Filter by dismissal reason on the Vulnerability Report
What does this MR do and why?
Relates to #408983 (closed)
This allows more fine-grained filtering in the vulnerability report by adding options for dismissal reason. The "Dismissed" status as we now know it, is moved to a group "Dismissed as" with the "All dismissal reasons" option (equivalent to "Dismissed" status now) and all the specific dismissal reasons.
note: depends on Allow filtering Vulnerabilties by dismissal reason (!127652 - merged) • Michał Zając • 16.3 to allow for filtering by dismissal reason
Screenshots or screen recordings
FF Off | FF On | |
---|---|---|
Project | ![]() |
![]() |
Group | ![]() |
![]() |
Security (Instance) | ![]() |
![]() |
How to set up and validate locally
You'll need an EE license & runners set up.
- enable
expose_dismissal_reason
ff:echo "Feature.enable(:expose_dismissal_reason)" | rails c
- import security-reports
- run a pipeline on master branch
- ensure dismissal reasons are shown and filters the report accordingly
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Edited by Samantha Ming