Display MR note on standalone vulnerability page
What does this MR do?
When a pipeline is run, there will be a security tab for the pipeline:
 |
Clicking on an item in the list will open a modal that shows details about the security vulnerability. If an issue and/or merge request is created for the vulnerability, notes are shown that link to the issue/MR:
 |
On the standalone vulnerability page, we have the same thing, but the MR note is missing:
| Before: MR note is missing | After: MR note is shown |
|---|---|
 |
 |
How to test locally
- Clone the Yarn Remediation repo.
- Click on
CI/CD -> Pipelinesand run a pipeline on thecurablebranch. - Click on
Security & Compliance -> Security Dashboardand click on either of the two vulnerabilities listed. - Click on the "Resolve with merge request" button on the upper right. The page will navigate to the merge request.
- Click the back button in the browser. Verify that the merge request note is shown.
Does this MR meet the acceptance criteria?
Conformity
-
Changelog entry -
Documentation (if required) -
Code review guidelines -
Merge request performance guidelines -
Style guides - [-] Database guides
-
Separation of EE specific content
Availability and Testing
-
Review and add/update tests for this feature/bug. Consider all test levels. See the Test Planning Process. -
Tested in all supported browsers - [-] Informed Infrastructure department of a default or new setting change, if applicable per definition of done
Edited by Daniel Tian