I’m trying to create a Vulnerability Report from different branches such feature, hot fix an so on, but I’m not beeng able to find the way to do it, all the reports I’ve gerated are from the default (master) branch. So, there’s any way to generate a different vulnerability report of another branch?
@slipkike, there isn’t (I’m the engineering manager for the group that owns this feature).
This functionality is tracked in Track Vulnerabilities in locations other than default branch (&3430) · Epics · GitLab.org · GitLab and https://gitlab.com/gitlab-org/gitlab/-/issues/33160; you might want to vote on these.
You can use the GraphQL API to query for
PipelineSecurityReportFinding, but this only returns vulnerabilities in the pipeline you picked.
Using the GraphQL API, you could build something that looks at the latest pipeline in the branches you want and generates a report based on the JSON response.