Default state filter to confirmed and confirmed

- Update tests
- Update documentation

doc/user/application_security/security_dashboard/index.md

@@ -69,6 +69,8 @@ You can filter the vulnerabilities by:
 - Severity
 - Report type
 
+By default, detected and confirmed vulnerabilities will be displayed.
+
 You can also dismiss vulnerabilities in the table:
 
 1. Select the checkbox for each vulnerability you want to dismiss.
@@ -97,6 +99,8 @@ You can filter which vulnerabilities the Security Dashboard displays by:
 - Report type
 - Project
 
+By default, detected and confirmed vulnerabilities will be displayed.
+
 A table lists the vulnerabilities, sorted by severity. The table shows each vulnerability's status,
 severity, and description. Clicking a vulnerability takes you to its [Vulnerability Details](../vulnerabilities)
 page to view more information about that vulnerability.

ee/app/assets/javascripts/security_dashboard/components/first_class_vulnerability_filters.vue

 <script>
 import { isEqual } from 'lodash';
-import { ALL } from 'ee/security_dashboard/store/modules/filters/constants';
+import { ALL, STATE } from 'ee/security_dashboard/store/modules/filters/constants';
 import { setFilter } from 'ee/security_dashboard/store/modules/filters/utils';
 import DashboardFilter from 'ee/security_dashboard/components/filter.vue';
 import { initFirstClassVulnerabilityFilters, mapProjects } from 'ee/security_dashboard/helpers';
@@ -67,6 +67,11 @@ export default {
       },
     },
   },
+  created() {
+    if (Object.keys(this.selectedFilters).length === 0) {
+      this.$router.push({ query: { state: [STATE.DETECTED, STATE.CONFIRMED] } });
+    }
+  },
   methods: {
     setFilter(options) {
       this.filters = setFilter(this.filters, options);

ee/app/assets/javascripts/security_dashboard/store/modules/filters/constants.js

 import { s__ } from '~/locale';
 
 export const ALL = 'all';
+export const STATE = {
+  DETECTED: 'DETECTED',
+  CONFIRMED: 'CONFIRMED',
+};
 
 export const BASE_FILTERS = {
   severity: {

ee/changelogs/unreleased/217472-do-not-display-dismissed-by-default.yml

+---
+title: By default display only confirmed and detected vulnerabilities
+merge_request: 37914
+author:
+type: changed

ee/spec/frontend/security_dashboard/components/first_class_vulnerability_filters_spec.js

@@ -43,10 +43,6 @@ describe('First class vulnerability filters component', () => {
       expect(findFilters()).toHaveLength(filters.length);
     });
 
-    it('should pass down the filter information to the first filter', () => {
-      expect(findStateFilter().props().filter).toEqual(filters[0]);
-    });
-
     it('should call the setFilter mutation when setting a filter', () => {
       const stub = jest.fn();
       const options = { foo: 'bar' };
@@ -108,6 +104,22 @@ describe('First class vulnerability filters component', () => {
     });
   });
 
+  describe('when no filter is persisted in the URL', () => {
+    beforeEach(() => {
+      wrapper = createComponent({
+        propsData: { projects },
+      });
+    });
+
+    it('should redirect the user to an updated the URL and default the filters to CONFIRMED + DETECTED state', () => {
+      expect(findStateFilter().props('filter')).toEqual(
+        expect.objectContaining({
+          selection: new Set(['DETECTED', 'CONFIRMED']),
+        }),
+      );
+    });
+  });
+
   describe.each`
     filter          | value                   | selector
     ${'state'}      | ${'DETECTED,DISMISSED'} | ${findStateFilter}