[gitlab-org/gitlab] Enhance Vulnerability "Detected" Date with Pipeline, Commit, and Branch Context

### ROOT CAUSE The vulnerability's "Detected" date lacks context, making it difficult for security teams to trace the exact pipeline, commit, or branch where the vulnerability was first identified. This ambiguity complicates remediation efforts and audit trails. ### CODE FIX 1. **Add Database Columns** Extend the `vulnerabilities` table to include `detected_pipeline_id`, `detected_commit`, and `detected_branch` columns to store the context. 2. **Update Vulnerability Detection Logic** Modify the vulnerability scanning jobs (e.g., dependency scanning, container scanning) to capture and store detection context during vulnerability detection. ```python # Example: In a scanning job (pseudo-code) vulnerability = Vulnerability.create( detected_date: Time.now, detected_pipeline_id: job_id, detected_commit: commit_sha, detected_branch: branch_name ) ``` 3. **Enhance UI Display** Update the vulnerability detail view to show: - Pipeline ID, commit hash, and branch name in the "Detected" section. ```html ``` 4. **CSV Export** Add columns for `detected_pipeline_id`, `detected_commit`, and `detected_branch` in CSV exports. 5. **Indexing** Add indexes to the new columns for faster queries: ```sql CREATE INDEX idx_vulnerabilities_detected_pipeline ON vulnerabilities(detected_pipeline_id); CREATE INDEX idx_vulnerabilities_commit ON vulnerabilities(detected_commit); ``` This solution ensures vulnerability detection context is stored, displayed, and exported consistently.