Skip to content

GitLab Slack App - Notifications for vulnerabilities only works for the default branch

Release notes

The GitLab Slack App Integration allows users to select notifications for new vulnerabilities for all branches. However, only vulnerabilities added to the default branch trigger slack notifications. This seems to be related to the fact that the vulnerability report only considers the default branch to look for "new" vulnerabilities.

Problem to solve

In GitLab Slack App integration, vulnerabilities in other branches (other than the default) do not trigger slack notifications. However, the UI indicates that this is possible, by presenting the option to select "All branches".

Screenshot 2024-06-27 at 15.22.08.png

Proposal

I see two options here:

  • Make the feature send vulnerability notifications for all branches, OR
  • Disable the option "All branches" when the vulnerability trigger is selected