Skip to content

Add security scanner alerts to project vulnerabilities

What does this MR do?

It adds an alert to the vulnerability list within the project-security dashboard. The alert displays security-scanners that are either disabled and/or failed with the latest pipeline.

The alert can be dismissed and the dismissal should be remembered on the device.

Testing

218509-add-awareness-of-whether-scanners-have-been-enabled-on-security-dashboard-integration can be used for testing. It is a merge of this MR and the backend MR !36153 (merged), which adds the graphQL endpoint.

Note: You also need a project with a security-dashboard set up.

Screenshots

localhost_3000_root_dast-test_-_security_dashboard

Does this MR meet the acceptance criteria?

Conformity

Availability and Testing

Security

If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:

  • Label as security and @ mention @gitlab-com/gl-security/appsec
  • The MR includes necessary changes to maintain consistency between UI, API, email, or other methods
  • Security reports checked/validated by a reviewer from the AppSec team

Related to #218509 (closed)

Edited by David Pisek

Merge request reports

Loading