Add migration to backfill solution to vulnerabilities from findings (!210572) · Merge requests · GitLab.org / GitLab

What does this MR do and why?

We are moving the solution field from vulnerability_occurrences to vulnerabilities since a solution will be the same on all branches. This MR adds a background migration to backfill the field using the vulnerability_occurrences table.

This MR is step 3 of the process:

Add the solution column to vulnerabilities: !205203 (merged)
Set the solution when new vulnerabilities are created: !210401 (merged)
Backfill solution from vulnerability_occurrences records: This MR 👈
Ignore column on Vulnerability::Finding model
Drop column from vulnerability_occurrences table
Remove ignore_column statement

References

Relates to: #556208

SQL

https://console.postgres.ai/gitlab/gitlab-production-sec/sessions/45029/commands/138204

UPDATE
  vulnerabilities
SET
  solution = vulnerability_occurrences.solution
FROM
  vulnerability_occurrences
WHERE
  vulnerability_occurrences.vulnerability_id IN (SELECT "vulnerabilities"."id" FROM "vulnerabilities" WHERE "vulnerabilities"."id" BETWEEN 1000000 AND 1001000 AND "vulnerabilities"."id" >= 1001000 AND "vulnerabilities"."id" < 1001100) AND
  vulnerability_occurrences.vulnerability_id = vulnerabilities.id AND
  vulnerabilities.solution IS NULL AND
  vulnerability_occurrences.solution IS NOT NULL

Screenshots or screen recordings

Before	After

How to set up and validate locally

MR acceptance checklist

Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Edited Oct 29, 2025 by Brian Williams

Add migration to backfill solution to vulnerabilities from findings

What does this MR do and why?

References

SQL

Screenshots or screen recordings

How to set up and validate locally

MR acceptance checklist

Merge request reports