Vulnerability counts are not updated when a scanner filter is applied
Why are we doing this work
We need to filter the vulnerabilities count for scannerId in the Vulnerability Report when activities are selected. This means adding scannerId
to the vulnerabilitySeveritiesCount
GraphQL query and VulnerabilitySeveritiesCountResolver. No modification to VulnerabilitiesFinder should be necessary.
Summary
On the vulnerability report, when a scanner filter is applied:
The counts at the top are incorrectly showing the counts for all vulnerabilities without the scanner filter applied, instead of the correct count with the scanner filter applied:
Steps to reproduce
-
Clone this project locally: https://gitlab.com/gitlab-org/secure/security-reports
-
Run a pipeline on the project so that the vulnerabilities are populated.
-
Go to the vulnerability report and note the counts at the top. Select a scanner filter and note that the counts at the top do not change when the scanner filter is changed.
Possible fixes
For the GraphQL queries in this file:
They do not support the new scannerId
property that was added to the vulnerabilities search, i.e.:
We need to add support for the scannerId
property to the vulnerability severities count GraphQL query as well.
Relevant links
Non-functional requirements
-
Documentation: Update GraphQL docs -
Testing: Update/Add tests for vulnerabilitySeveritiesCount