Reconfigure `Vulnerabilities::FindingEntity` to not use Feedbacks (!106992) · Merge requests · GitLab.org / GitLab

Gregory Havenga requested to merge 378353-adjust-mergerequestcontroller-not-to-use-vulnerabilities-feedback into master Dec 14, 2022

What does this MR do and why?

Implement the missing relationships and serialisers to provide the Issue, Merge Request and Dismissal information to the merge request security diff widget which is presently facilitated by the Vulnerability::Feedback model.

This MR attempts does not actively remove the vulnerability feedback information presented as this might be necessary to revert to if there are issues after the enablement of the :deprecate_vulnerability_feedback model.

How to set up and validate locally

Configure a project with a set of security scanners enabled and code which will result in detected vulnerabilities.
Set up Merge Request from a separate branch.
Make sure that the security report comparisons behave as expected.
Merge the MR.

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

I have evaluated the MR acceptance checklist for this MR.

Related to #378353 (closed)

Edited Feb 07, 2023 by Gregory Havenga

Reconfigure `Vulnerabilities::FindingEntity` to not use Feedbacks

What does this MR do and why?

How to set up and validate locally

MR acceptance checklist

Merge request reports