Security Dashboard should not show vulnerabilities that are "No Longer Detected"

Summary

A customer was reporting that their Security Dashboard was not updating despite resolving all vulnerabilities on the default branch. After further review, it was determined that the Security Dashboard was showing vulnerabilities marked as "No longer Detected" that have not yet been triaged in the vulnerability report.

The Security Dashboard should only show vulnerabilities that are still detected in the latest pipeline scan of the default branch.

• Zendesk (Internal)

Steps to reproduce

1. Create a project with vulnerabilities and run a scan via your pipeline
2. Resolve vulnerabilities and run a new scan, but do not triage in the Vulnerability Report
3. Filter the vulnerability report by "Still Detected" and confirm that no vulnerabilities are present
4. Filter the vulnerability report by "No Longer Detected" and confirm that vulnerabilities are present
5. Check the Security Dashboard and confirm that it is still showing vulnerabilities for the current day

What is the current behavior?

The Security Dashboard accounts for vulnerabilities that are both "still detected" and "no longer detected" but need triaged

What is the expected correct behavior?

The Security Dashboard should only account for vulnerabilities that are "still detected" in the latest pipeline scan of the default branch

Output of checks

This bug happens on GitLab.com

Possible fixes

We should change the frontend query on the security dashboard to add the still detected parameter and also change the historical statistics calculation logic to only count still detected ones.