I’m trying to create vulnerabilities for my gitlab project using the Graphql api VulnerabilityCreateInput.
The vulnerability data I want to create also includes location information like line number, file, etc… I cannot seem to add this information to my vulnerability through this request but when I query for the vulnerabilities I can join on VulnerabilityLocationSast and pull the information (if it exists). How can I achieve this?
EDIT: I also need to set the confidence value, scan type, and possible solution to the vuln.
Example request query to pull the vulns
{
project(fullPath: "foo/bar") {
id
name
vulnerabilities(first: 10, after: null, before: null, last: null) {
nodes{
id
reportType
title
severity
detectedAt
updatedAt
vulnerabilityPath
description
falsePositive
state
hasSolutions
scanner {
reportType
externalId
name
vendor
}
identifiers {
externalId
externalType
name
url
}
project {
id
name
fullPath
}
links {
name
url
}
location {
... on
VulnerabilityLocationSecretDetection{
file
startLine
endLine
vulnerableClass
vulnerableMethod
blobPath
}
... on
VulnerabilityLocationSast {
file
startLine
endLine
vulnerableClass
vulnerableMethod
blobPath
}
... on
VulnerabilityLocationDependencyScanning{
file
dependency{
package{
name
}
version
}
blobPath
}
}
details {
... on
VulnerabilityDetailCode {
description
fieldName
lang
name
value
}
}
}
}
}
}
Example request to create the vulnerability without variables
mutation (
$input0: VulnerabilityCreateInput!
) {
inputOne: vulnerabilityCreate(input: $input0) {
vulnerability {
id
title
}
}
}