Add code flow to Pipeline page

Chen Charnolevsky (OOO until January 20, 2026)requested to merge
472818-vulnerability-code-flow-P1 into master

What does this MR do and why?

Add code flow to Pipeline page

MR acceptance checklist

Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Screenshots or screen recordings

Screenshots are required for UI changes, and strongly recommended for all other merge requests.

Before After
Screen_Recording_2024-07-17_at_12.38.21 Screen_Recording_2024-09-03_at_15.47.50

How to set up and validate locally

  1. Upload a GitLab Ultimate license
  2. Clone the code flow project and run his pipeline to display vulnerabilities
  3. Navigate to the project => Build => Pipelines => Select the first vulnerability to navigate to the vulnerability details page
  4. Apply the following patch to show the new features
Patch 
diff --git a/ee/app/assets/javascripts/security_dashboard/components/shared/vulnerability_details_graphql/index.vue b/ee/app/assets/javascripts/security_dashboard/components/shared/vulnerability_details_graphql/index.vue

--- a/ee/app/assets/javascripts/security_dashboard/components/shared/vulnerability_details_graphql/index.vue
+++ b/ee/app/assets/javascripts/security_dashboard/components/shared/vulnerability_details_graphql/index.vue
@@ -56,6 +56,7 @@ export default {
       },
     },
     showCodeFlowButton() {
+      return true
       return (
        this.glFeatures.vulnerabilityCodeFlow &&
        this.glFeatures.pipelineVulnerabilityCodeFlow &&
        vulnDetailCodeFlow &&
        vulnDetailCodeFlow?.items.length > 0
      );
diff --git a/ee/app/assets/javascripts/security_dashboard/components/pipeline/vulnerability_finding_modal.vue b/ee/app/assets/javascripts/security_dashboard/components/pipeline/vulnerability_finding_modal.vue

--- a/ee/app/assets/javascripts/security_dashboard/components/pipeline/vulnerability_finding_modal.vue
+++ b/ee/app/assets/javascripts/security_dashboard/components/pipeline/vulnerability_finding_modal.vue
@@ -56,6 +56,7 @@ export default {
       },
     },
     showCodeFlowTabs() {
+     return true
      return (
        this.glFeatures.vulnerabilityCodeFlow &&
        this.glFeatures.pipelineVulnerabilityCodeFlow &&
        this.codeFlowData?.items.length > 0
      );
  1. Verify the tabs appear and the user is directed to the Details tab
  2. Verify the View code flow button appears
  3. Verify clicking on the Code flow tab updates the url to include ?tab=code_flow
  4. Verify clicking the View code flow button navigates the user to the Code flow tab
  5. Verify that all content in 'Code flow' tab behaves as expected

Related to #472818 (closed) and #458062

Edited by Chen Charnolevsky (OOO until January 20, 2026)

Merge request reports