Skip to content

Implement vulnerability counts in basic security MR widget [RUN AS-IF-FOSS]

What does this MR do?

Implement vulnerability counts

This implements vulnerability counts on the SecurityReportsApp component, implemented behind a disabled-by-default feature flag core_security_mr_widget_counts, as part of #273423 (closed).

This cannot be enabled until the backend endpoints are modified to be usable in non-Ultimate plans. See #284689 for more details.

Screenshots (strongly suggested)


To re-create the After screenshots below:

  1. Enable the core_security_mr_widget_counts feature flag
  2. Apply this patch to force the basic security widget to always render instead of the extended (Ultimate) version.
  3. Either:
    • In a project which falls under an Ultimate plan, create an MR with a SAST or Secret Detection job, such that some vulnerabilities are found.
    • In a project which falls under a non-Ultimate plan (but running EE, not FOSS), create an MR with a SAST or Secret Detection job. Because of #284689, no vulnerabilities will reported.
Before After (with caveats)
foss Loading: loading With vulnerabilities: gold__faked_ With no vulnerabilities: free__faked_

Does this MR meet the acceptance criteria?


Availability and Testing

Edited by Mark Florian

Merge request reports