Limit Group Security Dashboard to selected types of vulnerabilities
Right now on the Group Security Dashboard, when User select all Report types (default option), Frontend doesn't send any param in the request:
https://gitlab.com/groups/gitlab-org/-/security/vulnerabilities
It works fine for now because we have only SAST
and Dependency Scanning
in the database now. However, in future Container Scanning
and DAST
vulnerabilities will be stored in the database, but they shouldn't be visible on the Group Security Dashboard at once.
This issue could be fixed if the request will be sent with default params:
https://gitlab.com/groups/gitlab-org/-/security/vulnerabilities?report_type[]=sast&report_type[]=dependency_scanning
With this solution, we can enable other types of vulnerabilities only from the frontend.
Edited by Lukas Eipert