Merge branch '227113_add_resolved_on_default_branch_to_graphql_api' into 'master'

Add `resoved_on_default_branch` attribute to VulnerabilityType

See merge request gitlab-org/gitlab!38300

doc/api/graphql/reference/gitlab_schema.graphql

@@ -15105,6 +15105,11 @@ type Vulnerability {
   """
   reportType: VulnerabilityReportType
 
+  """
+  Indicates whether the vulnerability is fixed on the default branch or not
+  """
+  resolvedOnDefaultBranch: Boolean!
+
   """
   Scanner metadata for the vulnerability.
   """

doc/api/graphql/reference/gitlab_schema.json

@@ -44526,6 +44526,24 @@
               "isDeprecated": false,
               "deprecationReason": null
             },
+            {
+              "name": "resolvedOnDefaultBranch",
+              "description": "Indicates whether the vulnerability is fixed on the default branch or not",
+              "args": [
+
+              ],
+              "type": {
+                "kind": "NON_NULL",
+                "name": null,
+                "ofType": {
+                  "kind": "SCALAR",
+                  "name": "Boolean",
+                  "ofType": null
+                }
+              },
+              "isDeprecated": false,
+              "deprecationReason": null
+            },
             {
               "name": "scanner",
               "description": "Scanner metadata for the vulnerability.",

doc/api/graphql/reference/index.md

@@ -2265,6 +2265,7 @@ Represents a vulnerability.
 | `primaryIdentifier` | VulnerabilityIdentifier | Primary identifier of the vulnerability. |
 | `project` | Project | The project on which the vulnerability was found |
 | `reportType` | VulnerabilityReportType | Type of the security report that found the vulnerability (SAST, DEPENDENCY_SCANNING, CONTAINER_SCANNING, DAST, SECRET_DETECTION, COVERAGE_FUZZING) |
+| `resolvedOnDefaultBranch` | Boolean! | Indicates whether the vulnerability is fixed on the default branch or not |
 | `scanner` | VulnerabilityScanner | Scanner metadata for the vulnerability. |
 | `severity` | VulnerabilitySeverity | Severity of the vulnerability (INFO, UNKNOWN, LOW, MEDIUM, HIGH, CRITICAL) |
 | `state` | VulnerabilityState | State of the vulnerability (DETECTED, DISMISSED, RESOLVED, CONFIRMED) |

ee/app/graphql/types/vulnerability_type.rb

@@ -27,6 +27,9 @@ module Types
     field :report_type, VulnerabilityReportTypeEnum, null: true,
           description: "Type of the security report that found the vulnerability (#{::Vulnerabilities::Finding::REPORT_TYPES.keys.join(', ').upcase})"
 
+    field :resolved_on_default_branch, GraphQL::BOOLEAN_TYPE, null: false,
+          description: "Indicates whether the vulnerability is fixed on the default branch or not"
+
     field :user_notes_count, GraphQL::INT_TYPE, null: false,
           description: 'Number of user notes attached to the vulnerability'
 

ee/changelogs/unreleased/227113_add_resolved_on_default_branch_to_graphql_api.yml

+---
+title: Add `resolvedOnDefaultBranch` field to VulnerabilityType on GraphQL API
+merge_request: 38300
+author:
+type: added

ee/spec/graphql/types/vulnerability_type_spec.rb

@@ -8,7 +8,7 @@ RSpec.describe GitlabSchema.types['Vulnerability'] do
   let_it_be(:vulnerability) { create(:vulnerability, project: project) }
 
   let(:fields) do
-    %i[userPermissions id title description user_notes_count state severity report_type vulnerability_path location scanner primary_identifier identifiers project issueLinks]
+    %i[userPermissions id title description user_notes_count state severity report_type resolved_on_default_branch vulnerability_path location scanner primary_identifier identifiers project issueLinks]
   end
 
   before do