Uploaded image for project: 'SonarQube'
  1. SonarQube
  2. SONAR-12719

Security Hotspots page allows to resolve a Security Hotspot

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 8.2
    • Component/s: Security Hotspots
    • Labels:
      None
    • Edition:
      Community
    • Production Notes:
      None

      Description

      New UI elements

      • see wireframe for UI
      • add button to resolve
      • add option to resolve as fixed or safe
      • what happens when hotspot is reviewed?
        • button is disabled/hidden after hotspot has been resolved (will be improved with SONAR-12753)
        • status is updated
        • list is not refreshed
      • add "Review History" tab displaying the changelog of the hotspot
        • displays changelog in reverse chronological order

      ------------------------------------------------

      UPDATE 2020-02-12

       

      • Remove the "needs additional review" (which was not a real status or action). The "assign to" action is now visible directly on the page instead of being hidden behind the old review button. This should make it easier for users to change the assignee if needed.
      • The review actions/status is now more visible. We display the current status + its info to help the user understand what should be done and what has been done.
      • The Security Hotspot that has been reviewed should disappear from the list. The next Security Hotspot in the list should be open automatically. 
      • The total number of Security Hotspot to review should be updated (top left number on the page)
      • The number of Security Hotspot in a category should be updated.

      ------------------------------------------------

      New WS api/hotspots/change_status

      • internal
      • requires the 'Browse' permission on the specified project  to confirm
      • parameters
        • hotspot (mandatory): the hotspot key
        • status (mandatory, enum): TO_REVIEW, REVIEWED
        • resolution (optional, enum): FIXED, SAFE
      • no failure if hotspot is already in the specified status
      • fail when status=TO_REVIEW and resolution has any value
      • fail when status=REVIEWED and resolution is neither FIXED nor SAFE
      • changing resolution is allowed
      • response 200, no content

      Changes to WS api/hotspots/show

      • add resolution to response
      • add changelog to response
      "changelog": [
        {
          "user": "john.smith",
          "userName": "John Smith",
          "isUserActive": true,
          "avatar": "b0d8c6e5ea589e6fc3d3e08afb1873bb",
          "creationDate": "2014-03-04T23:03:44+0100",
          "diffs": [
            {
              "key": "severity",
              "newValue": "BLOCKER",
              "oldValue": "MAJOR"
            }
          ]
        }

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              philippe.perrin Philippe Perrin
              Reporter:
              sebastien.lesaint Sebastien Lesaint
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Dates

                Due:
                Created:
                Updated:
                Resolved: