Resolve: [Flaky Test] Security Risk Management MR security widget checks that dismissed vulnerabilities do not show up (!207455) · Merge requests · GitLab.org / GitLab

What does this MR do and why?

Potential fix for test failures for

Super sidebar loading issues
Vulnerability report loading timeouts
UI element timing issues
pipeline timing issues
Parallel Execution Race Conditions

References

Relevant Issue: https://gitlab.com/gitlab-org/gitlab/-/issues/564969
Related Test Case: https://gitlab.com/gitlab-org/gitlab/-/pipelines/1841587096
Example of failing pipeline: https://gitlab.com/gitlab-org/gitlab/-/pipelines/2033661262

Documentation: https://handbook.gitlab.com/handbook/engineering/development/sec/security-risk-management/security-insights/#quality-and-e2e-specs

Screenshots

The tests are passing in my local env:

How to set up and validate locally

Make sure your gdk is up and running.
Make sure your runner is up and running
Set GITLAB_SIMULATE_SAAS to 0 inside your env.runit in the gitlab-development-kit directory: export GITLAB_SIMULATE_SAAS=0
In your local env, go to gdk/gitlab/qa directory and run

WEBDRIVER_HEADLESS=false GITLAB_PASSWORD="password" GITLAB_QA_ACCESS_TOKEN="token" GITLAB_USERNAME="username" QA_LOG_LEVEL=DEBUG QA_GITLAB_URL=http://gdk.test:3000 QA_RUN_IN_PARALLEL=true bundle exec rspec ./qa/specs/features/ee/browser_ui/18_security_risk_management/dismissed_vulnerabilities_in_security_widget_spec.rb

MR acceptance checklist

Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Edited Oct 13, 2025 by Charlie Kroon

Resolve: [Flaky Test] Security Risk Management MR security widget checks that dismissed vulnerabilities do not show up

What does this MR do and why?

References

Screenshots

How to set up and validate locally

MR acceptance checklist

Merge request reports