Vulnerability Report: The project picker doesn't show all projects in a group

Summary

The project picker of the Group Vulnerability Report (previously Security Dashboard) does not allow to select some of the projects in the group.

Steps to reproduce

1. Go to https://gitlab.com/groups/gitlab-org/-/security/vulnerabilities/?state=DETECTED&state=CONFIRMED

2. Use the project picker to search for gitlab.
   

1. Note that the search results do not contain the GitLab project, i.e. https://gitlab.com/gitlab-org/gitlab/

Other projects are also not found, for example Gitaly, gitlab-shell, and gitlab-workhorse.

Example Project

https://gitlab.com/groups/gitlab-org/

What is the current bug behavior?

The project picker doesn't show some of the projects in a group.

What is the expected correct behavior?

The project picker shows all projects in a group. Searching for a project by a search term should list all projects containing the term.

Implementation plan

• backend Extend Resolvers::ProjectsResolver (for EE only) with hasVulnerabilities boolean argument and pass that argument to ProjectsFinder,
• backend Extend EE::ProjectsFinder to support new argument and filter projects by existence of vulnerabilities,