Consider if Vulnerability::StateTransitions should be considered an Audit Trail
Fix dismissal_reason updates (!130509 - merged) • Gregory Havenga • 16.4 enables the modification of an existing state transition dismissal reason, whereas other Threat Insights code will prefer to create a new state transition when a user opts to modify the dismissal_reason.
The reason for this disparity is that there was some intention that state transitions were to be auditable objects that should not be modifiable, but it seems in our code we aren't overly inclined to hold fast to this concept. We should establish if this is something we'd like to maintain or discard the notion and permit the modification of state transitions more generally.
Edited by Gregory Havenga