Skip to content

Mark vulnerabilities as not resolved on default branch on ingestion

What does this MR do and why?

It's possible that a vulnerability can be marked as resolved on the default branch that later can be re-introduced by a new pipeline. In that case, we need to mark it as not resolved on the default branch.

Note: This logic runs behind a feature flag but I've added a changelog entry for transparency.

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

Merge request reports

Loading