Allow re-dismissing vulnerabilities
What does this MR do and why?
This change allows re-dismissing vulnerabilities that have already been dismissed. It reverts a recommended change as per UX guidance.
explain SELECT
"vulnerabilities"."id",
"vulnerabilities"."state",
"vulnerabilities"."project_id"
FROM
"vulnerabilities"
WHERE
"vulnerabilities"."id" IN (4326, 4327, 4328, 4329, 4330, 4331, 4332, 4333, 4334, 4335, 4336, 4337, 4338, 4339, 4340, 4341, 4342, 4343, 4344, 4345, 4346, 4347, 4348, 4349, 4350, 4351, 4352, 4353, 4354, 4355, 4356, 4357, 4358, 4359, 4360, 4361, 4362, 4363, 4364, 4365, 4366, 4367, 4368, 4369, 4370, 4371, 4372, 4373, 4374, 4375, 4376, 4377, 4378, 4379, 4380, 4381, 4382, 4383, 4384, 4385, 4386, 4387, 4388, 4389, 4390, 4391, 4392, 4393, 4394, 4395, 4396, 4397, 4398, 4399, 4400, 4401, 4402, 4403, 4404, 4405, 4406, 4407, 4408, 4409, 4410, 4411, 4412, 4413, 4414, 4415, 4416, 4417, 4418, 4419, 4420, 4421, 4422, 4423, 4424, 4425);
https://console.postgres.ai/gitlab/gitlab-production-tunnel-pg12/sessions/21017/commands/68719
How to set up and validate locally
- Visit the graphql explorer
http://gdk.test:3000/-/graphql-explorer
- Execute the mutation
mutation dismissVulnerabilities($ids: [VulnerabilityID!]!, $comment: String!) { vulnerabilitiesDismiss( input: {vulnerabilityIds: $ids, comment: $comment, dismissalReason: USED_IN_TESTS} ) { vulnerabilities { id state dismissedAt dismissedBy { name } stateTransitions { nodes { dismissalReason fromState toState comment author { name } } } } errors } }
{ "ids": [ "gid://gitlab/Vulnerability/100", "gid://gitlab/Vulnerability/101", "gid://gitlab/Vulnerability/102" ], "comment": "A comment" }
- Verify the results by checking that the
state
isDISMISSED
and that thestateTransitions
includes a transition with atoState
ofDISMISSED
. - Re-run the same mutation with a different dismissal reason.
- Verify that the new dismissal reason is returned in the results.
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Edited by mo khan