Persist partial_scan_mode when storing scans (!195373) · Merge requests · GitLab.org / GitLab

What does this MR do and why?

This MR adds a new vulnerability_partial_scans table to persist partial scanning information.

References

Implementation issue: Persist GLAS diff-based scan in rails backend (#543636 - closed)
Epic: &17758 (closed)
Architecture design: https://handbook.gitlab.com/handbook/engineering/architecture/design-documents/sast_glas_diff_scan/

Screenshots or screen recordings

Before	After

How to set up and validate locally

Enable the feature flag: echo 'Feature.enable(:vulnerability_partial_scans)' | bundle exec rails c

Create a new project with this .gitlab-ci.yml:

sast:
  stage: test
  script: wget https://gitlab.com/gitlab-org/gitlab/-/raw/5d7bc4e75ae688b968a6debc0b8f62e7eb1f54d1/ee/spec/fixtures/security_reports/master/gl-sast-report-differential.json
  artifacts:
    reports:
      sast: gl-sast-report-differential.json

After the pipeline completes, check that a partial scan record was created: Vulnerabilities::PartialScan.last

MR acceptance checklist

Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Edited Jun 27, 2025 by Brian Williams

Persist partial_scan_mode when storing scans

What does this MR do and why?

References

Screenshots or screen recordings

How to set up and validate locally

MR acceptance checklist

Merge request reports