Developers can't create issues from vulnerabilities
Summary
Developers are not able to create issues from Vulnerabilities.
Steps to reproduce
Developers should be able to create an issue from each of the following places.
In a vulnerability finding on the merge request
In a vulnerability finding on the security tab on the pipeline
On a project or group Vulnerability Report
Example Project
Any project or group with an Ultimate license on GitLab.com.
What is the current bug behavior?
Developers are not able to create issues.
What is the expected correct behavior?
Developers are able to create issues.
Possible fixes
This typebug is like b/c we recently rolled out [Feature flag] Enable `disable_developer_access... (#429122 - closed). This is a part of Granular Security Permissions (&10684 - closed) that was released in %16.4. While removing the ability to change the status of a vulnerability as a Developer is a known breaking change, Developers should still have the ability to open issues from vulnerabilities.
Edited by Alana Bellucci