Remove word "new" from security summary message on MR page
What does this MR do?
#231292 (closed) When viewing a MR, after a pipeline runs, the security scanning block will be shown. Previously, it showed the phrase:
Security scanning detected x new critical and x new high severity vulnerabilities
Security scanning block | Expanded security scanning block |
---|---|
However, the numbers are for the total number of vulnerabilities found in the project, not just new ones. The word new
makes it sound like the vulnerabilities were introduced in the current MR, which is confusing people and making them think their MR introduced a new vulnerability when it hasn't. This MR removes the word new
:
Note that we currently do not have the ability to differentiate between new and existing vulnerabilities. We will be adding that feature in later, but for now this MR is to address the immediate concern that it's confusing users.
Does this MR meet the acceptance criteria?
Conformity
-
Changelog entry - [-] Documentation (if required)
-
Code review guidelines -
Merge request performance guidelines - [-] Style guides
- [-] Database guides
-
Separation of EE specific content
Availability and Testing
-
Review and add/update tests for this feature/bug. Consider all test levels. See the Test Planning Process. -
Tested in all supported browsers - [-] Informed Infrastructure department of a default or new setting change, if applicable per definition of done