Spike time-box: 2d <!-- This template is a great use for issues that are feature::additions or technical tasks for larger issues.--> The ~"Category:Vulnerability Management" DB models and the [security report schemas](https://gitlab.com/gitlab-org/security-products/security-report-schemas/) are closely related. Both of these have unused or deprecated fields that should be removed. ### Proposal This proposal is to: 1. confirm fields that are unused 1. deprecate unused fields 1. write issues to remove deprecated fields The following DB fields seem to be unused: - [`confidence_overridden`](https://gitlab.com/gitlab-org/gitlab/-/blob/f5031f840fec8ba9aa1b988e674aec329d0ca3f2/db/structure.sql#L17992) and ~~`confidence`~~ browserker will use it. - `start_date` and [`due_date`](https://gitlab.com/gitlab-org/gitlab/-/blob/f5031f840fec8ba9aa1b988e674aec329d0ca3f2/db/structure.sql#L17979) - `start_date_sourcing_milestone_id` and [`due_date_sourcing_milestone_id`](https://gitlab.com/gitlab-org/gitlab/-/blob/f5031f840fec8ba9aa1b988e674aec329d0ca3f2/db/structure.sql#L17988) The following security report fields seem to be unused: - ~~[`confidence`](https://gitlab.com/gitlab-org/security-products/security-report-schemas/-/blob/810146137239e4340604585a856550d7d42a28e8/src/security-report-format.json#L346-349)~~ removed from scope since [browserker seems to be using it](https://gitlab.com/gitlab-org/gitlab/-/issues/337590) - [`cve`](https://gitlab.com/gitlab-org/security-products/security-report-schemas/-/blob/810146137239e4340604585a856550d7d42a28e8/src/security-report-format.json#L338-339) ### References - Explanation for absent GraphQL fields from @matt_wilson: https://gitlab.com/gitlab-org/gitlab/-/issues/299904#note_498955567 ### Implementation plan - [ ] review the proposed fields to determine we want to remove them - [ ] write and refine implementation issues to remove fields