Resolve Vulnerabilities detected from a specific Scanner
What does this MR do and why?
When an analyzer job fails, the security report ingestion process can mistakingly mark the vulnerabilities on the default branch as resolved. The change in this merge requests provides a way to specify the Scanner to filter by to prevent accidentally marking a vulnerability as resolved.
The change in this MR produces the following query:
SELECT "vulnerabilities".*
FROM "vulnerabilities"
INNER JOIN "vulnerability_reads" "vulnerability_read"
ON "vulnerability_read"."vulnerability_id" = "vulnerabilities"."id"
WHERE "vulnerability_read"."project_id" = 1216
AND "vulnerability_read"."scanner_id" = 489;
A database index, !110700 (merged), was added to optimize performance of this query. The current query plan can be found at https://console.postgres.ai/gitlab/gitlab-production-tunnel-pg12/sessions/15467/commands/53653.
- #382625 (closed)
- https://console.postgres.ai/gitlab/gitlab-production-tunnel-pg12/sessions/15467/commands/53653
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Edited by mo khan