Implement vulnerability counts in basic security MR widget [RUN AS-IF-FOSS]
What does this MR do?
Implement vulnerability counts
This implements vulnerability counts on the SecurityReportsApp
component, implemented behind a disabled-by-default feature flag
core_security_mr_widget_counts, as part of
#273423 (closed).
This cannot be enabled until the backend endpoints are modified to be usable in non-Ultimate plans. See #284689 for more details.
Screenshots (strongly suggested)
Caveats
To re-create the After screenshots below:
- Enable the
core_security_mr_widget_countsfeature flag - Apply this patch to force the basic security widget to always render instead of the extended (Ultimate) version.
- Either:
- In a project which falls under an Ultimate plan, create an MR with a SAST or Secret Detection job, such that some vulnerabilities are found.
- In a project which falls under a non-Ultimate plan (but running EE, not FOSS), create an MR with a SAST or Secret Detection job. Because of #284689, no vulnerabilities will reported.
| Before | After (with caveats) |
|---|---|
 |
Loading:  With vulnerabilities:  With no vulnerabilities: 
|
Does this MR meet the acceptance criteria?
Conformity
- [-] Changelog entry
- [-] Documentation (if required)
-
Code review guidelines - [-] Merge request performance guidelines
-
Style guides - [-] Database guides
-
Separation of EE specific content
Availability and Testing
-
Review and add/update tests for this feature/bug. Consider all test levels. See the Test Planning Process. - [-] Tested in all supported browsers
- [-] Informed Infrastructure department of a default or new setting change, if applicable per definition of done
Edited by Mark Florian