Create a Vulnerability::StateTransition entry for redetected vulnerabilities
Why are we doing this work?
After introducing new Vulnerabilities ingestion framework we noticed that resolved
Vulnerabilities that were discovered again in the default branch weren't marked as detected
. This bug was addressed by Make sure resolved Vulnerabilties that show up ... (#361650 - closed) but recently we have introduced Vulnerability::StateTransition
model which we want to start populating as soon as possible.
Implementation plan
- Adjust
MarkResolvedAsDetected
task (ee/app/services/security/ingestion/tasks/ingest_vulnerabilities/mark_resolved_as_detected.rb
) to createVulnerability::StateTransition
entries for affected Vulnerabilities
Edited by Michał Zając