SD/Exclude No Longer Detected - Backend - Add `undetected_since` field to vulnerability ES index

TL;DR

Add resolved_on_default_branch_since field to vulnerability ES index so we can know when a vulnerability was no longer detected and exclude them on the correct date on the vulnerabilities over time chart.

Acceptance Criteria

ES migration adds undetected_since field to vulnerability index
Field is defined in ee/lib/search/elastic/references/vulnerability.rb with correct schema version
Field is added to ee/lib/search/elastic/types/vulnerability.rb with correct type (date/timestamp)
Specs verify the field is indexed correctly
New vulnerabilities marked as resolved have the timestamp indexed in ES

Implementation Details

We can follow this MR: Add detected_at field to ES vulnerability index (!209927 - merged) • Charlie Kroon • 18.6

Add ES migration to add undetected_since field
Update ee/lib/search/elastic/references/vulnerability.rb with new schema version and field setup
Add the field in ee/lib/search/elastic/types/vulnerability.rb
Add/update related specs

Estimate

Need to look at

Dependencies

Blocked by: #578566
Blocks: #578568
Parent: &19780

Edited Nov 24, 2025 by Subashis Chakraborty

SD/Exclude No Longer Detected - Backend - Add undetected_since field to vulnerability ES index