Get information from vulnerabilities findings GraphQL API

Get information from vulnerabilities findings GraphQL API

I’m using this API to get vulnerabilities with GraphQL: Vulnerability Findings API | GitLab

But I’am unable to get solutions and evidences list, do you have an idea about how to get this information?

This is my query definition

{
  project(fullPath: "project_path") {
    id
    name
    vulnerabilities {
      nodes{
        id
        reportType
        title
        severity
        detectedAt
        updatedAt
        vulnerabilityPath
        description
        falsePositive
        state
        
        scanner {
          reportType
          externalId
          name
          vendor
        }
        identifiers {
          externalId
          externalType
          name
          url
        }
        project {
          id
          name
          fullPath
        }
        links {
          name
          url
        }
        location {
          ... on
          VulnerabilityLocationSecretDetection{
            file
            startLine
            endLine
            vulnerableClass
            vulnerableMethod
            blobPath
          }
          ... on 
          VulnerabilityLocationSast {
            file
            startLine
            endLine
            vulnerableClass
            vulnerableMethod
            blobPath
          }
          ... on 
           VulnerabilityLocationDependencyScanning{
            file
            dependency{
              package{
                name
              }
              version
            }
            blobPath
          }
        }
        
        details {
          ... on
          VulnerabilityDetailCode {
            description
            fieldName
            lang
            name
            value
          }
        }
      }
    }
  }
}

Hi, @hdezcarlos. I’m an Engineering Manager in the group responsible for this API.

The field you’re looking for is only available in the PipelineSecurityReportFinding type.

While looking at the docs, I noticed that remediations is also not available in the Vulnerability type.

I’ve created an issue to expose remediations and solution in the Vulnerability GraphQL type.