Frontend: Use Pipeline.securityReportFinding endpoint fetch feedbacks
Summary
Use the Pipeline.securityReportFinding query to fetch the mergeRequest, issueLinks and stateComment fields.
Why
These are replacing the legacy issue_feedback/merge_request_feedback objects from the main query that populates the MR widget, and replaces vulnerability_feedback endpoint that is a secondary request.
Things to bear in mind
When implementing this logic, make sure that the finding has a hasMergeRequest and hasIssue fields populated. These are used to render the correct buttons in the modal.
The modal should show a loading spinner while this query is being run.
Verification steps
-
Go to gitlab-org/govern/threat-insights-demos/mr-widget-v2-verification!1 (closed) -
Click on a finding -
Try creating an issue, creating an MR, dismissing, undo dismissing
When you reopen the modal, you should see the feedback on the action performed.
Bonus check: refresh the page during these steps to verify whether we really fixed the caching issue (when you dismiss a finding, refreshing the page should still display it as dismissed).