Vasyl Pedak activity https://gitlab.com/vpedak1 2026-03-19T11:20:30Z tag:gitlab.com,2026-03-19:5221654708 Vasyl Pedak commented on merge request !227953 at GitLab.org / GitLab 2026-03-19T11:20:30Z vpedak1 Vasyl Pedak

@rossfuhrman , could you review for our team?

 tag:gitlab.com,2026-03-19:5221531412 Vasyl Pedak commented on merge request !227953 at GitLab.org / GitLab 2026-03-19T10:49:29Z vpedak1 Vasyl Pedak

Hi, @michold , the Pipeline has suggested your team to review the changes to the metrics product_category. Would you be able to review? Thanks!

 tag:gitlab.com,2026-03-18:5219155461 Vasyl Pedak pushed to project branch vpedak-fix-assigned-feature-categories-metrics at GitLab.org / GitLab 2026-03-18T19:13:46Z vpedak1 Vasyl Pedak

Vasyl Pedak (3089704d) at 18 Mar 19:13

Fix feature category in scan profiles metrics

... and 80 more commits

tag:gitlab.com,2026-03-18:5219135575 Vasyl Pedak pushed to project branch vpedak-fix-assigned-feature-categories-FE at GitLab.org / GitLab 2026-03-18T19:07:07Z vpedak1 Vasyl Pedak

Vasyl Pedak (f9320c3c) at 18 Mar 19:07

Fix feature category for sec scan profiles in FE

... and 80 more commits

tag:gitlab.com,2026-03-18:5219113521 Vasyl Pedak opened merge request !227953: Fix feature category in scan profiles metrics at GitLab.org / GitLab 2026-03-18T19:00:03Z vpedak1 Vasyl Pedak

What does this MR do and why?

Fix feature category in the metrics related to Security Scan Profiles

Earlier we identified that scan profiles related components were incorrectly assigned wrong feature category ( #592069 ). This commit assigns the correct feature category to the corresponding metrics.

Fixes: #592069

Discussion: !227536 (comment 3164478674)

We have confirmed with product manager and product analyst.

References

Screenshots or screen recordings

N/A non functional maintenance change.

How to set up and validate locally

N/A non functional maintenance change.

MR acceptance checklist

Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

 tag:gitlab.com,2026-03-18:5219097809 Vasyl Pedak pushed new project branch vpedak-fix-assigned-feature-categories-metrics at GitLab.org / GitLab 2026-03-18T18:55:34Z vpedak1 Vasyl Pedak

Vasyl Pedak (e4061c4b) at 18 Mar 18:55

Fix feature category in scan profiles metrics

 tag:gitlab.com,2026-03-18:5218024746 Vasyl Pedak pushed to project branch vpedak-fix-assigned-feature-categories-FE at GitLab.org / GitLab 2026-03-18T14:47:55Z vpedak1 Vasyl Pedak

Vasyl Pedak (17030410) at 18 Mar 14:47

Fix feature category for sec scan profiles in FE

... and 347 more commits

tag:gitlab.com,2026-03-18:5218002113 Vasyl Pedak pushed to project branch vpedak-fix-assigned-feature-categories at GitLab.org / GitLab 2026-03-18T14:43:55Z vpedak1 Vasyl Pedak

Vasyl Pedak (3799fcad) at 18 Mar 14:43

Add missing feature categories

... and 346 more commits

tag:gitlab.com,2026-03-18:5217574409 Vasyl Pedak commented on merge request !227536 at GitLab.org / GitLab 2026-03-18T13:21:23Z vpedak1 Vasyl Pedak
  • I have added the missing feature_category to the spec related to Project::Security::ConfigurationController - !227536 (e6cd64c3)
  • Discussed with Ross Group::Security::ConfigurationController and agreed not to touch it for now.

Could you resolve the threads if it looks good for you now. Thanks! πŸ˜ƒ

 tag:gitlab.com,2026-03-18:5217556371 Vasyl Pedak pushed to project branch vpedak-fix-assigned-feature-categories at GitLab.org / GitLab 2026-03-18T13:17:48Z vpedak1 Vasyl Pedak

Vasyl Pedak (e6cd64c3) at 18 Mar 13:17

Add missing feature categories

 tag:gitlab.com,2026-03-18:5217421106 Vasyl Pedak commented on merge request !227536 at GitLab.org / GitLab 2026-03-18T12:49:09Z vpedak1 Vasyl Pedak

@rossfuhrman , @gkatz1 , sorry, I am having doubts after jumping to the Security Configuration page for a group πŸ˜…

Does it look more like a :security_testing_configuration or :security_asset_inventories ? For some reason, security attributes sounds more like a security asset inventory rather than testing configuration. There's nothing about security testing configuration on this page, more of "Hey, this group does X and has Y level of business impact..." looks more inventorish to me.

Suggestion: Do not change feature category in *groups/security/configuration_controller*

Screenshot 2026-03-18 at 12.40.29.png

Just to be clear, Projects on another hand ( **projects/security/configuration_controller** ) - still makes sense changing feature category to :security_testing_configuration.

 tag:gitlab.com,2026-03-18:5217246528 Vasyl Pedak commented on merge request !227536 at GitLab.org / GitLab 2026-03-18T12:12:55Z vpedak1 Vasyl Pedak

Please note that this is Projects related controller - projects/security/configuration_controller.rb The corresponding spec file is: https://gitlab.com/gitlab-org/gitlab/-/blob/master/spec/controllers/projects/security/configuration_controller_spec.rb#L5. At the moment it doesn't define feature category. I missed it and will add it there for consistency.

The mentioned spec file for the controller in the comment above is related to groups groups/security/configuration* , and I didn't touch the Groups::Security::ConfigurationController itself because I missed it. I think we also need to update the controller and corresponding tests too because it is related to security testing configuration.

 tag:gitlab.com,2026-03-18:5216708896 Vasyl Pedak commented on merge request !227536 at GitLab.org / GitLab 2026-03-18T10:13:59Z vpedak1 Vasyl Pedak

I was inspired by this comment from Ross πŸ˜ƒ #592069 (comment 3158166148)

 tag:gitlab.com,2026-03-17:5213813244 Vasyl Pedak commented on merge request !227536 at GitLab.org / GitLab 2026-03-17T16:29:24Z vpedak1 Vasyl Pedak

Hi, @alexbuijs . Could you please review the code for the Authorisation related changes?

  • doc/user/custom_roles/abilities.md - auto generated
  • ee/config/custom_abilities/apply_security_scan_profiles.yml
  • ee/config/custom_abilities/read_security_scan_profiles.yml
  • ee/spec/policies/security/scan_profile_policy_spec.rb
 tag:gitlab.com,2026-03-17:5213744954 Vasyl Pedak opened merge request !227697: Fix feature category for sec scan profiles in FE at GitLab.org / GitLab 2026-03-17T16:13:42Z vpedak1 Vasyl Pedak

What does this MR do and why?

In the earlier MR !227536 , we have updated the feature category assignment for all scan profile related backend components from security_asset_inventories to security_testing_configuration to properly reflect their functionality and purpose. We identified that some FE GraphQL queries that are processed by the affected backend components still use the old feature category. In this MR we update the frontend components.

References

#592069

!227536 - Backend changes

Screenshots or screen recordings

N/A. Non-functional maintenance changes.

How to set up and validate locally

N/A. Non-functional maintenance changes.

MR acceptance checklist

Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

 tag:gitlab.com,2026-03-17:5213709171 Vasyl Pedak pushed new project branch vpedak-fix-assigned-feature-categories-FE at GitLab.org / GitLab 2026-03-17T16:05:42Z vpedak1 Vasyl Pedak

Vasyl Pedak (61e5ad76) at 17 Mar 16:05

Fix feature category for sec scan profiles in FE

... and 6 more commits

tag:gitlab.com,2026-03-17:5213572089 Vasyl Pedak commented on merge request !227536 at GitLab.org / GitLab 2026-03-17T15:36:55Z vpedak1 Vasyl Pedak

This was auto-generated via bundle exec rake gitlab:custom_roles:compile_docs

 tag:gitlab.com,2026-03-17:5213570322 Vasyl Pedak commented on merge request !227536 at GitLab.org / GitLab 2026-03-17T15:36:30Z vpedak1 Vasyl Pedak

Well, I updated this docs by running the generator. bundle exec rake gitlab:custom_roles:compile_docs