Allow users to filter/configure the projects on the security dashboard
Problem to solve
The group Security Dashboard currently includes all projects for a given group. This means that the security dashboard includes many different results and vulnerabilities, causing potential noise. This is especially problematic for when certain projects will always have vulnerabilities or results that won't be triaged, such as test programs.
At GitLab, this is particularly problematic for our security dashboard since many of the results & F-rated projects are from tests of our security scanners - these are intentionally present in the projects and will never be fixed, but add a lot of noise to the dashboard. This reduces the value of the dashboard for us.
Proposal
Add a way to configure the group security dashboard to include and exclude specific projects to display.
Specific ideas for what may work:
- A configuration setting under the
Settings
menu. - Allow a file to be placed somewhere that can list which projects to include & exclude.
Once implemented, dogfood this at GitLab by excluding projects that we know have vulnerabilities intentionally in them.