Add optional reason when dismissing vulnerabilities
Problem to solve
Users can dismiss vulnerabilities in the security reports in case they recognize it as a false positive, or it simply doesn't apply to that specific case.
Security engineers may need to know the reason, and to understand why the vulnerability has been dismissed. At the moment, there is no way to get this information.
Sasha, Software Developer, https://about.gitlab.com/handbook/marketing/product-marketing/roles-personas#sasha-software-developer
Allow users to specify an optional message when dismissing vulnerabilities. This information will be saved.
Users that don't want/need to add the reason will go through their standard process as usual.
The dismissal information is the object that can be used to "add a comment". If that's the case, a textarea will appear (similar to comments in issues).
Related issue where we address adding a comment after dismissing, editing and more: https://gitlab.com/gitlab-org/gitlab-ee/issues/10364