Start using only the `Security::Finding` instead of building `Vulnerability::Finding`

Why are we doing this work

As of Nov 4th, 2022 by !103013 (merged), we have started saving the finding_data in the security_findings table which makes it possible to generate responses for the APIs by using the security_findings table. After 3 months(March 2023), we will have all the records in that table with the finding_data set so we can just use security_findings records to generate responses for our APIs.

APIs

pipeline.securityReportFindings GraphQL field
vulnerability_findings REST API

Implementation plan

Change the Security::FindingsFinder to work like Security::PureFindingsFinder.
Remove the Security::PureFindingsFinder and replace all the occurrences of it with Security::FindingsFinder
Remove the Security::PipelineVulnerabilitiesFinder call from PipelineSecurityReportFindingsResolver
Remove the fallback logic from API::VulnerabilityFindings

Edited Apr 08, 2025 by Adrien Narinesingh