Display Validity Check Token Status on Vulnerability Report

Radu Birsanrequested to merge
rb-524747-validity-check-vuln-report-page into master

What does this MR do and why?

  • Send validity_checks_enabled from project security setting to frontend
  • Add validity_checks feature flag to frontend configuration
  • Conditionally render validity check text for Secret Detection reports
  • Create method to display friendly text based on findingTokenStatus
  • Only show validity information when feature flag enabled and project opted-in

References

[FE] UI for display token status on project vul... (#524747 - closed) • Radu Birsan • 18.3 • On track

Screenshots or screen recordings

Screenshot_2025-07-16_at_8.06.22_PM

Before After

How to set up and validate locally

  1. Ensure you have the validity_check feature flag enabled for your project
  2. Opt-in to validity checks via the Validity Checks toggle in Secure > Security Configuration after you've enabled Pipeline Secret Detection
  3. Make sure your pipeline has run with a few Secret Detection flagged vulnerabilities found
  4. Go to Secure > Vulnerability Report to see the changes added to the Severity column

MR acceptance checklist

Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Edited by Radu Birsan

Merge request reports