Commit 9d56f770 authored by Matt Wilson's avatar Matt Wilson Committed by Russell Dickenson

Vulnerability status clarification

parent a696e7ec
...@@ -37,7 +37,9 @@ A vulnerability's status can be one of the following: ...@@ -37,7 +37,9 @@ A vulnerability's status can be one of the following:
| Detected | The default state for a newly discovered vulnerability. | | Detected | The default state for a newly discovered vulnerability. |
| Confirmed | A user has seen this vulnerability and confirmed it to be accurate. | | Confirmed | A user has seen this vulnerability and confirmed it to be accurate. |
| Dismissed | A user has seen this vulnerability and dismissed it because it is not accurate or otherwise not to be resolved. | | Dismissed | A user has seen this vulnerability and dismissed it because it is not accurate or otherwise not to be resolved. |
| Resolved | The vulnerability has been fixed and is no longer valid. | | Resolved | The vulnerability has been fixed or is no longer present. |
Dismissed vulnerabilities are ignored if detected in subsequent scans. Resolved vulnerabilities that are reintroduced and detected by subsequent scans have a _new_ vulnerability record created. When an existing vulnerability is no longer detected in a project's `default` branch, you should change its status to Resolved. This ensures that if it is accidentally reintroduced in a future merge, it will be visible again as a new record. You can use the [Activity filter](../vulnerability_report/#activity-filter) to select all vulnerabilities that are no longer detected, and [change their status](../vulnerability_report#change-status-of-multiple-vulnerabilities).
## Change vulnerability status ## Change vulnerability status
......
...@@ -145,6 +145,17 @@ To change the status of vulnerabilities in the table: ...@@ -145,6 +145,17 @@ To change the status of vulnerabilities in the table:
![Project Vulnerability Report](img/project_security_dashboard_status_change_v14_2.png) ![Project Vulnerability Report](img/project_security_dashboard_status_change_v14_2.png)
### Change status of multiple vulnerabilities
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/35816) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 12.9.
You can change the status of multiple vulnerabilities at once:
1. In the list of vulnerabilities, select the checkbox for each vulnerability you want to update.
To select all, select the checkbox in the table header.
1. Above the table, select a new status.
1. Click **Change status** to save.
## Export vulnerability details ## Export vulnerability details
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/213014) in the Security Center (previously known as the Instance Security Dashboard) and project-level Vulnerability Report (previously known as the Project Security Dashboard) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 13.0. > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/213014) in the Security Center (previously known as the Instance Security Dashboard) and project-level Vulnerability Report (previously known as the Project Security Dashboard) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 13.0.
...@@ -191,14 +202,3 @@ You can dismiss a vulnerability for the entire project: ...@@ -191,14 +202,3 @@ You can dismiss a vulnerability for the entire project:
1. Optional. Add a reason for the dismissal and select **Save comment**. 1. Optional. Add a reason for the dismissal and select **Save comment**.
To undo this action, select a different status from the same menu. To undo this action, select a different status from the same menu.
### Dismiss multiple vulnerabilities
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/35816) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 12.9.
You can dismiss multiple vulnerabilities at once:
1. In the list of vulnerabilities, select the checkbox for each vulnerability you want to dismiss.
To select all, select the checkbox in the table header.
1. Above the table, select a dismissal reason.
1. Select **Dismiss Selected**.
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment