[Cloud Security] do not filter out vulnerabilities without the score field #163949
Conversation
maxcold
added
release_note:skip
maxcold
force-pushed
the
7342-cloud-security-do-not-filter-out-vulnerabilities-without-score
branch
from
1c7ae73 to
5f4e753
Compare
|
Pinging @elastic/kibana-cloud-security-posture (Team:Cloud Security) |
| <CVSScoreBadge version={cvss.version} score={cvss.score} /> | ||
| </EuiLink> | ||
| ), | ||
| render: (cvss: { score: number; version: string }) => { |
There was a problem hiding this comment.
| render: (cvss: { score: number; version: string }) => { | |
| render: (cvss: Vulnerability["score"]) => { |
There was a problem hiding this comment.
@JordanSh thanks for the suggestion! the Vulnerability["score"] is not the type we can use here, but I changed the code to use the correct type (as we are passing formatted data to the table)
| </EuiLink> | ||
| ), | ||
| render: (cvss: { score: number; version: string }) => { | ||
| if (!cvss.score || !cvss.version) return null; |
There was a problem hiding this comment.
I'm approving but was this agreed by product? if not, worth consulting. they might prefer some unknown/undefined tag or something. same for the vuln table itself.
There was a problem hiding this comment.
Thanks for highlighting this! I'm bringing it up in this comment https://github.com/elastic/security-team/issues/7146#issuecomment-1682475106 and think we need to specifically work on the UX of missing fields. Without this change, the behavior is different between dashboards and data grid (in the dashboard the empty green badge is being displayed as CVSScoreBadge doesn't handle this case itself, while in the data grid, we already have guards for a missing score in grid cells), so the question is if it's ok to move forward with the simplest solution. @nick-alayil do you see any problem with displaying empty cells consistently when the score is missing on the vulnerability document
There was a problem hiding this comment.
@nick-alayil do you see any problem with displaying empty cells consistently when the score is missing on the vulnerability document
This is totally acceptable at the moment since our primary goal is to ensure that all identified CVEs are presented to the end user, accompanied by the resource ID. We can focus on enhancing the UX for the default values in the future.
| render: (cvss: { score: number; version: string }) => { | ||
| if (!cvss.score || !cvss.version) return null; |
| } | ||
|
|
||
| return ( | ||
| <EuiLink onClick={() => onCellClick({ 'vulnerability.score.base': cvss.score! })}> |
There was a problem hiding this comment.
| <EuiLink onClick={() => onCellClick({ 'vulnerability.score.base': cvss.score! })}> | |
| <EuiLink onClick={() => onCellClick({ 'vulnerability.score.base': cvss.score })}> |
i might be missing something but this shouldn't be needed if you already verified it exist
There was a problem hiding this comment.
for some reason, TS is not picking up the early return in case cvss.score is missing and I couldn't figure out why quickly. Do you have an idea why it might be?
There was a problem hiding this comment.
I tried locally and i loled. looks like a typescript bug. consulted with the master @orouz and those two solutions work:
render: (cvss: PatchableVulnerabilityStat['cvss']) => {
if (!cvss.score || !cvss.version) {
return null;
}
const score = cvss.score;
// const query = { 'vulnerability.score.base': cvss.score };
return (
<EuiLink onClick={() => onCellClick({ 'vulnerability.score.base': score})}>
// <EuiLink onClick={() => onCellClick(query)}>
<CVSScoreBadge version={cvss.version} score={cvss.score} />
</EuiLink>
);
},you can either declare a new constant for score, or the entire query object on a new constant. either way the inferring seems bugged inside the onClick function.
There was a problem hiding this comment.
thanks for finding a way to avoid the use of cvss.score!! definitely seems like a TS bug
|
@elasticmachine merge upstream |
…abilities-without-score
…abilities-without-score
💛 Build succeeded, but was flaky
Failed CI StepsTest Failures
Metrics [docs]Async chunks
History
To update your PR or re-run it, just comment with: |
maxcold
deleted the
7342-cloud-security-do-not-filter-out-vulnerabilities-without-score
branch
Summary
as a part of an effort to remove the vulnerability documents filter in https://github.com/elastic/security-team/issues/7146 this PR removes the filter for missing
vulnerabiltiy.score.*fields.Here is how the CNVM features look like when documents without these fields are present
Checklist
Delete any items that are not applicable to this PR.