[Backend] Implement filtering of vulnerabilities by identifier on the vulnerabilities GraphQL query
Per the design requirements, we need to facilitate the searching of vulnerabilities by their identifier in the new search implementation.
Vulnerability Identifiers are already exposed by the graphql API, so this should be as simple as modifying the Vulnerability Reads modifier to accept an array of identifiers to search by.
Agreed MVC
- Filtering by identifier will be limited to a single page of records. i.e. show the first page alone with 100 vulnerabilities, without pagination.
- The ID filter will be additive, and can be used in conjunction with other filters, i.e. severity, status, or tool.
Implementation Plan
- DB related schema and migration effort is tracked and detailed in #460080
- backend database Implement searching by Vulnerability Indentifier on the Vulnerability::Reads finder, along with an index as for project level and group level report page.
-
backend Results including filtering by Identifier will be restricted to a single page, and therefore should not include paging information (nextPage, etc) in the API response of
vulnerabilities
andvulnerabilitySeverityCounts
/LimitedVulnerabilitySeverityCounts
GraphQL API.
Edited by Bala Kumar