Add description to Security tab of pipeline page
Problem to solve
When navigating from the MR to the pipeline page, it's not clear why the security scan results may be different between the two.
Solution
Add a description under the Security tab of the pipeline page explaining that the vulnerability findings below are everything in the branch. Assuming the branch was made from the default one, the pipeline shows existing (in default) (same as what's shown in the Vulnerability Report) + new (what the MR shows).
Here is the new text:
Results show vulnerabilities introduced by the merge request, in addition to existing vulnerabilities from the latest successful pipeline in your project's default branch.
At the end of the sentence, there should be a ?
tooltip that links here: https://docs.gitlab.com/ee/user/application_security/security_dashboard/index.html#view-vulnerabilities-in-a-pipeline
/cc @matt_wilson