Add vulnerabilities field to project.pipeline query
Why are we doing this work
We need to align the vulnerabilities
calls for pipelines to match the vulnerabilities
calls for project
and group
. This will help the FE to have more consistent code. Currently, we have project.pipeline.securityReportFindings
, but it's formatted differently than other vulnerabilities. We will create a new field that matches the output for the existing fields for project
and group
, but filling in data that does not exist with null. It will still use Security Findings for its response, but will format those findings like vulnerabilities.
This issue is specifically to create the new project.pipeline.vulnerabilities
field. Deprecation of the project.pipeline.securityReportFindings
call will be handled in #343475 (closed).
Relevant links
Non-functional requirements
-
Documentation: Update GraphQL documentation -
Testing: Add tests for new field
Implementation plan
Edited by Jonathan Schafer