From afffba24729a46372c32fe5e9a1b35ce8b42e427 Mon Sep 17 00:00:00 2001 From: GitLab Bot Date: Mon, 21 Nov 2022 06:09:23 +0000 Subject: Add latest changes from gitlab-org/gitlab@master --- doc/user/application_security/index.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'doc') diff --git a/doc/user/application_security/index.md b/doc/user/application_security/index.md index 5ddfa99fc81..f92eee83c74 100644 --- a/doc/user/application_security/index.md +++ b/doc/user/application_security/index.md @@ -240,9 +240,9 @@ reports are available to download. To download a report, select ### Ultimate -A merge request contains a security widget which displays a summary of the new results. New results are determined by comparing the current findings against existing findings in the target (default) branch (if there are prior findings). +A merge request contains a security widget which displays a summary of the new results. New results are determined by comparing the findings of the merge request against the findings of the most recent completed pipeline (`success`, `failed`, `canceled` or `skipped`) for the latest commit in the target branch. -We recommend you run a scan of the `default` branch before enabling feature branch scans for your developers. Otherwise, there is no base for comparison and all feature branches display the full scan results in the merge request security widget. +If security scans have not run for the most recent completed pipeline in the target branch there is no base for comparison. The vulnerabilties from the merge request findings will be listed as new in the merge request security widget. We recommend you run a scan of the `default` (target) branch before enabling feature branch scans for your developers. The merge request security widget displays only a subset of the vulnerabilities in the generated JSON artifact because it contains both new and existing findings. -- cgit v1.2.3