Some projects with vulnerabilities does not have `project_settings.has_vulnerabilities` true
Summary
To identify which projects have vulnerabilities, we store a boolean column called has_vulnerabilities
in the project_settings
table. When this column is true
it means that there are vulnerability records associated with that project.
While checking something kinda related, I noticed that there are some projects with vulnerabilities which has this column set as false
. This is a big issue because we use this information to filter projects with vulnerabilities on GraphQL API and also use this information to run migrations for projects with vulnerabilities.
What is the current bug behavior?
There are some projects with inconsistent data.
What is the expected correct behavior?
When a project has associated vulnerabilities, the related project_settings
records must have the has_vulnerabilities
column as true
.
Output of checks
This bug happens on GitLab.com
Possible fixes
We need to understand why there is this inconsistency and need to run a migration to fix all those values.