Create a security vulnerability from API
Problem to solve
Users want to add their vulnerabilities via API, so they can integrate any source of report.
This is currently not possible, but could work if we provide an API to create first-class vulnerabilities.
- Sam, Security Analyst, https://about.gitlab.com/handbook/marketing/product-marketing/roles-personas#sam-security-analyst
A possible approach is to provide API "upload" functionalities for
reports, so that they can be created even without a runner. Or we can allow direct creation of first-class vulnerabilities, even if we should understand how to deal with the diff in the merge request.
Permissions and Security
The same as reports.