"Still Detected" on Security Scan for files that were deleted in HEAD of branch

Summary

Secret Detection scan was triggered on some files. Then these files were deleted. However, the vulnerabilities are showing as "Still Detected". As mentioned in #438362 it seems like "Still Detected" does not work the way it sounds like and there is no documentation to explain that either.

Steps to reproduce

  1. Add a file to the default branch that will trigger Secret Detection scan.
  2. Setup Secret Detection scan
  3. Confirm that the file shows on Vulnerability Report
  4. Delete file from default branch
  5. Confirm that after next scan of default branch, the vulnerability is still there with activity set to "Still Detected"

Example Project

Not available

What is the current bug behavior?

A vulnerability remains as "Still Detected" even though the file has been deleted from the default branch.

What is the expected correct behavior?

If a file is deleted in the default branch, the activity should become "no longer detected"

Relevant logs and/or screenshotsScreenshot_2024-01-23_at_10.46.07_AMScreenshot_2024-01-23_at_10.46.49_AM

Output of checks

N/A

Results of GitLab environment info

N/A

Results of GitLab application Check

N/A

Possible fixes

Unknown