Dashboard metrics should show 0 value when analyze ran but reported no vulnerabilities
Summary
When all vulnerabilities are fixed for a severity:
The line is ending like there’s no more data, this is a not a good representation of reality. we should
The data point should be 0
and we should continue to draw the line at the bottom.
Steps to reproduce
- have a dashboard history with vulnerabilities
- fix all vulnerabilities (for at least 1 severity)
- check the history chart
Example Project
https://gitlab.com/groups/gitlab-org/-/security/dashboard
What is the current bug behaviour?
No data point is returned and no line is drawn.
What is the expected correct behaviour?
Data point with 0
value is returned and line is drawn.
Possible fixes
We should count 0 when a report was successfully generated and no vulnerability reported (per report_type
and severity
).
Edited by Philippe Lafoucrière