Merge branch 'abellucci-master-patch-fdfe' into 'master'

Update Vulnerability Resolution Documentation to include confirmation that a... See merge request https://gitlab.com/gitlab-org/gitlab/-/merge_requests/165232 Merged-by: Phillip Wells <pwells@gitlab.com> Approved-by: Phillip Wells <pwells@gitlab.com> Reviewed-by: Phillip Wells <pwells@gitlab.com> Co-authored-by: Alana Bellucci <abellucci@gitlab.com>

Merge branch 'abellucci-master-patch-fdfe' into 'master'
fc4cc160 · Phillip Wells · GitLab · f3ad6d6c · 9c21b47d · fc4cc160
Unverified Commit fc4cc160 authored 5 months ago by Phillip Wells Committed by GitLab 5 months ago
--- a/doc/user/application_security/vulnerabilities/index.md
+++ b/doc/user/application_security/vulnerabilities/index.md
@@ -123,6 +123,9 @@ To resolve the vulnerability:
 1. Select outside the filter field. The vulnerability severity totals and list of matching vulnerabilities are updated.
 1. Select the SAST vulnerability you want resolved.
 1. In the upper-right corner, select **Resolve with AI**.
+1. Add an additional commit to the MR. This forces a new pipeline to run.
+1. After the pipeline is complete, on the [pipeline security tab](../vulnerability_report/pipeline.md#view-vulnerabilities-in-a-pipeline), confirm that the vulnerability no longer appears.
+1. On the vulnerability report, [manually update the vulnerability](../vulnerability_report/index.md#change-status-of-vulnerabilities).
  
 A merge request containing the AI remediation suggestions is opened. Review the suggested changes,
 then process the merge request according to your standard workflow.

--- a/doc/user/application_security/vulnerability_report/index.md
+++ b/doc/user/application_security/vulnerability_report/index.md
@@ -232,6 +232,15 @@ refreshed.
  
 ![Project Vulnerability Report](img/project_security_dashboard_status_change_v16_0.png)
  
+### Update a resolved vulnerability
+
+When a vulnerability is resolved by a merge request, it still appears in the vulnerability report.
+
+To update the vulnerability:
+
+1. Confirm that the resolved vulnerability has the status **no longer detected**. The status of a vulnerability is displayed on the [activity filter](../vulnerability_report/index.md#activity-filter) and the vulnerability record.
+1. Change the status of the vulnerability to **Resolved**.
+
 ## Sort vulnerabilities by date detected
  
 By default, vulnerabilities are sorted by severity level, with the highest-severity vulnerabilities listed at the top.