Add ability to remove resolved vulnerabilities (!166914) · Merge requests · GitLab.org / GitLab

Mehmet Emin INAC requested to merge minac_474793_add_ability_to_filter_deleted_vulnerabilities into master Sep 23, 2024

What does this MR do and why?

This MR introduces a new argument for the existing VulnerabilitiesRemoveAllFromProject GraphQL mutation called resolved_on_default_branch to remove only the vulnerabilities no longer detected for a project.

Related to #474793+.

Database review

The only query introduced in this MR is the following one;

Filter `vulnerability_reads`

SELECT
    "vulnerability_reads"."vulnerability_id"
FROM
    "vulnerability_reads"
WHERE
    "vulnerability_reads"."project_id" = 278964
    AND "vulnerability_reads"."resolved_on_default_branch" = TRUE
LIMIT 100

Execution plan without index: https://console.postgres.ai/gitlab/gitlab-production-main/sessions/31842/commands/98545
Execution plan with the index introduced in this MR: https://console.postgres.ai/gitlab/gitlab-production-main/sessions/31842/commands/98539
Execution plan with a similar index if we add the vulnerability_id to the index: https://console.postgres.ai/gitlab/gitlab-production-main/sessions/31842/commands/98541

Edited Sep 24, 2024 by Mehmet Emin INAC

Add ability to remove resolved vulnerabilities

What does this MR do and why?

Database review

Merge request reports