diff --git a/app/assets/javascripts/security_configuration/constants.js b/app/assets/javascripts/security_configuration/constants.js index 23666abad34bb74c930ab8dff8e91a689ae8ba24..816d39f5c98f6fe8c5cbab8977b583bbc2cc33d5 100644 --- a/app/assets/javascripts/security_configuration/constants.js +++ b/app/assets/javascripts/security_configuration/constants.js @@ -18,35 +18,35 @@ import configureSecretDetectionMutation from './graphql/configure_secret_detecti * Translations for Security Configuration Page * Make sure to add new scanner translations to the SCANNER_NAMES_MAP below. */ -export const SAST_NAME = __('Static Application Security Testing (SAST)'); +export const SAST_NAME = __('Static application security testing (SAST)'); export const SAST_SHORT_NAME = s__('ciReport|SAST'); -export const ADVANCED_SAST_NAME = s__('ciReport|Advanced SAST Scanning'); +export const ADVANCED_SAST_NAME = s__('ciReport|Advanced SAST scanning'); -export const SAST_IAC_NAME = __('Infrastructure as Code (IaC) Scanning'); +export const SAST_IAC_NAME = __('Infrastructure as Code (IaC) scanning'); export const SAST_IAC_SHORT_NAME = s__('ciReport|SAST IaC'); -export const DAST_NAME = __('Dynamic Application Security Testing (DAST)'); +export const DAST_NAME = __('Dynamic application security testing (DAST)'); export const DAST_SHORT_NAME = s__('ciReport|DAST'); export const DAST_PROFILES_NAME = __('DAST profiles'); export const DAST_HELP_PATH = helpPagePath('user/application_security/dast/_index'); -export const SECRET_DETECTION_NAME = __('Secret Detection'); +export const SECRET_DETECTION_NAME = __('Secret detection'); -export const DEPENDENCY_SCANNING_NAME = __('Dependency Scanning'); +export const DEPENDENCY_SCANNING_NAME = __('Dependency scanning'); -export const CONTAINER_SCANNING_NAME = __('Container Scanning'); +export const CONTAINER_SCANNING_NAME = __('Container scanning'); -export const CONTAINER_SCANNING_FOR_REGISTRY_NAME = __('Container Scanning For Registry'); +export const CONTAINER_SCANNING_FOR_REGISTRY_NAME = __('Container scanning For registry'); -export const COVERAGE_FUZZING_NAME = __('Coverage Fuzzing'); +export const COVERAGE_FUZZING_NAME = __('Coverage fuzzing'); -export const CORPUS_MANAGEMENT_NAME = __('Corpus Management'); +export const CORPUS_MANAGEMENT_NAME = __('Corpus management'); -export const API_FUZZING_NAME = __('API Fuzzing'); +export const API_FUZZING_NAME = __('API fuzzing'); -export const CLUSTER_IMAGE_SCANNING_NAME = s__('ciReport|Cluster Image Scanning'); +export const CLUSTER_IMAGE_SCANNING_NAME = s__('ciReport|Cluster image scanning'); export const SECRET_PUSH_PROTECTION = 'secret_push_protection'; diff --git a/lib/gitlab/security/features.rb b/lib/gitlab/security/features.rb index a5a20c4ddf5009bb87259889cb19a1423a1c94d5..b21779bbee70e59891a1ad7ed9c48e88439ba7d7 100644 --- a/lib/gitlab/security/features.rb +++ b/lib/gitlab/security/features.rb @@ -8,7 +8,7 @@ class Features def self.data { sast: { - name: _('Static Application Security Testing (SAST)'), + name: _('Static application security testing (SAST)'), short_name: _('SAST'), description: _('Analyze your source code for vulnerabilities.'), help_path: Gitlab::Routing.url_helpers.help_page_path('user/application_security/sast/_index.md'), @@ -17,9 +17,9 @@ def self.data type: 'sast' }, sast_advanced: { - name: _('GitLab Advanced SAST'), + name: _('GitLab advanced SAST'), short_name: _('Advanced SAST'), - description: _('Analyze your source code for vulnerabilities with the GitLab Advanced SAST analyzer.'), + description: _('Analyze your source code for vulnerabilities with the GitLab advanced SAST analyzer.'), help_path: Gitlab::Routing.url_helpers.help_page_path( 'user/application_security/sast/gitlab_advanced_sast.md'), configuration_help_path: Gitlab::Routing.url_helpers.help_page_path( @@ -28,7 +28,7 @@ def self.data type: 'sast_advanced' }, sast_iac: { - name: _('Infrastructure as Code (IaC) Scanning'), + name: _('Infrastructure as Code (IaC) scanning'), short_name: s_('ciReport|SAST IaC'), description: _('Analyze your infrastructure as code configuration files for known vulnerabilities.'), help_path: Gitlab::Routing.url_helpers.help_page_path('user/application_security/iac_scanning/_index.md'), @@ -50,7 +50,7 @@ def self.data description: s_('SecurityConfiguration|Manage profiles for use by DAST scans.'), configuration_text: s_('SecurityConfiguration|Manage profiles') }, - name: _('Dynamic Application Security Testing (DAST)'), + name: _('Dynamic application security testing (DAST)'), short_name: s_('ciReport|DAST'), description: s_('ciReport|Analyze a deployed version of your web application for known ' \ 'vulnerabilities by examining it from the outside in. DAST works ' \ @@ -62,7 +62,7 @@ def self.data anchor: 'dast' }, dependency_scanning: { - name: _('Dependency Scanning'), + name: _('Dependency scanning'), description: _('Analyze your dependencies for known vulnerabilities.'), help_path: Gitlab::Routing.url_helpers.help_page_path( 'user/application_security/dependency_scanning/_index.md'), @@ -72,7 +72,7 @@ def self.data anchor: 'dependency-scanning' }, container_scanning: { - name: _('Container Scanning'), + name: _('Container scanning'), description: _('Check your Docker images for known vulnerabilities.'), help_path: Gitlab::Routing.url_helpers.help_page_path( 'user/application_security/container_scanning/_index.md'), @@ -81,7 +81,7 @@ def self.data type: 'container_scanning' }, container_scanning_for_registry: { - name: _('Container Scanning For Registry'), + name: _('Container scanning for registry'), description: _('Run container scanning job whenever a container image with the latest tag is pushed.'), help_path: Gitlab::Routing.url_helpers.help_page_path( 'user/application_security/container_scanning/_index.md', anchor: 'container-scanning-for-registry'), @@ -105,7 +105,7 @@ def self.data type: 'secret_push_protection' }, secret_detection: { - name: _('Pipeline Secret Detection'), + name: _('Pipeline secret detection'), description: _('Analyze your source code and Git history for secrets by using CI/CD pipelines.'), help_path: Gitlab::Routing.url_helpers.help_page_path( 'user/application_security/secret_detection/pipeline/_index.md'), @@ -114,14 +114,14 @@ def self.data type: 'secret_detection' }, api_fuzzing: { - name: _('API Fuzzing'), + name: _('API fuzzing'), description: _('Find bugs in your code with API fuzzing.'), help_path: Gitlab::Routing.url_helpers.help_page_path( 'user/application_security/api_fuzzing/_index.md'), type: 'api_fuzzing' }, coverage_fuzzing: { - name: _('Coverage Fuzzing'), + name: _('Coverage fuzzing'), description: _('Find bugs in your code with coverage-guided fuzzing.'), help_path: Gitlab::Routing.url_helpers.help_page_path( 'user/application_security/coverage_fuzzing/_index.md'), @@ -130,7 +130,7 @@ def self.data type: 'coverage_fuzzing', secondary: { type: 'corpus_management', - name: _('Corpus Management'), + name: _('Corpus management'), description: s_('SecurityConfiguration|Manage corpus files used as seed ' \ 'inputs with coverage-guided fuzzing.'), configuration_text: s_('SecurityConfiguration|Manage corpus') diff --git a/locale/gitlab.pot b/locale/gitlab.pot index 3a19ec4965598093469298134cb9b01697028d6c..e7a13a0100572b55af72209a9a7205cec93b484b 100644 --- a/locale/gitlab.pot +++ b/locale/gitlab.pot @@ -2884,9 +2884,6 @@ msgstr "" msgid "API" msgstr "" -msgid "API Fuzzing" -msgstr "" - msgid "API Help" msgstr "" @@ -2896,6 +2893,9 @@ msgstr "" msgid "API authentication token from Campfire. To get the token, sign in to Campfire and select **My info**." msgstr "" +msgid "API fuzzing" +msgstr "" + msgid "API key" msgstr "" @@ -8040,7 +8040,7 @@ msgstr "" msgid "Analyze your source code and Git history for secrets by using CI/CD pipelines." msgstr "" -msgid "Analyze your source code for vulnerabilities with the GitLab Advanced SAST analyzer." +msgid "Analyze your source code for vulnerabilities with the GitLab advanced SAST analyzer." msgstr "" msgid "Analyze your source code for vulnerabilities." @@ -18047,12 +18047,6 @@ msgstr "" msgid "Container Repository" msgstr "" -msgid "Container Scanning" -msgstr "" - -msgid "Container Scanning For Registry" -msgstr "" - msgid "Container expiration policy" msgstr "" @@ -18074,6 +18068,12 @@ msgstr "" msgid "Container scanning" msgstr "" +msgid "Container scanning For registry" +msgstr "" + +msgid "Container scanning for registry" +msgstr "" + msgid "ContainerRegistry| Please visit the %{linkStart}administration settings%{linkEnd} to enable this feature." msgstr "" @@ -19205,10 +19205,10 @@ msgstr "" msgid "Copy value" msgstr "" -msgid "Corpus Management" +msgid "Corpus Management|Are you sure you want to delete the corpus?" msgstr "" -msgid "Corpus Management|Are you sure you want to delete the corpus?" +msgid "Corpus management" msgstr "" msgid "CorpusManagement|A corpus is used by fuzz testing to improve coverage. Corpus files can be manually created or auto-generated. %{linkStart}Learn more%{linkEnd}" @@ -19448,7 +19448,7 @@ msgstr "" msgid "Coverage" msgstr "" -msgid "Coverage Fuzzing" +msgid "Coverage fuzzing" msgstr "" msgid "Create" @@ -22379,9 +22379,6 @@ msgstr "" msgid "Dependency Proxy" msgstr "" -msgid "Dependency Scanning" -msgstr "" - msgid "Dependency list" msgstr "" @@ -25076,7 +25073,7 @@ msgstr[1] "" msgid "During this process, you’ll be asked for URLs from GitLab’s side. Use the URLs shown below." msgstr "" -msgid "Dynamic Application Security Testing (DAST)" +msgid "Dynamic application security testing (DAST)" msgstr "" msgid "E-mail:" @@ -29726,9 +29723,6 @@ msgstr "" msgid "GitLab Account Request" msgstr "" -msgid "GitLab Advanced SAST" -msgstr "" - msgid "GitLab Billing Team." msgstr "" @@ -29810,6 +29804,9 @@ msgstr "" msgid "GitLab account request rejected" msgstr "" +msgid "GitLab advanced SAST" +msgstr "" + msgid "GitLab commit" msgstr "" @@ -34373,7 +34370,7 @@ msgstr "" msgid "Infrastructure Monitoring" msgstr "" -msgid "Infrastructure as Code (IaC) Scanning" +msgid "Infrastructure as Code (IaC) scanning" msgstr "" msgid "InfrastructureRegistry|Copy Terraform Command" @@ -46905,9 +46902,6 @@ msgstr "" msgid "Pipeline Schedules" msgstr "" -msgid "Pipeline Secret Detection" -msgstr "" - msgid "Pipeline URL" msgstr "" @@ -46935,6 +46929,9 @@ msgstr "" msgid "Pipeline schedules" msgstr "" +msgid "Pipeline secret detection" +msgstr "" + msgid "Pipeline security" msgstr "" @@ -62537,7 +62534,7 @@ msgstr "" msgid "State your message to activate" msgstr "" -msgid "Static Application Security Testing (SAST)" +msgid "Static application security testing (SAST)" msgstr "" msgid "Statistics" @@ -75910,7 +75907,7 @@ msgstr "" msgid "ciReport|API fuzzing" msgstr "" -msgid "ciReport|Advanced SAST Scanning" +msgid "ciReport|Advanced SAST scanning" msgstr "" msgid "ciReport|All tools" @@ -75939,6 +75936,9 @@ msgstr "" msgid "ciReport|Cluster Image Scanning" msgstr "" +msgid "ciReport|Cluster image scanning" +msgstr "" + msgid "ciReport|Code Quality" msgstr "" diff --git a/spec/lib/gitlab/security/scan_configuration_spec.rb b/spec/lib/gitlab/security/scan_configuration_spec.rb index bc56f1914fd466ba9b530916a6e6b68e6a0470d4..29bf76ebe61e6647b99dd564f3fdfd23b18c02b4 100644 --- a/spec/lib/gitlab/security/scan_configuration_spec.rb +++ b/spec/lib/gitlab/security/scan_configuration_spec.rb @@ -93,13 +93,13 @@ using RSpec::Parameterized::TableSyntax where(:scan_type, :features_hash) do - :sast | { name: "Static Application Security Testing (SAST)", + :sast | { name: "Static application security testing (SAST)", short_name: "SAST", description: "Analyze your source code for vulnerabilities.", help_path: "/help/user/application_security/sast/_index.md", configuration_help_path: "/help/user/application_security/sast/_index.md#configuration", type: "sast" } - :sast_iac | { name: "Infrastructure as Code (IaC) Scanning", + :sast_iac | { name: "Infrastructure as Code (IaC) scanning", short_name: "SAST IaC", description: "Analyze your infrastructure as code configuration files for known vulnerabilities.", help_path: "/help/user/application_security/iac_scanning/_index.md", @@ -116,7 +116,7 @@ description: "Manage profiles for use by DAST scans.", configuration_text: "Manage profiles" }, - name: "Dynamic Application Security Testing (DAST)", + name: "Dynamic application security testing (DAST)", short_name: "DAST", description: "Analyze a deployed version of your web application for known " \ "vulnerabilities by examining it from the outside in. DAST works by simulating " \ @@ -126,13 +126,13 @@ type: "dast", anchor: "dast" } - :dependency_scanning | { name: "Dependency Scanning", + :dependency_scanning | { name: "Dependency scanning", description: "Analyze your dependencies for known vulnerabilities.", help_path: "/help/user/application_security/dependency_scanning/_index.md", configuration_help_path: "/help/user/application_security/dependency_scanning/_index.md#configuration", type: "dependency_scanning", anchor: "dependency-scanning" } - :container_scanning | { name: "Container Scanning", + :container_scanning | { name: "Container scanning", description: "Check your Docker images for known vulnerabilities.", help_path: "/help/user/application_security/container_scanning/_index.md", configuration_help_path: "/help/user/application_security/container_scanning/_index.md#configuration", @@ -144,23 +144,23 @@ help_path: Gitlab::Routing.url_helpers.help_page_path( "user/application_security/secret_detection/secret_push_protection/_index.md"), type: "secret_push_protection" } - :secret_detection | { name: "Pipeline Secret Detection", + :secret_detection | { name: "Pipeline secret detection", description: "Analyze your source code and Git history for secrets by using CI/CD pipelines.", help_path: "/help/user/application_security/secret_detection/pipeline/_index.md", configuration_help_path: "/help/user/application_security/secret_detection/pipeline/_index.md#configuration", type: "secret_detection" } - :api_fuzzing | { name: "API Fuzzing", + :api_fuzzing | { name: "API fuzzing", description: "Find bugs in your code with API fuzzing.", help_path: "/help/user/application_security/api_fuzzing/_index.md", type: "api_fuzzing" } - :coverage_fuzzing | { name: "Coverage Fuzzing", + :coverage_fuzzing | { name: "Coverage fuzzing", description: "Find bugs in your code with coverage-guided fuzzing.", help_path: "/help/user/application_security/coverage_fuzzing/_index.md", configuration_help_path: \ "/help/user/application_security/coverage_fuzzing/_index.md#enable-coverage-guided-fuzz-testing", type: "coverage_fuzzing", secondary: { type: "corpus_management", - name: "Corpus Management", + name: "Corpus management", description: "Manage corpus files used as " \ "seed inputs with coverage-guided fuzzing.", configuration_text: "Manage corpus" } }