Add related vulnerabilities container to issue page

Proposal

While we can see related issues on the vulnerability detail page, we can't see related vulnerabilities on the issue page.

We'd like to have a related vulnerabilities container on the issues details page which shows, if there are any, the related vulnerabilities. It should also allow you to delete the link .

Design

related-vulnerabilities

Requirements

  1. Show related vulnerabilities container only if there are related vulnerabilities
  2. Use CRUD component for the container which can be collapsed, shows title "Related vulnerabilities", and the count
  3. Show table with vulnerability status, severity (and icon), and the name
  4. Clicking the name redirects to the vulnerability's detail page
  5. Limit to 25 initially loaded vulnerabilities

Implementation

  1. Use WorkItemWidgetVulnerabilities to fetch relatedVulnerabilities in frontend and show new work item vulnerabilities widget only if there are related vulnerabilities: Add frontend setup for vulnerabilities work ite... (!186564 - merged)
  2. Use CrudComponent for related vulnerabilities and show status, severity, and name

Verification steps

  1. Go to https://gitlab.com/gitlab-org/govern/threat-insights-demos/verification-projects/verify-related-vulnerabilities-work-item-widget/-/issues
  2. Notice the container is shown with t related secret scanning vulnerabilities
  3. Go to https://gitlab.com/gitlab-org/govern/threat-insights-demos/verification-projects/verify-related-vulnerabilities-work-item-widget/-/issues/3. This groups 48 SAST vulnerabilities, but verify that only 25 are shown in the Related vulnerabilities container (in Add "Load more" pagination support for related ... (#535440 - closed), pagination support will be added).
  4. Verify the count badge shows the count of the items shown
  5. Verify each vulnerability has the status, severity and name
  6. Verify clicking the name redirects to the vulnerability
  7. Verify you can collapse the Related vulnerabilities CRUD component and that when you refresh, that collapsed state is persisted.
Edited by Lorenz van Herwaarden