14 - }, - "identifiers": [ - { - "type": "bandit_test_id", - "name": "Bandit Test ID B303", - "value": "B303" - } - ], - "priority": "Medium", - "file": "python/imports/imports-aliases.py", - "line": 14, - "tool": "bandit" - }, - { - "category": "sast", - "message": "Pickle library appears to be in use, possible security issue.", - "cve": "python/imports/imports-aliases.py:5f200d47291e7bbd8352db23019b85453ca048dd98ea0c291260fa7d009963a4:B301", - "severity": "Medium", - "confidence": "High", - "scanner": { - "id": "bandit", - "name": "Bandit" - }, - "location": { + "line": 14, + "tool": "bandit" + }, + { + "category": "sast", + "message": "Pickle library appears to be in use, possible security issue.", + "cve": "python/imports/imports-aliases.py:5f200d47291e7bbd8352db23019b85453ca048dd98ea0c291260fa7d009963a4:B301", + "severity": "Medium", + "confidence": "High", + "scanner": { + "id": "bandit", + "name": "Bandit" + }, + "location": { + "file": "python/imports/imports-aliases.py", + "start_line": 15, + "end_line": 15 + }, + "identifiers": [ + { + "type": "bandit_test_id", + "name": "Bandit Test ID B301", + "value": "B301" + } + ], + "priority": "Medium", "file": "python/imports/imports-aliases.py", - "start_line": 15, - "end_line": 15 - }, - "identifiers": [ - { - "type": "bandit_test_id", - "name": "Bandit Test ID B301", - "value": "B301" - } - ], - "priority": "Medium", - "file": "python/imports/imports-aliases.py", - "line": 15, - "tool": "bandit" - }, - { - "category": "sast", - "name": "ECB mode is insecure", - "message": "ECB mode is insecure", - "cve": "groovy/src/main/java/com/gitlab/security_products/tests/App.groovy:29:ECB_MODE", - "severity": "Medium", - "confidence": "High", - "scanner": { - "id": "find_sec_bugs", - "name": "Find Security Bugs" - }, - "location": { + "line": 15, + "tool": "bandit" + }, + { + "category": "sast", + "name": "ECB mode is insecure", + "message": "ECB mode is insecure", + "cve": "groovy/src/main/java/com/gitlab/security_products/tests/App.groovy:29:ECB_MODE", + "severity": "Medium", + "confidence": "High", + "scanner": { + "id": "find_sec_bugs", + "name": "Find Security Bugs" + }, + "location": { + "file": "groovy/src/main/java/com/gitlab/security_products/tests/App.groovy", + "start_line": 29, + "end_line": 29, + "class": "com.gitlab.security_products.tests.App", + "method": "insecureCypher" + }, + "identifiers": [ + { + "type": "find_sec_bugs_type", + "name": "Find Security Bugs-ECB_MODE", + "value": "ECB_MODE", + "url": "https://find-sec-bugs.github.io/bugs.htm#ECB_MODE" + } + ], + "priority": "Medium", "file": "groovy/src/main/java/com/gitlab/security_products/tests/App.groovy", - "start_line": 29, - "end_line": 29, - "class": "com.gitlab.security_products.tests.App", - "method": "insecureCypher" - }, - "identifiers": [ - { - "type": "find_sec_bugs_type", - "name": "Find Security Bugs-ECB_MODE", - "value": "ECB_MODE", - "url": "https://find-sec-bugs.github.io/bugs.htm#ECB_MODE" - } - ], - "priority": "Medium", - "file": "groovy/src/main/java/com/gitlab/security_products/tests/App.groovy", - "line": 29, - "url": "https://find-sec-bugs.github.io/bugs.htm#ECB_MODE", - "tool": "find_sec_bugs" - }, - { - "category": "sast", - "name": "Cipher with no integrity", - "message": "Cipher with no integrity", - "cve": "groovy/src/main/java/com/gitlab/security_products/tests/App.groovy:29:CIPHER_INTEGRITY", - "severity": "Medium", - "confidence": "High", - "scanner": { - "id": "find_sec_bugs", - "name": "Find Security Bugs" - }, - "location": { + "line": 29, + "url": "https://find-sec-bugs.github.io/bugs.htm#ECB_MODE", + "tool": "find_sec_bugs" + }, + { + "category": "sast", + "name": "Cipher with no integrity", + "message": "Cipher with no integrity", + "cve": "groovy/src/main/java/com/gitlab/security_products/tests/App.groovy:29:CIPHER_INTEGRITY", + "severity": "Medium", + "confidence": "High", + "scanner": { + "id": "find_sec_bugs", + "name": "Find Security Bugs" + }, + "location": { + "file": "groovy/src/main/java/com/gitlab/security_products/tests/App.groovy", + "start_line": 29, + "end_line": 29, + "class": "com.gitlab.security_products.tests.App", + "method": "insecureCypher" + }, + "identifiers": [ + { + "type": "find_sec_bugs_type", + "name": "Find Security Bugs-CIPHER_INTEGRITY", + "value": "CIPHER_INTEGRITY", + "url": "https://find-sec-bugs.github.io/bugs.htm#CIPHER_INTEGRITY" + } + ], + "priority": "Medium", "file": "groovy/src/main/java/com/gitlab/security_products/tests/App.groovy", - "start_line": 29, - "end_line": 29, - "class": "com.gitlab.security_products.tests.App", - "method": "insecureCypher" - }, - "identifiers": [ - { - "type": "find_sec_bugs_type", - "name": "Find Security Bugs-CIPHER_INTEGRITY", - "value": "CIPHER_INTEGRITY", - "url": "https://find-sec-bugs.github.io/bugs.htm#CIPHER_INTEGRITY" - } - ], - "priority": "Medium", - "file": "groovy/src/main/java/com/gitlab/security_products/tests/App.groovy", - "line": 29, - "url": "https://find-sec-bugs.github.io/bugs.htm#CIPHER_INTEGRITY", - "tool": "find_sec_bugs" - }, - { - "category": "sast", - "message": "Probable insecure usage of temp file/directory.", - "cve": "python/hardcoded/hardcoded-tmp.py:63dd4d626855555b816985d82c4614a790462a0a3ada89dc58eb97f9c50f3077:B108", - "severity": "Medium", - "confidence": "Medium", - "scanner": { - "id": "bandit", - "name": "Bandit" - }, - "location": { + "line": 29, + "url": "https://find-sec-bugs.github.io/bugs.htm#CIPHER_INTEGRITY", + "tool": "find_sec_bugs" + }, + { + "category": "sast", + "message": "Probable insecure usage of temp file/directory.", + "cve": "python/hardcoded/hardcoded-tmp.py:63dd4d626855555b816985d82c4614a790462a0a3ada89dc58eb97f9c50f3077:B108", + "severity": "Medium", + "confidence": "Medium", + "scanner": { + "id": "bandit", + "name": "Bandit" + }, + "location": { + "file": "python/hardcoded/hardcoded-tmp.py", + "start_line": 14, + "end_line": 14 + }, + "identifiers": [ + { + "type": "bandit_test_id", + "name": "Bandit Test ID B108", + "value": "B108", + "url": "https://docs.openstack.org/bandit/latest/plugins/b108_hardcoded_tmp_directory.html" + } + ], + "priority": "Medium", "file": "python/hardcoded/hardcoded-tmp.py", - "start_line": 14, - "end_line": 14 - }, - "identifiers": [ - { - "type": "bandit_test_id", - "name": "Bandit Test ID B108", - "value": "B108", - "url": "https://docs.openstack.org/bandit/latest/plugins/b108_hardcoded_tmp_directory.html" - } - ], - "priority": "Medium", - "file": "python/hardcoded/hardcoded-tmp.py", - "line": 14, - "url": "https://docs.openstack.org/bandit/latest/plugins/b108_hardcoded_tmp_directory.html", - "tool": "bandit" - }, - { - "category": "sast", - "message": "Probable insecure usage of temp file/directory.", - "cve": "python/hardcoded/hardcoded-tmp.py:4ad6d4c40a8c263fc265f3384724014e0a4f8dd6200af83e51ff120420038031:B108", - "severity": "Medium", - "confidence": "Medium", - "scanner": { - "id": "bandit", - "name": "Bandit" - }, - "location": { + "line": 14, + "url": "https://docs.openstack.org/bandit/latest/plugins/b108_hardcoded_tmp_directory.html", + "tool": "bandit" + }, + { + "category": "sast", + "message": "Probable insecure usage of temp file/directory.", + "cve": "python/hardcoded/hardcoded-tmp.py:4ad6d4c40a8c263fc265f3384724014e0a4f8dd6200af83e51ff120420038031:B108", + "severity": "Medium", + "confidence": "Medium", + "scanner": { + "id": "bandit", + "name": "Bandit" + }, + "location": { + "file": "python/hardcoded/hardcoded-tmp.py", + "start_line": 10, + "end_line": 10 + }, + "identifiers": [ + { + "type": "bandit_test_id", + "name": "Bandit Test ID B108", + "value": "B108", + "url": "https://docs.openstack.org/bandit/latest/plugins/b108_hardcoded_tmp_directory.html" + } + ], + "priority": "Medium", "file": "python/hardcoded/hardcoded-tmp.py", - "start_line": 10, - "end_line": 10 - }, - "identifiers": [ - { - "type": "bandit_test_id", - "name": "Bandit Test ID B108", - "value": "B108", - "url": "https://docs.openstack.org/bandit/latest/plugins/b108_hardcoded_tmp_directory.html" - } - ], - "priority": "Medium", - "file": "python/hardcoded/hardcoded-tmp.py", - "line": 10, - "url": "https://docs.openstack.org/bandit/latest/plugins/b108_hardcoded_tmp_directory.html", - "tool": "bandit" - }, - { - "category": "sast", - "message": "Consider possible security implications associated with Popen module.", - "cve": "python/imports/imports-aliases.py:2c3e1fa1e54c3c6646e8bcfaee2518153c6799b77587ff8d9a7b0631f6d34785:B404", - "severity": "Low", - "confidence": "High", - "scanner": { - "id": "bandit", - "name": "Bandit" - }, - "location": { + "line": 10, + "url": "https://docs.openstack.org/bandit/latest/plugins/b108_hardcoded_tmp_directory.html", + "tool": "bandit" + }, + { + "category": "sast", + "message": "Consider possible security implications associated with Popen module.", + "cve": "python/imports/imports-aliases.py:2c3e1fa1e54c3c6646e8bcfaee2518153c6799b77587ff8d9a7b0631f6d34785:B404", + "severity": "Low", + "confidence": "High", + "scanner": { + "id": "bandit", + "name": "Bandit" + }, + "location": { + "file": "python/imports/imports-aliases.py", + "start_line": 1, + "end_line": 1 + }, + "identifiers": [ + { + "type": "bandit_test_id", + "name": "Bandit Test ID B404", + "value": "B404" + } + ], + "priority": "Low", "file": "python/imports/imports-aliases.py", - "start_line": 1, - "end_line": 1 - }, - "identifiers": [ - { - "type": "bandit_test_id", - "name": "Bandit Test ID B404", - "value": "B404" - } - ], - "priority": "Low", - "file": "python/imports/imports-aliases.py", - "line": 1, - "tool": "bandit" - }, - { - "category": "sast", - "message": "Consider possible security implications associated with pickle module.", - "cve": "python/imports/imports.py:af58d07f6ad519ef5287fcae65bf1a6999448a1a3a8bc1ac2a11daa80d0b96bf:B403", - "severity": "Low", - "confidence": "High", - "scanner": { - "id": "bandit", - "name": "Bandit" - }, - "location": { + "line": 1, + "tool": "bandit" + }, + { + "category": "sast", + "message": "Consider possible security implications associated with pickle module.", + "cve": "python/imports/imports.py:af58d07f6ad519ef5287fcae65bf1a6999448a1a3a8bc1ac2a11daa80d0b96bf:B403", + "severity": "Low", + "confidence": "High", + "scanner": { + "id": "bandit", + "name": "Bandit" + }, + "location": { + "file": "python/imports/imports.py", + "start_line": 2, + "end_line": 2 + }, + "identifiers": [ + { + "type": "bandit_test_id", + "name": "Bandit Test ID B403", + "value": "B403" + } + ], + "priority": "Low", "file": "python/imports/imports.py", - "start_line": 2, - "end_line": 2 - }, - "identifiers": [ - { - "type": "bandit_test_id", - "name": "Bandit Test ID B403", - "value": "B403" - } - ], - "priority": "Low", - "file": "python/imports/imports.py", - "line": 2, - "tool": "bandit" - }, - { - "category": "sast", - "message": "Consider possible security implications associated with subprocess module.", - "cve": "python/imports/imports.py:8de9bc98029d212db530785a5f6780cfa663548746ff228ab8fa96c5bb82f089:B404", - "severity": "Low", - "confidence": "High", - "scanner": { - "id": "bandit", - "name": "Bandit" - }, - "location": { + "line": 2, + "tool": "bandit" + }, + { + "category": "sast", + "message": "Consider possible security implications associated with subprocess module.", + "cve": "python/imports/imports.py:8de9bc98029d212db530785a5f6780cfa663548746ff228ab8fa96c5bb82f089:B404", + "severity": "Low", + "confidence": "High", + "scanner": { + "id": "bandit", + "name": "Bandit" + }, + "location": { + "file": "python/imports/imports.py", + "start_line": 4, + "end_line": 4 + }, + "identifiers": [ + { + "type": "bandit_test_id", + "name": "Bandit Test ID B404", + "value": "B404" + } + ], + "priority": "Low", "file": "python/imports/imports.py", - "start_line": 4, - "end_line": 4 - }, - "identifiers": [ - { - "type": "bandit_test_id", - "name": "Bandit Test ID B404", - "value": "B404" - } - ], - "priority": "Low", - "file": "python/imports/imports.py", - "line": 4, - "tool": "bandit" - }, - { - "category": "sast", - "message": "Possible hardcoded password: 'blerg'", - "cve": "python/hardcoded/hardcoded-passwords.py:97c30f1d76d2a88913e3ce9ae74087874d740f87de8af697a9c455f01119f633:B106", - "severity": "Low", - "confidence": "Medium", - "scanner": { - "id": "bandit", - "name": "Bandit" - }, - "location": { + "line": 4, + "tool": "bandit" + }, + { + "category": "sast", + "message": "Possible hardcoded password: 'blerg'", + "cve": "python/hardcoded/hardcoded-passwords.py:97c30f1d76d2a88913e3ce9ae74087874d740f87de8af697a9c455f01119f633:B106", + "severity": "Low", + "confidence": "Medium", + "scanner": { + "id": "bandit", + "name": "Bandit" + }, + "location": { + "file": "python/hardcoded/hardcoded-passwords.py", + "start_line": 22, + "end_line": 22 + }, + "identifiers": [ + { + "type": "bandit_test_id", + "name": "Bandit Test ID B106", + "value": "B106", + "url": "https://docs.openstack.org/bandit/latest/plugins/b106_hardcoded_password_funcarg.html" + } + ], + "priority": "Low", "file": "python/hardcoded/hardcoded-passwords.py", - "start_line": 22, - "end_line": 22 - }, - "identifiers": [ - { - "type": "bandit_test_id", - "name": "Bandit Test ID B106", - "value": "B106", - "url": "https://docs.openstack.org/bandit/latest/plugins/b106_hardcoded_password_funcarg.html" - } - ], - "priority": "Low", - "file": "python/hardcoded/hardcoded-passwords.py", - "line": 22, - "url": "https://docs.openstack.org/bandit/latest/plugins/b106_hardcoded_password_funcarg.html", - "tool": "bandit" - }, - { - "category": "sast", - "message": "Possible hardcoded password: 'root'", - "cve": "python/hardcoded/hardcoded-passwords.py:7431c73a0bc16d94ece2a2e75ef38f302574d42c37ac0c3c38ad0b3bf8a59f10:B105", - "severity": "Low", - "confidence": "Medium", - "scanner": { - "id": "bandit", - "name": "Bandit" - }, - "location": { + "line": 22, + "url": "https://docs.openstack.org/bandit/latest/plugins/b106_hardcoded_password_funcarg.html", + "tool": "bandit" + }, + { + "category": "sast", + "message": "Possible hardcoded password: 'root'", + "cve": "python/hardcoded/hardcoded-passwords.py:7431c73a0bc16d94ece2a2e75ef38f302574d42c37ac0c3c38ad0b3bf8a59f10:B105", + "severity": "Low", + "confidence": "Medium", + "scanner": { + "id": "bandit", + "name": "Bandit" + }, + "location": { + "file": "python/hardcoded/hardcoded-passwords.py", + "start_line": 5, + "end_line": 5 + }, + "identifiers": [ + { + "type": "bandit_test_id", + "name": "Bandit Test ID B105", + "value": "B105", + "url": "https://docs.openstack.org/bandit/latest/plugins/b105_hardcoded_password_string.html" + } + ], + "priority": "Low", "file": "python/hardcoded/hardcoded-passwords.py", - "start_line": 5, - "end_line": 5 - }, - "identifiers": [ - { - "type": "bandit_test_id", - "name": "Bandit Test ID B105", - "value": "B105", - "url": "https://docs.openstack.org/bandit/latest/plugins/b105_hardcoded_password_string.html" - } - ], - "priority": "Low", - "file": "python/hardcoded/hardcoded-passwords.py", - "line": 5, - "url": "https://docs.openstack.org/bandit/latest/plugins/b105_hardcoded_password_string.html", - "tool": "bandit" - }, - { - "category": "sast", - "message": "Possible hardcoded password: ''", - "cve": "python/hardcoded/hardcoded-passwords.py:d2d1857c27caedd49c57bfbcdc23afcc92bd66a22701fcdc632869aab4ca73ee:B105", - "severity": "Low", - "confidence": "Medium", - "scanner": { - "id": "bandit", - "name": "Bandit" - }, - "location": { + "line": 5, + "url": "https://docs.openstack.org/bandit/latest/plugins/b105_hardcoded_password_string.html", + "tool": "bandit" + }, + { + "category": "sast", + "message": "Possible hardcoded password: ''", + "cve": "python/hardcoded/hardcoded-passwords.py:d2d1857c27caedd49c57bfbcdc23afcc92bd66a22701fcdc632869aab4ca73ee:B105", + "severity": "Low", + "confidence": "Medium", + "scanner": { + "id": "bandit", + "name": "Bandit" + }, + "location": { + "file": "python/hardcoded/hardcoded-passwords.py", + "start_line": 9, + "end_line": 9 + }, + "identifiers": [ + { + "type": "bandit_test_id", + "name": "Bandit Test ID B105", + "value": "B105", + "url": "https://docs.openstack.org/bandit/latest/plugins/b105_hardcoded_password_string.html" + } + ], + "priority": "Low", "file": "python/hardcoded/hardcoded-passwords.py", - "start_line": 9, - "end_line": 9 - }, - "identifiers": [ - { - "type": "bandit_test_id", - "name": "Bandit Test ID B105", - "value": "B105", - "url": "https://docs.openstack.org/bandit/latest/plugins/b105_hardcoded_password_string.html" - } - ], - "priority": "Low", - "file": "python/hardcoded/hardcoded-passwords.py", - "line": 9, - "url": "https://docs.openstack.org/bandit/latest/plugins/b105_hardcoded_password_string.html", - "tool": "bandit" - }, - { - "category": "sast", - "message": "Possible hardcoded password: 'ajklawejrkl42348swfgkg'", - "cve": "python/hardcoded/hardcoded-passwords.py:fb3866215a61393a5c9c32a3b60e2058171a23219c353f722cbd3567acab21d2:B105", - "severity": "Low", - "confidence": "Medium", - "scanner": { - "id": "bandit", - "name": "Bandit" - }, - "location": { + "line": 9, + "url": "https://docs.openstack.org/bandit/latest/plugins/b105_hardcoded_password_string.html", + "tool": "bandit" + }, + { + "category": "sast", + "message": "Possible hardcoded password: 'ajklawejrkl42348swfgkg'", + "cve": "python/hardcoded/hardcoded-passwords.py:fb3866215a61393a5c9c32a3b60e2058171a23219c353f722cbd3567acab21d2:B105", + "severity": "Low", + "confidence": "Medium", + "scanner": { + "id": "bandit", + "name": "Bandit" + }, + "location": { + "file": "python/hardcoded/hardcoded-passwords.py", + "start_line": 13, + "end_line": 13 + }, + "identifiers": [ + { + "type": "bandit_test_id", + "name": "Bandit Test ID B105", + "value": "B105", + "url": "https://docs.openstack.org/bandit/latest/plugins/b105_hardcoded_password_string.html" + } + ], + "priority": "Low", "file": "python/hardcoded/hardcoded-passwords.py", - "start_line": 13, - "end_line": 13 - }, - "identifiers": [ - { - "type": "bandit_test_id", - "name": "Bandit Test ID B105", - "value": "B105", - "url": "https://docs.openstack.org/bandit/latest/plugins/b105_hardcoded_password_string.html" - } - ], - "priority": "Low", - "file": "python/hardcoded/hardcoded-passwords.py", - "line": 13, - "url": "https://docs.openstack.org/bandit/latest/plugins/b105_hardcoded_password_string.html", - "tool": "bandit" - }, - { - "category": "sast", - "message": "Possible hardcoded password: 'blerg'", - "cve": "python/hardcoded/hardcoded-passwords.py:63c62a8b7e1e5224439bd26b28030585ac48741e28ca64561a6071080c560a5f:B105", - "severity": "Low", - "confidence": "Medium", - "scanner": { - "id": "bandit", - "name": "Bandit" - }, - "location": { + "line": 13, + "url": "https://docs.openstack.org/bandit/latest/plugins/b105_hardcoded_password_string.html", + "tool": "bandit" + }, + { + "category": "sast", + "message": "Possible hardcoded password: 'blerg'", + "cve": "python/hardcoded/hardcoded-passwords.py:63c62a8b7e1e5224439bd26b28030585ac48741e28ca64561a6071080c560a5f:B105", + "severity": "Low", + "confidence": "Medium", + "scanner": { + "id": "bandit", + "name": "Bandit" + }, + "location": { + "file": "python/hardcoded/hardcoded-passwords.py", + "start_line": 23, + "end_line": 23 + }, + "identifiers": [ + { + "type": "bandit_test_id", + "name": "Bandit Test ID B105", + "value": "B105", + "url": "https://docs.openstack.org/bandit/latest/plugins/b105_hardcoded_password_string.html" + } + ], + "priority": "Low", "file": "python/hardcoded/hardcoded-passwords.py", - "start_line": 23, - "end_line": 23 - }, - "identifiers": [ - { - "type": "bandit_test_id", - "name": "Bandit Test ID B105", - "value": "B105", - "url": "https://docs.openstack.org/bandit/latest/plugins/b105_hardcoded_password_string.html" - } - ], - "priority": "Low", - "file": "python/hardcoded/hardcoded-passwords.py", - "line": 23, - "url": "https://docs.openstack.org/bandit/latest/plugins/b105_hardcoded_password_string.html", - "tool": "bandit" - }, - { - "category": "sast", - "message": "Possible hardcoded password: 'blerg'", - "cve": "python/hardcoded/hardcoded-passwords.py:4311b06d08df8fa58229b341c531da8e1a31ec4520597bdff920cd5c098d86f9:B105", - "severity": "Low", - "confidence": "Medium", - "scanner": { - "id": "bandit", - "name": "Bandit" - }, - "location": { + "line": 23, + "url": "https://docs.openstack.org/bandit/latest/plugins/b105_hardcoded_password_string.html", + "tool": "bandit" + }, + { + "category": "sast", + "message": "Possible hardcoded password: 'blerg'", + "cve": "python/hardcoded/hardcoded-passwords.py:4311b06d08df8fa58229b341c531da8e1a31ec4520597bdff920cd5c098d86f9:B105", + "severity": "Low", + "confidence": "Medium", + "scanner": { + "id": "bandit", + "name": "Bandit" + }, + "location": { + "file": "python/hardcoded/hardcoded-passwords.py", + "start_line": 24, + "end_line": 24 + }, + "identifiers": [ + { + "type": "bandit_test_id", + "name": "Bandit Test ID B105", + "value": "B105", + "url": "https://docs.openstack.org/bandit/latest/plugins/b105_hardcoded_password_string.html" + } + ], + "priority": "Low", "file": "python/hardcoded/hardcoded-passwords.py", - "start_line": 24, - "end_line": 24 - }, - "identifiers": [ - { - "type": "bandit_test_id", - "name": "Bandit Test ID B105", - "value": "B105", - "url": "https://docs.openstack.org/bandit/latest/plugins/b105_hardcoded_password_string.html" - } - ], - "priority": "Low", - "file": "python/hardcoded/hardcoded-passwords.py", - "line": 24, - "url": "https://docs.openstack.org/bandit/latest/plugins/b105_hardcoded_password_string.html", - "tool": "bandit" - }, - { - "category": "sast", - "message": "Consider possible security implications associated with subprocess module.", - "cve": "python/imports/imports-function.py:5858400c2f39047787702de44d03361ef8d954c9d14bd54ee1c2bef9e6a7df93:B404", - "severity": "Low", - "confidence": "High", - "scanner": { - "id": "bandit", - "name": "Bandit" - }, - "location": { + "line": 24, + "url": "https://docs.openstack.org/bandit/latest/plugins/b105_hardcoded_password_string.html", + "tool": "bandit" + }, + { + "category": "sast", + "message": "Consider possible security implications associated with subprocess module.", + "cve": "python/imports/imports-function.py:5858400c2f39047787702de44d03361ef8d954c9d14bd54ee1c2bef9e6a7df93:B404", + "severity": "Low", + "confidence": "High", + "scanner": { + "id": "bandit", + "name": "Bandit" + }, + "location": { + "file": "python/imports/imports-function.py", + "start_line": 4, + "end_line": 4 + }, + "identifiers": [ + { + "type": "bandit_test_id", + "name": "Bandit Test ID B404", + "value": "B404" + } + ], + "priority": "Low", "file": "python/imports/imports-function.py", - "start_line": 4, - "end_line": 4 - }, - "identifiers": [ - { - "type": "bandit_test_id", - "name": "Bandit Test ID B404", - "value": "B404" - } - ], - "priority": "Low", - "file": "python/imports/imports-function.py", - "line": 4, - "tool": "bandit" - }, - { - "category": "sast", - "message": "Consider possible security implications associated with pickle module.", - "cve": "python/imports/imports-function.py:dbda3cf4190279d30e0aad7dd137eca11272b0b225e8af4e8bf39682da67d956:B403", - "severity": "Low", - "confidence": "High", - "scanner": { - "id": "bandit", - "name": "Bandit" - }, - "location": { + "line": 4, + "tool": "bandit" + }, + { + "category": "sast", + "message": "Consider possible security implications associated with pickle module.", + "cve": "python/imports/imports-function.py:dbda3cf4190279d30e0aad7dd137eca11272b0b225e8af4e8bf39682da67d956:B403", + "severity": "Low", + "confidence": "High", + "scanner": { + "id": "bandit", + "name": "Bandit" + }, + "location": { + "file": "python/imports/imports-function.py", + "start_line": 2, + "end_line": 2 + }, + "identifiers": [ + { + "type": "bandit_test_id", + "name": "Bandit Test ID B403", + "value": "B403" + } + ], + "priority": "Low", "file": "python/imports/imports-function.py", - "start_line": 2, - "end_line": 2 - }, - "identifiers": [ - { - "type": "bandit_test_id", - "name": "Bandit Test ID B403", - "value": "B403" - } - ], - "priority": "Low", - "file": "python/imports/imports-function.py", - "line": 2, - "tool": "bandit" - }, - { - "category": "sast", - "message": "Consider possible security implications associated with Popen module.", - "cve": "python/imports/imports-from.py:eb8a0db9cd1a8c1ab39a77e6025021b1261cc2a0b026b2f4a11fca4e0636d8dd:B404", - "severity": "Low", - "confidence": "High", - "scanner": { - "id": "bandit", - "name": "Bandit" - }, - "location": { + "line": 2, + "tool": "bandit" + }, + { + "category": "sast", + "message": "Consider possible security implications associated with Popen module.", + "cve": "python/imports/imports-from.py:eb8a0db9cd1a8c1ab39a77e6025021b1261cc2a0b026b2f4a11fca4e0636d8dd:B404", + "severity": "Low", + "confidence": "High", + "scanner": { + "id": "bandit", + "name": "Bandit" + }, + "location": { + "file": "python/imports/imports-from.py", + "start_line": 7, + "end_line": 7 + }, + "identifiers": [ + { + "type": "bandit_test_id", + "name": "Bandit Test ID B404", + "value": "B404" + } + ], + "priority": "Low", "file": "python/imports/imports-from.py", - "start_line": 7, - "end_line": 7 - }, - "identifiers": [ - { - "type": "bandit_test_id", - "name": "Bandit Test ID B404", - "value": "B404" - } - ], - "priority": "Low", - "file": "python/imports/imports-from.py", - "line": 7, - "tool": "bandit" - }, - { - "category": "sast", - "message": "subprocess call with shell=True seems safe, but may be changed in the future, consider rewriting without shell", - "cve": "python/imports/imports-aliases.py:f99f9721e27537fbcb6699a4cf39c6740d6234d2c6f06cfc2d9ea977313c483d:B602", - "severity": "Low", - "confidence": "High", - "scanner": { - "id": "bandit", - "name": "Bandit" - }, - "location": { + "line": 7, + "tool": "bandit" + }, + { + "category": "sast", + "message": "subprocess call with shell=True seems safe, but may be changed in the future, consider rewriting without shell", + "cve": "python/imports/imports-aliases.py:f99f9721e27537fbcb6699a4cf39c6740d6234d2c6f06cfc2d9ea977313c483d:B602", + "severity": "Low", + "confidence": "High", + "scanner": { + "id": "bandit", + "name": "Bandit" + }, + "location": { + "file": "python/imports/imports-aliases.py", + "start_line": 9, + "end_line": 9 + }, + "identifiers": [ + { + "type": "bandit_test_id", + "name": "Bandit Test ID B602", + "value": "B602", + "url": "https://docs.openstack.org/bandit/latest/plugins/b602_subprocess_popen_with_shell_equals_true.html" + } + ], + "priority": "Low", "file": "python/imports/imports-aliases.py", - "start_line": 9, - "end_line": 9 - }, - "identifiers": [ - { - "type": "bandit_test_id", - "name": "Bandit Test ID B602", - "value": "B602", - "url": "https://docs.openstack.org/bandit/latest/plugins/b602_subprocess_popen_with_shell_equals_true.html" - } - ], - "priority": "Low", - "file": "python/imports/imports-aliases.py", - "line": 9, - "url": "https://docs.openstack.org/bandit/latest/plugins/b602_subprocess_popen_with_shell_equals_true.html", - "tool": "bandit" - }, - { - "category": "sast", - "message": "Consider possible security implications associated with subprocess module.", - "cve": "python/imports/imports-from.py:332a12ab1146698f614a905ce6a6a5401497a12281aef200e80522711c69dcf4:B404", - "severity": "Low", - "confidence": "High", - "scanner": { - "id": "bandit", - "name": "Bandit" - }, - "location": { + "line": 9, + "url": "https://docs.openstack.org/bandit/latest/plugins/b602_subprocess_popen_with_shell_equals_true.html", + "tool": "bandit" + }, + { + "category": "sast", + "message": "Consider possible security implications associated with subprocess module.", + "cve": "python/imports/imports-from.py:332a12ab1146698f614a905ce6a6a5401497a12281aef200e80522711c69dcf4:B404", + "severity": "Low", + "confidence": "High", + "scanner": { + "id": "bandit", + "name": "Bandit" + }, + "location": { + "file": "python/imports/imports-from.py", + "start_line": 6, + "end_line": 6 + }, + "identifiers": [ + { + "type": "bandit_test_id", + "name": "Bandit Test ID B404", + "value": "B404" + } + ], + "priority": "Low", "file": "python/imports/imports-from.py", - "start_line": 6, - "end_line": 6 - }, - "identifiers": [ - { - "type": "bandit_test_id", - "name": "Bandit Test ID B404", - "value": "B404" - } - ], - "priority": "Low", - "file": "python/imports/imports-from.py", - "line": 6, - "tool": "bandit" - }, - { - "category": "sast", - "message": "Consider possible security implications associated with Popen module.", - "cve": "python/imports/imports-from.py:0a48de4a3d5348853a03666cb574697e3982998355e7a095a798bd02a5947276:B404", - "severity": "Low", - "confidence": "High", - "scanner": { - "id": "bandit", - "name": "Bandit" - }, - "location": { + "line": 6, + "tool": "bandit" + }, + { + "category": "sast", + "message": "Consider possible security implications associated with Popen module.", + "cve": "python/imports/imports-from.py:0a48de4a3d5348853a03666cb574697e3982998355e7a095a798bd02a5947276:B404", + "severity": "Low", + "confidence": "High", + "scanner": { + "id": "bandit", + "name": "Bandit" + }, + "location": { + "file": "python/imports/imports-from.py", + "start_line": 1, + "end_line": 2 + }, + "identifiers": [ + { + "type": "bandit_test_id", + "name": "Bandit Test ID B404", + "value": "B404" + } + ], + "priority": "Low", "file": "python/imports/imports-from.py", - "start_line": 1, - "end_line": 2 - }, - "identifiers": [ - { - "type": "bandit_test_id", - "name": "Bandit Test ID B404", - "value": "B404" - } - ], - "priority": "Low", - "file": "python/imports/imports-from.py", - "line": 1, - "tool": "bandit" - }, - { - "category": "sast", - "message": "Consider possible security implications associated with pickle module.", - "cve": "python/imports/imports-aliases.py:51b71661dff994bde3529639a727a678c8f5c4c96f00d300913f6d5be1bbdf26:B403", - "severity": "Low", - "confidence": "High", - "scanner": { - "id": "bandit", - "name": "Bandit" - }, - "location": { + "line": 1, + "tool": "bandit" + }, + { + "category": "sast", + "message": "Consider possible security implications associated with pickle module.", + "cve": "python/imports/imports-aliases.py:51b71661dff994bde3529639a727a678c8f5c4c96f00d300913f6d5be1bbdf26:B403", + "severity": "Low", + "confidence": "High", + "scanner": { + "id": "bandit", + "name": "Bandit" + }, + "location": { + "file": "python/imports/imports-aliases.py", + "start_line": 7, + "end_line": 8 + }, + "identifiers": [ + { + "type": "bandit_test_id", + "name": "Bandit Test ID B403", + "value": "B403" + } + ], + "priority": "Low", "file": "python/imports/imports-aliases.py", - "start_line": 7, - "end_line": 8 - }, - "identifiers": [ - { - "type": "bandit_test_id", - "name": "Bandit Test ID B403", - "value": "B403" - } - ], - "priority": "Low", - "file": "python/imports/imports-aliases.py", - "line": 7, - "tool": "bandit" - }, - { - "category": "sast", - "message": "Consider possible security implications associated with loads module.", - "cve": "python/imports/imports-aliases.py:6ff02aeb3149c01ab68484d794a94f58d5d3e3bb0d58557ef4153644ea68ea54:B403", - "severity": "Low", - "confidence": "High", - "scanner": { - "id": "bandit", - "name": "Bandit" - }, - "location": { + "line": 7, + "tool": "bandit" + }, + { + "category": "sast", + "message": "Consider possible security implications associated with loads module.", + "cve": "python/imports/imports-aliases.py:6ff02aeb3149c01ab68484d794a94f58d5d3e3bb0d58557ef4153644ea68ea54:B403", + "severity": "Low", + "confidence": "High", + "scanner": { + "id": "bandit", + "name": "Bandit" + }, + "location": { + "file": "python/imports/imports-aliases.py", + "start_line": 6, + "end_line": 6 + }, + "identifiers": [ + { + "type": "bandit_test_id", + "name": "Bandit Test ID B403", + "value": "B403" + } + ], + "priority": "Low", "file": "python/imports/imports-aliases.py", - "start_line": 6, - "end_line": 6 - }, - "identifiers": [ - { - "type": "bandit_test_id", - "name": "Bandit Test ID B403", - "value": "B403" - } - ], - "priority": "Low", - "file": "python/imports/imports-aliases.py", - "line": 6, - "tool": "bandit" - }, - { - "category": "sast", - "message": "Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120)", - "cve": "c/subdir/utils.c:b466873101951fe96e1332f6728eb7010acbbd5dfc3b65d7d53571d091a06d9e:CWE-119!/CWE-120", - "confidence": "Low", - "solution": "Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length", - "scanner": { - "id": "flawfinder", - "name": "Flawfinder" - }, - "location": { + "line": 6, + "tool": "bandit" + }, + { + "category": "sast", + "message": "Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120)", + "cve": "c/subdir/utils.c:b466873101951fe96e1332f6728eb7010acbbd5dfc3b65d7d53571d091a06d9e:CWE-119!/CWE-120", + "confidence": "Low", + "solution": "Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length", + "scanner": { + "id": "flawfinder", + "name": "Flawfinder" + }, + "location": { + "file": "c/subdir/utils.c", + "start_line": 4 + }, + "identifiers": [ + { + "type": "cwe", + "name": "CWE-119", + "value": "119", + "url": "https://cwe.mitre.org/data/definitions/119.html" + }, + { + "type": "cwe", + "name": "CWE-120", + "value": "120", + "url": "https://cwe.mitre.org/data/definitions/120.html" + } + ], "file": "c/subdir/utils.c", - "start_line": 4 - }, - "identifiers": [ - { - "type": "cwe", - "name": "CWE-119", - "value": "119", - "url": "https://cwe.mitre.org/data/definitions/119.html" - }, - { - "type": "cwe", - "name": "CWE-120", - "value": "120", - "url": "https://cwe.mitre.org/data/definitions/120.html" - } - ], - "file": "c/subdir/utils.c", - "line": 4, - "url": "https://cwe.mitre.org/data/definitions/119.html", - "tool": "flawfinder" - }, - { - "category": "sast", - "message": "Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362)", - "cve": "c/subdir/utils.c:bab681140fcc8fc3085b6bba74081b44ea145c1c98b5e70cf19ace2417d30770:CWE-362", - "confidence": "Low", - "scanner": { - "id": "flawfinder", - "name": "Flawfinder" - }, - "location": { + "line": 4, + "url": "https://cwe.mitre.org/data/definitions/119.html", + "tool": "flawfinder" + }, + { + "category": "sast", + "message": "Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362)", + "cve": "c/subdir/utils.c:bab681140fcc8fc3085b6bba74081b44ea145c1c98b5e70cf19ace2417d30770:CWE-362", + "confidence": "Low", + "scanner": { + "id": "flawfinder", + "name": "Flawfinder" + }, + "location": { + "file": "c/subdir/utils.c", + "start_line": 8 + }, + "identifiers": [ + { + "type": "cwe", + "name": "CWE-362", + "value": "362", + "url": "https://cwe.mitre.org/data/definitions/362.html" + } + ], "file": "c/subdir/utils.c", - "start_line": 8 - }, - "identifiers": [ - { - "type": "cwe", - "name": "CWE-362", - "value": "362", - "url": "https://cwe.mitre.org/data/definitions/362.html" - } - ], - "file": "c/subdir/utils.c", - "line": 8, - "url": "https://cwe.mitre.org/data/definitions/362.html", - "tool": "flawfinder" - }, - { - "category": "sast", - "message": "Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120)", - "cve": "cplusplus/src/hello.cpp:c8c6dd0afdae6814194cf0930b719f757ab7b379cf8f261e7f4f9f2f323a818a:CWE-119!/CWE-120", - "confidence": "Low", - "solution": "Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length", - "scanner": { - "id": "flawfinder", - "name": "Flawfinder" - }, - "location": { + "line": 8, + "url": "https://cwe.mitre.org/data/definitions/362.html", + "tool": "flawfinder" + }, + { + "category": "sast", + "message": "Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120)", + "cve": "cplusplus/src/hello.cpp:c8c6dd0afdae6814194cf0930b719f757ab7b379cf8f261e7f4f9f2f323a818a:CWE-119!/CWE-120", + "confidence": "Low", + "solution": "Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length", + "scanner": { + "id": "flawfinder", + "name": "Flawfinder" + }, + "location": { + "file": "cplusplus/src/hello.cpp", + "start_line": 6 + }, + "identifiers": [ + { + "type": "cwe", + "name": "CWE-119", + "value": "119", + "url": "https://cwe.mitre.org/data/definitions/119.html" + }, + { + "type": "cwe", + "name": "CWE-120", + "value": "120", + "url": "https://cwe.mitre.org/data/definitions/120.html" + } + ], "file": "cplusplus/src/hello.cpp", - "start_line": 6 - }, - "identifiers": [ - { - "type": "cwe", - "name": "CWE-119", - "value": "119", - "url": "https://cwe.mitre.org/data/definitions/119.html" - }, - { - "type": "cwe", - "name": "CWE-120", - "value": "120", - "url": "https://cwe.mitre.org/data/definitions/120.html" - } - ], - "file": "cplusplus/src/hello.cpp", - "line": 6, - "url": "https://cwe.mitre.org/data/definitions/119.html", - "tool": "flawfinder" - }, - { - "category": "sast", - "message": "Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120)", - "cve": "cplusplus/src/hello.cpp:331c04062c4fe0c7c486f66f59e82ad146ab33cdd76ae757ca41f392d568cbd0:CWE-120", - "confidence": "Low", - "solution": "Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)", - "scanner": { - "id": "flawfinder", - "name": "Flawfinder" - }, - "location": { + "line": 6, + "url": "https://cwe.mitre.org/data/definitions/119.html", + "tool": "flawfinder" + }, + { + "category": "sast", + "message": "Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120)", + "cve": "cplusplus/src/hello.cpp:331c04062c4fe0c7c486f66f59e82ad146ab33cdd76ae757ca41f392d568cbd0:CWE-120", + "confidence": "Low", + "solution": "Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)", + "scanner": { + "id": "flawfinder", + "name": "Flawfinder" + }, + "location": { + "file": "cplusplus/src/hello.cpp", + "start_line": 7 + }, + "identifiers": [ + { + "type": "cwe", + "name": "CWE-120", + "value": "120", + "url": "https://cwe.mitre.org/data/definitions/120.html" + } + ], "file": "cplusplus/src/hello.cpp", - "start_line": 7 - }, - "identifiers": [ - { - "type": "cwe", - "name": "CWE-120", - "value": "120", - "url": "https://cwe.mitre.org/data/definitions/120.html" - } - ], - "file": "cplusplus/src/hello.cpp", - "line": 7, - "url": "https://cwe.mitre.org/data/definitions/120.html", - "tool": "flawfinder" - } -] + "line": 7, + "url": "https://cwe.mitre.org/data/definitions/120.html", + "tool": "flawfinder" + } + ] +} -- GitLab From 550126f1a5a68a5d4fac1120e7c80d16a8bd63ab Mon Sep 17 00:00:00 2001 From: Marcia Ramos Date: Fri, 4 Jan 2019 18:26:00 +0000 Subject: [PATCH 23/63] Fixes broken link --- doc/development/documentation/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/development/documentation/index.md b/doc/development/documentation/index.md index 8ffddb9b669..828f9bfeec6 100644 --- a/doc/development/documentation/index.md +++ b/doc/development/documentation/index.md @@ -14,7 +14,7 @@ In addition to this page, the following resources to help craft and contribute d - [Feature-change documentation workflow](feature-change-workflow.md) - Adding required documentation when developing a GitLab feature. - [Documentation improvement worflow](improvement-workflow.md) - New content not associated with a new feature. - [Markdown Guide](https://about.gitlab.com/handbook/product/technical-writing/markdown-guide/) - A reference for the markdown implementation used by GitLab's documentation site and about.gitlab.com. -- [Site architecture](/doc/development/documentation/site_architecture/index.md) - How docs.gitlab.com is built. +- [Site architecture](site_architecture/index.md) - How docs.gitlab.com is built. ## Source and rendered locations -- GitLab From 6670f838b5bd207bab35c0350e17ecb0a4dace96 Mon Sep 17 00:00:00 2001 From: Valery Sizov Date: Thu, 3 Jan 2019 23:03:35 +0200 Subject: [PATCH 24/63] Track Sentry error when namespace cannot be moved Backport of https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/8926 --- lib/gitlab/shell.rb | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/lib/gitlab/shell.rb b/lib/gitlab/shell.rb index c6a6fb9b5ce..bdf21cf3134 100644 --- a/lib/gitlab/shell.rb +++ b/lib/gitlab/shell.rb @@ -289,10 +289,12 @@ module Gitlab # def mv_namespace(storage, old_name, new_name) Gitlab::GitalyClient::NamespaceService.new(storage).rename(old_name, new_name) - rescue GRPC::InvalidArgument + rescue GRPC::InvalidArgument => e + Gitlab::Sentry.track_acceptable_exception(e, extra: { old_name: old_name, new_name: new_name, storage: storage }) + false end - alias_method :mv_directory, :mv_namespace + alias_method :mv_directory, :mv_namespace # Note: ShellWorker uses this alias def url_to_repo(path) Gitlab.config.gitlab_shell.ssh_path_prefix + "#{path}.git" -- GitLab From 056eab329de113663adce8f09366142487cfde3a Mon Sep 17 00:00:00 2001 From: danielgruesso Date: Fri, 4 Jan 2019 13:49:34 -0500 Subject: [PATCH 25/63] Update serverless extension to yml --- doc/user/project/clusters/serverless/index.md | 15 ++++++--------- 1 file changed, 6 insertions(+), 9 deletions(-) diff --git a/doc/user/project/clusters/serverless/index.md b/doc/user/project/clusters/serverless/index.md index a423212a879..ffce29f8f81 100644 --- a/doc/user/project/clusters/serverless/index.md +++ b/doc/user/project/clusters/serverless/index.md @@ -32,7 +32,7 @@ To run Knative on Gitlab, you will need: 1. **`.gitlab-ci.yml`:** GitLab uses [Kaniko](https://github.com/GoogleContainerTools/kaniko) to build the application and the [TriggerMesh CLI](https://github.com/triggermesh/tm) to simplify the deployment of knative services and functions. -1. **`serverless.yaml`** (for [functions only](#deploying-functions)): When using serverless to deploy functions, the `serverless.yaml` file +1. **`serverless.yml`** (for [functions only](#deploying-functions)): When using serverless to deploy functions, the `serverless.yml` file will contain the information for all the functions being hosted in the repository as well as a reference to the runtime being used. 1. **`Dockerfile`** (for [applications only](#deploying-serverless-applications): Knative requires a `Dockerfile` in order to build your application. It should be included @@ -102,12 +102,9 @@ In order to deploy functions to your Knative instance, the following files must The `gitlab-ci.yml` template creates a `Deploy` stage with a `functions` job that invokes the `tm` CLI with the required parameters. -2. `serverless.yaml`: This file contains the metadata for your functions, +2. `serverless.yml`: This file contains the metadata for your functions, such as name, runtime, and environment. It must be included at the root of your repository. The following is a sample `echo` function which shows the required structure for the file. - NOTE: **Note:** - The file extension for the `serverless.yaml` file must be specified as `.yaml` in order to the file to be parsed properly. Specifying the extension as `.yml` will not work. - ```yaml service: my-functions description: "Deploying functions from GitLab using Knative" @@ -130,7 +127,7 @@ In order to deploy functions to your Knative instance, the following files must ``` -The `serverless.yaml` file contains three sections with distinct parameters: +The `serverless.yml` file contains three sections with distinct parameters: ### `service` @@ -144,13 +141,13 @@ The `serverless.yaml` file contains three sections with distinct parameters: | Parameter | Description | |-----------|-------------| -| `name` | Indicates which provider is used to execute the `serverless.yaml` file. In this case, the TriggerMesh `tm` CLI. | +| `name` | Indicates which provider is used to execute the `serverless.yml` file. In this case, the TriggerMesh `tm` CLI. | | `registry-secret` | Indicates which registry will be used to store docker images. The sample function is using the GitLab Registry (`gitlab-registry`). A different registry host may be specified using `registry` key in the `provider` object. If changing the default, update the permission and the secret value on the `gitlab-ci.yml` file | | `environment` | Includes the environment variables to be passed as part of function execution for **all** functions in the file, where `FOO` is the variable name and `BAR` are he variable contents. You may replace this with you own variables. | ### `functions` -In the `serverless.yaml` example above, the function name is `echo` and the subsequent lines contain the function attributes. +In the `serverless.yml` example above, the function name is `echo` and the subsequent lines contain the function attributes. | Parameter | Description | @@ -161,7 +158,7 @@ In the `serverless.yaml` example above, the function name is `echo` and the subs | `buildargs` | Pointer to the function file in the repo. In the sample the function is located in the `echo` directory. | | `environment` | Sets an environment variable for the specific function only. | -After the `gitlab-ci.yml` template has been added and the `serverless.yaml` file has been +After the `gitlab-ci.yml` template has been added and the `serverless.yml` file has been created, each function must be defined as a single file in your repository. Committing a function to your project will result in a CI pipeline being executed which will deploy each function as a Knative service. -- GitLab From 53e18c5bc3da33bc5fc239b25e78e07b7f4f4f50 Mon Sep 17 00:00:00 2001 From: Lukas Eipert Date: Fri, 4 Jan 2019 21:01:26 +0100 Subject: [PATCH 26/63] Correctly externalize pipeline tags --- .../pipelines/components/pipeline_url.vue | 34 +++++++++++++------ ...5721-externalization-for-pipeline-tags.yml | 5 +++ locale/gitlab.pot | 15 ++++++++ 3 files changed, 43 insertions(+), 11 deletions(-) create mode 100644 changelogs/unreleased/55721-externalization-for-pipeline-tags.yml diff --git a/app/assets/javascripts/pipelines/components/pipeline_url.vue b/app/assets/javascripts/pipelines/components/pipeline_url.vue index 7d8863dff29..918622ef8dc 100644 --- a/app/assets/javascripts/pipelines/components/pipeline_url.vue +++ b/app/assets/javascripts/pipelines/components/pipeline_url.vue @@ -1,8 +1,20 @@ + + diff --git a/locale/gitlab.pot b/locale/gitlab.pot index ddfd5599883..5a7df199bb3 100644 --- a/locale/gitlab.pot +++ b/locale/gitlab.pot @@ -106,6 +106,9 @@ msgstr "" msgid "%{counter_storage} (%{counter_repositories} repositories, %{counter_build_artifacts} build artifacts, %{counter_lfs_objects} LFS)" msgstr "" +msgid "%{count} more" +msgstr "" + msgid "%{count} more assignees" msgstr "" @@ -8175,6 +8178,9 @@ msgstr[1] "" msgid "should be higher than %{access} inherited membership from group %{group_name}" msgstr "" +msgid "show less" +msgstr "" + msgid "source" msgstr "" diff --git a/spec/javascripts/vue_shared/components/user_avatar/user_avatar_list_spec.js b/spec/javascripts/vue_shared/components/user_avatar/user_avatar_list_spec.js new file mode 100644 index 00000000000..64aa7e29718 --- /dev/null +++ b/spec/javascripts/vue_shared/components/user_avatar/user_avatar_list_spec.js @@ -0,0 +1,130 @@ +import { shallowMount, createLocalVue } from '@vue/test-utils'; +import { GlButton } from '@gitlab/ui'; +import { TEST_HOST } from 'spec/test_constants'; +import UserAvatarList from '~/vue_shared/components/user_avatar/user_avatar_list.vue'; +import UserAvatarLink from '~/vue_shared/components/user_avatar/user_avatar_link.vue'; + +const TEST_IMAGE_SIZE = 7; +const TEST_BREAKPOINT = 5; + +const createUser = id => ({ + id, + name: 'Lorem', + web_url: `${TEST_HOST}/${id}`, + avatar_url: `${TEST_HOST}/${id}/avatar`, +}); +const createList = n => + Array(n) + .fill(1) + .map((x, id) => createUser(id)); + +const localVue = createLocalVue(); + +describe('UserAvatarList', () => { + let propsData; + let wrapper; + + const factory = options => { + wrapper = shallowMount(localVue.extend(UserAvatarList), { + localVue, + propsData, + ...options, + }); + }; + + const clickButton = () => { + const button = wrapper.find(GlButton); + button.vm.$emit('click'); + }; + + beforeEach(() => { + propsData = { imgSize: TEST_IMAGE_SIZE }; + }); + + afterEach(() => { + wrapper.destroy(); + }); + + describe('with no breakpoint', () => { + beforeEach(() => { + propsData.breakpoint = 0; + }); + + it('renders avatars', () => { + const items = createList(20); + propsData.items = items; + factory(); + + const links = wrapper.findAll(UserAvatarLink); + const linkProps = links.wrappers.map(x => x.props()); + + expect(linkProps).toEqual( + propsData.items.map(x => + jasmine.objectContaining({ + linkHref: x.web_url, + imgSrc: x.avatar_url, + imgAlt: x.name, + tooltipText: x.name, + imgSize: TEST_IMAGE_SIZE, + }), + ), + ); + }); + }); + + describe('with breakpoint and length equal to breakpoint', () => { + beforeEach(() => { + propsData.breakpoint = TEST_BREAKPOINT; + propsData.items = createList(TEST_BREAKPOINT); + }); + + it('renders all avatars if length is <= breakpoint', () => { + factory(); + + const links = wrapper.findAll(UserAvatarLink); + + expect(links.length).toEqual(propsData.items.length); + }); + + it('does not show button', () => { + factory(); + + expect(wrapper.find(GlButton).exists()).toBe(false); + }); + }); + + describe('with breakpoint and length greater than breakpoint', () => { + beforeEach(() => { + propsData.breakpoint = TEST_BREAKPOINT; + propsData.items = createList(TEST_BREAKPOINT + 1); + }); + + it('renders avatars up to breakpoint', () => { + factory(); + + const links = wrapper.findAll(UserAvatarLink); + + expect(links.length).toEqual(TEST_BREAKPOINT); + }); + + describe('with expand clicked', () => { + beforeEach(() => { + factory(); + clickButton(); + }); + + it('renders all avatars', () => { + const links = wrapper.findAll(UserAvatarLink); + + expect(links.length).toEqual(propsData.items.length); + }); + + it('with collapse clicked, it renders avatars up to breakpoint', () => { + clickButton(); + const links = wrapper.findAll(UserAvatarLink); + + expect(links.length).toEqual(TEST_BREAKPOINT); + }); + }); + }); +}); -- GitLab From 47cb5a2641e840bca4f7fc15d93d78b2a6fca306 Mon Sep 17 00:00:00 2001 From: Chris Baumbauer Date: Thu, 13 Dec 2018 07:39:44 -0800 Subject: [PATCH 31/63] Require Knative to be installed only on an RBAC kubernetes cluster --- .../javascripts/clusters/clusters_bundle.js | 3 ++ .../clusters/components/applications.vue | 19 ++++++++++++- .../clusters/stores/clusters_store.js | 6 ++++ app/models/clusters/applications/knative.rb | 11 ++++++++ app/views/clusters/clusters/show.html.haml | 1 + changelogs/unreleased/knative-rbac-check.yml | 5 ++++ locale/gitlab.pot | 3 ++ spec/factories/clusters/clusters.rb | 4 +++ .../clusters/platforms/kubernetes.rb | 4 +-- .../projects/clusters/applications_spec.rb | 28 +++++++++++++++++++ .../clusters/stores/clusters_store_spec.js | 1 + .../clusters/applications/knative_spec.rb | 7 +++++ 12 files changed, 89 insertions(+), 3 deletions(-) create mode 100644 changelogs/unreleased/knative-rbac-check.yml diff --git a/app/assets/javascripts/clusters/clusters_bundle.js b/app/assets/javascripts/clusters/clusters_bundle.js index aff32d95db1..b1f992c03ff 100644 --- a/app/assets/javascripts/clusters/clusters_bundle.js +++ b/app/assets/javascripts/clusters/clusters_bundle.js @@ -32,6 +32,7 @@ export default class Clusters { installKnativePath, installPrometheusPath, managePrometheusPath, + hasRbac, clusterType, clusterStatus, clusterStatusReason, @@ -45,6 +46,7 @@ export default class Clusters { this.store.setManagePrometheusPath(managePrometheusPath); this.store.updateStatus(clusterStatus); this.store.updateStatusReason(clusterStatusReason); + this.store.updateRbac(hasRbac); this.service = new ClustersService({ endpoint: statusPath, installHelmEndpoint: installHelmPath, @@ -102,6 +104,7 @@ export default class Clusters { ingressHelpPath: this.state.ingressHelpPath, managePrometheusPath: this.state.managePrometheusPath, ingressDnsHelpPath: this.state.ingressDnsHelpPath, + rbac: this.state.rbac, }, }); }, diff --git a/app/assets/javascripts/clusters/components/applications.vue b/app/assets/javascripts/clusters/components/applications.vue index 489615f1f78..5d19c79570a 100644 --- a/app/assets/javascripts/clusters/components/applications.vue +++ b/app/assets/javascripts/clusters/components/applications.vue @@ -52,6 +52,11 @@ export default { required: false, default: '', }, + rbac: { + type: Boolean, + required: false, + default: false, + }, }, data: () => ({ elasticsearchLogo, @@ -442,6 +447,18 @@ export default { title-link="https://github.com/knative/docs" >
+ +

+ {{ + s__(`ClusterIntegration|You must have an RBAC-enabled cluster + to install Knative.`) + }} + + {{ __('More information') }} + +

+
+

{{ s__(`ClusterIntegration|Knative extends Kubernetes to provide @@ -465,7 +482,7 @@ export default { />

-