Validate or improve UX of the security reports
In previous iterations we've added a lot of information about vulnerabilities in the security reports.
This issue's goal is to have a look at what's been done and validate or iterate on it to improve the UX of our Security Reports.
These components should be evaluated:
- vulnerabilities list in the MR widget and CI view
- vulnerability modal with details and actions (dismiss, create an issue)
- created issue from vulnerability (content of the description)
Security reports in merge request page
Security reports in pipeline page
Dismiss vulnerability modal dialog
- The entire vulnerability row in the report is clickable instead of separate links. This improves interacting with the vulnerability items.
- Added quick action buttons on row hover; visible only on desktops.
- The expanded report area in the MR widget is of fixed height. This improves scrolling since there is only a single scrollable area instead of individual scan reports.
- The reports are to be sorted by Severity first and then by Confidence. Fixed vulnerabilities appear at the top and dismissed ones appear at the bottom of each section.
Implementation of these designs will be carried out in https://gitlab.com/gitlab-org/gitlab-ee/issues/7561 and https://gitlab.com/gitlab-org/gitlab-ee/issues/7562.