Add documentation showing vulnerability findings in the MR
Problem to solve
- What product or feature(s) affected? All Secure scans
- What docs or doc section affected? Include links or paths.
- Is there a problem with a specific document, or a feature/process that's not addressed sufficiently in docs?
- Any other ideas or requests?
We seem to have lost content (or navigation to it?) that shows the developer's view of the MR pipeline report with vulnerability findings. The vulnerability pages focus on the vulnerability itself, not the key differentiator that we have that is WHERE we show the results in the MR for the developer. The vulnerability pages doc says, " Each security vulnerability in a project’s Security Dashboard has an individual page which includes:..." but it is very important that it also say this SAME info is on the MR pipeline report for the developer resulting in a shared view of the vulnerabilities that remain after code is merged in a project.
The closest we get to it is in the main app sec page but the image used is of the vulnerability page, not the MR pipeline and it's hard to find this information.
I propose that the interacting with vulns adds a section showing an image of the MR pipeline where you can click to expand the security report. Also, the merge request report mentioned here, should be clickable to get to that image: "Each security vulnerability in the merge request report or the Security Dashboard is actionable." -->
Further details
Proposal
see above
Who can address the issue
docs team or PMs. @matt_wilson ?