Security Dashboard does not display Owasp Top 10 group
Summary
The Instance level vulnerability Report /-/security/vulnerabilities does not display the Owasp 10 group despite vulnerabilityOwaspTop10Group being turned on globally.
Steps to reproduce
- Visit the User > Security >
Vulnerability Reportpage - Enable
:vulnerability_owasp_top_10_groupfeature flag - Click on the Group By button
Example Project
https://gitlab.com/-/security/vulnerabilities
What is the current bug behavior?
The Owasp Top 10 2017 option is not displayed.
What is the expected correct behavior?
The Owasp Top 10 2017 option is displayed.
Relevant logs and/or screenshots
Output of checks
Results of GitLab environment info
Expand for output related to GitLab environment info
(For installations with omnibus-gitlab package run and paste the output of: `sudo gitlab-rake gitlab:env:info`) (For installations from source run and paste the output of: `sudo -u git -H bundle exec rake gitlab:env:info RAILS_ENV=production`)
Results of GitLab application Check
Expand for output related to the GitLab application check
(For installations with omnibus-gitlab package run and paste the output of:
sudo gitlab-rake gitlab:check SANITIZE=true)(For installations from source run and paste the output of:
sudo -u git -H bundle exec rake gitlab:check RAILS_ENV=production SANITIZE=true)(we will only investigate if the tests are passing)