Generate test vulnerabilities

You can generate test vulnerabilities for the Vulnerability Report to test GitLab vulnerability management features without running a pipeline.

Log in to GitLab.
Go to /-/user_settings/personal_access_tokens and generate a personal access token with api permissions.
Go to your project page and find the project ID. You can find the project ID below the project title.
Clone the GitLab repository to your local machine.
Open a terminal and go to gitlab/qa directory.
Run bundle install
Run the following command:

GITLAB_QA_ACCESS_TOKEN=<your_personal_access_token> GITLAB_URL="<address:port>" bundle exec rake vulnerabilities:setup\[<your_project_id>,<vulnerability_count>\] --trace

Make sure you do the following:

Replace <your_personal_access_token> with the token you generated in step one.
Double check the GITLAB_URL. It should point to address and port of your GitLab instance, for example http://localhost:3000 if you are running GDK
Replace <your_project_id> with the ID you obtained in step three above.
Replace <vulnerability_count> with the number of vulnerabilities you’d like to generate.

The script creates the specified number of placeholder vulnerabilities in the project.

Help & feedback

Docs

Edit this page to fix an error or add an improvement in a merge request.
Create an issue to suggest an improvement to this page.

Product

Create an issue if there's something you don't like about this feature.
Propose functionality by submitting a feature request.
Join First Look to help shape new features.

Feature availability and product trials

View pricing to see all GitLab tiers and features, or to upgrade.
Try GitLab for free with access to all features for 30 days.

Get Help

If you didn't find what you were looking for, search the docs.

If you want help with something specific and could use community support, post on the GitLab forum.

For problems setting up or using this feature (depending on your GitLab subscription).

Request support