Replace vulnerability findings summary endpoint with vulnerabilities summary endpoint on the project security dashboard
Problem to solve
The underlying data model for findings is complex and results in slow querying. Using vulnerabilities will improve the load time and is a necessary piece of the transition to first class vulnerabilities.
Intended users
Proposal
Replace the vulnerability findings summary with a summary of vulnerabilities, using a new GraphQL type that returns the summary of vulnerabilities for a project.
GraphQL schema
query {
project(fullPath: "my-user/my-project") {
vulnerabilities {
summary {
critical
high
medium
low
info
undefined
unknown
}
}
}
}
Development plan
-
backend Complete #207437 (closed) -
backend Add vulnerability summary data to GraphQL !26346 (merged)
Permissions and Security
GraphQL should have the same permissions scheme as the project security dashboard.
Documentation
-
Determine whether any screenshots or information in the project security dashboard docs need to be updated.
What does success look like, and how can we measure that?
-
No more timeouts from the project dashboard vulnerability summary feature -
EXPLAIN
plan for new endpoint shows significantly better performance
What is the type of buyer?
Links / references
1st class vulnerabilities: #13561 (closed)
Edited by Avielle Wolfe