Mark vulnerabilities as not resolved on default branch on ingestion
What does this MR do and why?
It's possible that a vulnerability can be marked as resolved on the default branch that later can be re-introduced by a new pipeline. In that case, we need to mark it as not resolved on the default branch.
Note: This logic runs behind a feature flag but I've added a changelog entry for transparency.
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.