User manual focus in Operational Vulnerabilities

Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.

• Close this issue

Problem to solve

The docs on Operational Vulnerabilities contain very few information about the feature, what it does and how to use it.

It mostly explains how to use basic UI components like the multi-select feature of the report table and lists the name of columns that can be seen in the UI as well. Those are intuitive and need no explanation. Listing the fields and duplicating the information from the UI like name of status is unnecessary because it's already explained by existing in the app and not useful if there's no further information and example use cases provided.

I can imagine that the docs where designed from the feature proposal as a kind of POC or maybe to attract interest, but that comes with the sacrifice of no longer addressing the user. As a user I expect user manual content at the mentioned location.

Further details

https://www.youtube.com/watch?v=IxB_7df1h3A shows the same issues.

Proposal

What really would interest me as a user reading the manual:

1. What's the meaning of "still detected"? I have a lot of vulnerabilities that are no longer detect, but do not show up in "no longer detected" instead in "still detected". It seems that the naming is the opposite of the intuitive meaning.
2. What is the reason for duplicates? I have some deployments in a Kubernetes Cluster scanned by the GitLab Agent which cause a list entry for every version.
3. What consequences does selecting different states have? If I select confirmed, is the vulnerability muted forever? Does it pop up when it is reintroduced? If not, what other status should I chose for that?
4. Is the state selected for the CVE, the image or the tuple consisting of CVE and image?
5. Please give examples for selecting states. The explanations are very abstract by nature. It is unnecessarily hard to understand things without examples. A colleague and I were quite amused when guessing what the right solution is because there's always more than one state that matches the current situation. Maybe it doesn't even matter - we'll know as soon as 3. is clarified.

I consider this an enhancement proposal, please do not treat is as a support request.

From my personal perspective I think that you should not make me think. It's unnecessary that one has to read the docs for such a basic reporting feature. So, improvements should go into the UI as well.

Who can address the issue

Anyone understanding the Operational Vulnerability Report.

Other links/references

./.