diff --git a/config/feature_flags/development/group_level_vulnerability_report_grouping.yml b/config/feature_flags/development/group_level_vulnerability_report_grouping.yml
deleted file mode 100644
index 364f6e198cee15144a249f4cdf80c5a1219e4a51..0000000000000000000000000000000000000000
--- a/config/feature_flags/development/group_level_vulnerability_report_grouping.yml
+++ /dev/null
@@ -1,8 +0,0 @@
----
-name: group_level_vulnerability_report_grouping
-introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/137778
-rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/432778
-milestone: '16.7'
-type: development
-group: group::threat insights
-default_enabled: true
diff --git a/doc/user/application_security/vulnerability_report/index.md b/doc/user/application_security/vulnerability_report/index.md
index 6e946060f61a37da9a7e390fc9fd8aec078ed990..0b90ff69b452aa2ef58d8c8fce09ca8cbbaf9f7e 100644
--- a/doc/user/application_security/vulnerability_report/index.md
+++ b/doc/user/application_security/vulnerability_report/index.md
@@ -170,6 +170,7 @@ To filter the list of vulnerabilities:
> - Project-level grouping of vulnerabilities [generally available](https://gitlab.com/gitlab-org/gitlab/-/issues/422509) in GitLab 16.6. Feature flag `vulnerability_report_grouping` removed.
> - Group-level grouping of vulnerabilities [introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/137778) in GitLab 16.7 with a flag named [`group_level_vulnerability_report_grouping`](https://gitlab.com/gitlab-org/gitlab/-/issues/432778). Disabled by default.
> - Group-level grouping of vulnerabilities [enabled on GitLab.com, self-managed, and GitLab Dedicated](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/157949) in GitLab 17.2.
+> - Group-level grouping of vulnerabilities [generally available](https://gitlab.com/gitlab-org/gitlab/-/issues/472669) in GitLab 17.3. Feature flag `group_level_vulnerability_report_grouping` removed.
You can group vulnerabilities on the vulnerability report page to more efficiently triage them.
@@ -193,9 +194,9 @@ To group vulnerabilities:
1. On the left sidebar, select **Search or go to** and find your project or group.
1. Select **Secure > Vulnerability report**.
-1. From the **Group By** dropdown list, select an attribute.
+1. From the **Group By** dropdown list, select a group.
-Vulnerabilities are grouped according to the attribute you selected. Each group is collapsed, with
+Vulnerabilities are grouped according to the group you selected. Each group is collapsed, with
the total number of vulnerabilities per group displayed beside their name. To see the
vulnerabilities in each group, select the group's name.
diff --git a/ee/app/assets/javascripts/security_dashboard/components/shared/vulnerability_report/vulnerability_report.vue b/ee/app/assets/javascripts/security_dashboard/components/shared/vulnerability_report/vulnerability_report.vue
index 7790bb2ff47f4ae0ebc9cd511721e9349ed8f36e..540695cc3e5c6d5dfd5ce1589f7e2e1103f4ee91 100644
--- a/ee/app/assets/javascripts/security_dashboard/components/shared/vulnerability_report/vulnerability_report.vue
+++ b/ee/app/assets/javascripts/security_dashboard/components/shared/vulnerability_report/vulnerability_report.vue
@@ -186,15 +186,7 @@ export default {
);
},
shouldShowGroupByButton() {
- if (!this.isVisible) {
- return false;
- }
-
- if (this.isProjectVulnerabilityReport) {
- return true;
- }
-
- return Boolean(this.glFeatures?.groupLevelVulnerabilityReportGrouping);
+ return this.isVisible;
},
groups() {
if (!this.groupBy) {
diff --git a/ee/app/controllers/groups/security/vulnerabilities_controller.rb b/ee/app/controllers/groups/security/vulnerabilities_controller.rb
index ea719cf625548600d1a4a61eba8dd16e588fe1fd..a2b8b5838438d29c3b54381bdff23d24e155d38c 100644
--- a/ee/app/controllers/groups/security/vulnerabilities_controller.rb
+++ b/ee/app/controllers/groups/security/vulnerabilities_controller.rb
@@ -12,7 +12,6 @@ class VulnerabilitiesController < Groups::ApplicationController
track_govern_activity 'security_vulnerabilities', :index, conditions: :dashboard_available?
before_action do
- push_frontend_feature_flag(:group_level_vulnerability_report_grouping, @group)
push_frontend_feature_flag(:vulnerability_owasp_top_10_group, @group)
push_frontend_feature_flag(:owasp_top_10_null_filtering, @group)
end
diff --git a/ee/app/controllers/security/vulnerabilities_controller.rb b/ee/app/controllers/security/vulnerabilities_controller.rb
index fc646a30d7224cbef45ee9b5439517f5ec3516fb..bad6bd3a97476cbe2747fc7e19cb2ff8844d321a 100644
--- a/ee/app/controllers/security/vulnerabilities_controller.rb
+++ b/ee/app/controllers/security/vulnerabilities_controller.rb
@@ -8,7 +8,6 @@ class VulnerabilitiesController < ::Security::ApplicationController
track_govern_activity 'security_vulnerabilities', :index
before_action do
- push_frontend_feature_flag(:group_level_vulnerability_report_grouping, @user, type: :development)
push_frontend_feature_flag(:owasp_top_10_null_filtering, @user)
end
diff --git a/ee/spec/frontend/security_dashboard/components/shared/vulnerability_report/vulnerability_report_spec.js b/ee/spec/frontend/security_dashboard/components/shared/vulnerability_report/vulnerability_report_spec.js
index fe355a2949771c09dd674a6ffdb6042853483074..2fa0a4b9206c2aae55b230a2fd3a81bae4050577 100644
--- a/ee/spec/frontend/security_dashboard/components/shared/vulnerability_report/vulnerability_report_spec.js
+++ b/ee/spec/frontend/security_dashboard/components/shared/vulnerability_report/vulnerability_report_spec.js
@@ -281,7 +281,6 @@ describe('Vulnerability report component', () => {
dashboardType: DASHBOARD_TYPES.GROUP,
fullPath: 'gitlab-org/gitlab',
glFeatures: {
- groupLevelVulnerabilityReportGrouping: true,
vulnerabilityOwaspTop10Group: true,
},
});
@@ -300,7 +299,6 @@ describe('Vulnerability report component', () => {
dashboardType: DASHBOARD_TYPES.GROUP,
fullPath: 'gitlab-org/gitlab',
glFeatures: {
- groupLevelVulnerabilityReportGrouping: true,
vulnerabilityOwaspTop10Group: false,
},
});
@@ -312,25 +310,6 @@ describe('Vulnerability report component', () => {
});
});
- describe('instance level vulnerability report groupLevelVulnerabilityReportGrouping feature flag', () => {
- it.each([true, false])(
- 'should handle the rendering of the group-by button when feature flag is "%s"',
- (flagEnabled) => {
- createWrapper({
- apolloProvider: createMockApollo([
- [countsQuery, jest.fn().mockResolvedValue({ data: null })],
- ]),
- dashboardType: DASHBOARD_TYPES.INSTANCE,
- glFeatures: {
- groupLevelVulnerabilityReportGrouping: flagEnabled,
- },
- });
-
- expect(findGroupByButton().exists()).toBe(flagEnabled);
- },
- );
- });
-
describe('when owasp 2021 feature flag is turned off', () => {
it('does not display the owasp 2021 option in the group selector', () => {
createWrapper({
@@ -398,8 +377,6 @@ describe('Vulnerability report component', () => {
shouldShowCallout,
scanners,
glFeatures: {
- groupLevelVulnerabilityReportGrouping:
- DASHBOARD_TYPES.GROUP === dashboardType || DASHBOARD_TYPES.INSTANCE === dashboardType,
vulnerabilityReportOwasp2021: true,
...featureFlags,
},
@@ -795,22 +772,6 @@ describe('Vulnerability report component', () => {
});
});
- describe('with group level vulnerability report grouping feature flag disabled', () => {
- beforeEach(() => {
- createWrapper({
- isVisible: true,
- dashboardType: DASHBOARD_TYPES.GROUP,
- glFeatures: {
- groupLevelVulnerabilityReportGrouping: false,
- },
- });
- });
-
- it('should not show the group by dropdown', () => {
- expect(findGroupByButton().exists()).toBe(false);
- });
- });
-
describe('enhanced filters', () => {
const findFilteredSearch = () => wrapper.findComponent(FilteredSearch);
@@ -820,26 +781,6 @@ describe('Vulnerability report component', () => {
expect(findFilteredSearch().exists()).toBe(true);
});
- it('should display the enhanced filters when groupLevelVulnerabilityReportGrouping is enabled', () => {
- createWrapper({
- glFeatures: {
- groupLevelVulnerabilityReportGrouping: true,
- },
- });
-
- expect(findFilteredSearch().exists()).toBe(true);
- });
-
- it('should still display the enhanced filters when groupLevelVulnerabilityReportGrouping is not enabled', async () => {
- await createWrapper({
- glFeatures: {
- groupLevelVulnerabilityReportGrouping: false,
- },
- });
-
- expect(findFilteredSearch().exists()).toBe(true);
- });
-
it('passes the available filters', () => {
const filterDropdowns = [];
createWrapper({ filterDropdowns });