Dismissal reason is not changed with `vulnerabilitiesDismiss` mutation
Summary
When changing the status of vulnerabilities to dismissed, vulnerabilities that already have a dismissal reason aren't properly updated with the new dismissal reason.
Steps to reproduce
local
- enable ff:
Feature.enable(:dismiss_multiple_vulnerabilities)
- go to vulnerability report of a project that is populated with vulnerabilities
- make sure there are vulnerabilities that are dismissed
- select a couple of vulnerabilities that are dismissed
- set the status to "Dismiss" and choose another dismissal reason, provide a comment, and click change status
- Click on one of the vulnerabilities to go to the detail page and notice the dismissal reason isn't changed
production
similar steps to above on https://gitlab.com/gitlab-examples/security/security-reports
Example Project
What is the current bug behavior?
What is the expected correct behavior?
Relevant logs and/or screenshots
Output of checks
Results of GitLab environment info
Expand for output related to GitLab environment info
(For installations with omnibus-gitlab package run and paste the output of: `sudo gitlab-rake gitlab:env:info`) (For installations from source run and paste the output of: `sudo -u git -H bundle exec rake gitlab:env:info RAILS_ENV=production`)
Results of GitLab application Check
Expand for output related to the GitLab application check
(For installations with omnibus-gitlab package run and paste the output of:
sudo gitlab-rake gitlab:check SANITIZE=true
)(For installations from source run and paste the output of:
sudo -u git -H bundle exec rake gitlab:check RAILS_ENV=production SANITIZE=true
)(we will only investigate if the tests are passing)
Possible fixes
Edited by Lorenz van Herwaarden