Malware Package Status Filters
## TL;DR Enable users to filter Dependency Lists and Vulnerability Reports by malicious package status. ## Scope ### In Scope - Backend filter parameters for GraphQL APIs (project + group) - Backend filter parameters for REST APIs (group-level only, if not yet migrated to GraphQL) - Filter token UI for Dependency Lists (project + group) - Filter token UI for Vulnerability Reports (project + group) - URL query parameter sync for filters ### API Migration Note Project-level APIs are fully migrated to GraphQL - no REST changes needed. Group-level APIs may require REST endpoint updates depending on the current migration status. ### Out of Scope - Badge display (covered in [Display Malicious Package Information](https://gitlab.com/groups/gitlab-org/-/epics/20572)) - License gating (covered in [Gate Malicious Packages Behind SSCS Add-on](https://gitlab.com/groups/gitlab-org/-/epics/20574)) ## Phase * **Epic Phase:** Phase 2 - Malicious Package Status Filters * **Parent Epic:** Malicious Package UI Representation and Filters ## Problem Statement Users cannot filter their dependency or vulnerability lists to focus specifically on malicious package findings. This makes triage difficult when mixed with hundreds of CVE vulnerabilities. ## Proposed Approach 1. Backend adds `isMalicious` filter parameter to finders 2. Frontend adds filter token to existing filtered search components 3. Filter syncs to URL for shareability ## Feature Flag - [x] Required - **Flag name:** `malicious_package_filters` - **Default state:** Disabled - **Rollout plan:** Enable after badges are stable ## Success Criteria - [ ] Users can filter Dependency List to show only malicious packages - [ ] Users can filter Vulnerability Report to show only malware vulnerabilities - [ ] Filters persist in URL and can be shared - [ ] Filters work alongside existing filters (severity, state, etc.) ## Timeline ## Dependencies - Blocked by: [Display Malicious Package Information](https://gitlab.com/groups/gitlab-org/-/epics/20572) (`isMalicious` field must exist) - Blocks: [Gate Malicious Packages Behind SSCS Add-on](https://gitlab.com/groups/gitlab-org/-/epics/20574) (filters must exist to gate) ## Tasks - [ ] [Backend - Add filtering support to Dependency APIs](https://gitlab.com/gitlab-org/gitlab/-/issues/587758) - [ ] [Backend - Add filtering support to Vulnerability APIs](https://gitlab.com/gitlab-org/gitlab/-/issues/587759) - [ ] [Frontend - Add filter token to Dependency Lists](https://gitlab.com/gitlab-org/gitlab/-/issues/587762) - [ ] [Frontend - Add filter token to Vulnerability Reports](https://gitlab.com/gitlab-org/gitlab/-/issues/587760) ## Implementation Notes _Keep this updated as work progresses._ ## Decisions - **Filter UX:** Standalone "Malicious" / `isMalicious` filter token on both Dependency List and Vulnerability Report (decided in [#551225](https://gitlab.com/gitlab-org/gitlab/-/issues/551225)) ## Resources - Design: https://gitlab.com/gitlab-org/gitlab/-/issues/551225
epic