Documentation
¶
Overview ¶
Package securityfindings implements MCP tool handlers for GitLab pipeline security report findings using the GraphQL API. This replaces the deprecated REST vulnerability_findings endpoint with the GraphQL Pipeline.securityReportFindings query.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func FormatListMarkdown ¶
func FormatListMarkdown(out ListOutput) string
FormatListMarkdown renders a paginated list of security findings as Markdown.
func RegisterTools ¶
func RegisterTools(server *mcp.Server, client *gitlabclient.Client)
RegisterTools registers security findings tools on the MCP server.
Types ¶
type EvidenceItem ¶
type EvidenceItem struct {
Source string `json:"source,omitempty"`
Data string `json:"data,omitempty"`
}
EvidenceItem holds supporting evidence for a finding.
type FindingItem ¶
type FindingItem struct {
UUID string `json:"uuid"`
Name string `json:"name"`
Title string `json:"title,omitempty"`
Severity string `json:"severity"`
Confidence string `json:"confidence,omitempty"`
ReportType string `json:"report_type"`
Scanner *ScannerItem `json:"scanner,omitempty"`
Description string `json:"description,omitempty"`
Solution string `json:"solution,omitempty"`
Identifiers []IdentifierItem `json:"identifiers,omitempty"`
Location *LocationItem `json:"location,omitempty"`
State string `json:"state"`
Evidence *EvidenceItem `json:"evidence,omitempty"`
VulnID string `json:"vulnerability_id,omitempty"`
VulnState string `json:"vulnerability_state,omitempty"`
}
FindingItem represents a single security report finding from a pipeline scan.
type IdentifierItem ¶
type IdentifierItem struct {
Name string `json:"name"`
ExternalType string `json:"external_type,omitempty"`
ExternalID string `json:"external_id,omitempty"`
URL string `json:"url,omitempty"`
}
IdentifierItem represents a finding identifier (CVE, CWE, OWASP, etc.).
type ListInput ¶
type ListInput struct {
ProjectPath string `json:"project_path" jsonschema:"Full path of the project (e.g. my-group/my-project),required"`
PipelineIID string `json:"pipeline_iid" jsonschema:"Pipeline IID within the project,required"`
Severity []string `json:"severity,omitempty" jsonschema:"Filter by severity: CRITICAL, HIGH, MEDIUM, LOW, INFO, UNKNOWN"`
Confidence []string `json:"confidence,omitempty" jsonschema:"Filter by confidence: CONFIRMED, MEDIUM, LOW"`
Scanner []string `json:"scanner,omitempty" jsonschema:"Filter by scanner external IDs"`
ReportType []string `` /* 189-byte string literal not displayed */
toolutil.GraphQLPaginationInput
}
ListInput is the input for listing pipeline security report findings.
type ListOutput ¶
type ListOutput struct {
toolutil.HintableOutput
Findings []FindingItem `json:"findings"`
Pagination toolutil.GraphQLPaginationOutput `json:"pagination"`
}
ListOutput is the output for listing pipeline security report findings.
func List ¶
func List(ctx context.Context, client *gitlabclient.Client, input ListInput) (ListOutput, error)
List retrieves pipeline security report findings via the GitLab GraphQL API.
type LocationItem ¶
type LocationItem struct {
File string `json:"file,omitempty"`
StartLine int `json:"start_line,omitempty"`
EndLine int `json:"end_line,omitempty"`
BlobPath string `json:"blob_path,omitempty"`
}
LocationItem represents the code location where the finding was detected.
type ScannerItem ¶
type ScannerItem struct {
Name string `json:"name"`
Vendor string `json:"vendor,omitempty"`
ExternalID string `json:"external_id,omitempty"`
}
ScannerItem represents the scanner that produced the finding.
Source Files