From ea5c6d77ace7a568dcf6169feed1fd57f93d9efc Mon Sep 17 00:00:00 2001
From: mc_rocha <mrocha@gitlab.com>
Date: Thu, 30 Oct 2025 21:36:27 -0400
Subject: [PATCH 1/3] Update vulnerability report docs

Changelog: changed
EE: true
---
 doc/user/application_security/vulnerability_report/_index.md | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/doc/user/application_security/vulnerability_report/_index.md b/doc/user/application_security/vulnerability_report/_index.md
index 0844702b755200..6c7f3a9f3120f7 100644
--- a/doc/user/application_security/vulnerability_report/_index.md
+++ b/doc/user/application_security/vulnerability_report/_index.md
@@ -137,6 +137,7 @@ You can filter by:
 - **Project**: Filter vulnerabilities in specific projects (available only for groups).
 - **Reachability**: Filter based on whether the vulnerability is reachable: yes, not found, not available.
 - **Validity check**: Filter vulnerabilities by their validity status: active, inactive, possibly active.
+- **PolicyViolation**: Filter based on the security policy violations bypass reason (requires [advanced vulnerability management](#advanced-vulnerability-management). Currently supporting filtering vulnerabilities introduced after bypassing a policy in warn mode.
 
 <!-- vale gitlab_base.SubstitutionWarning = YES -->
 
@@ -572,6 +573,7 @@ The newly-created vulnerability's detail page is opened.
 - Filters for OWASP 2021 grouping and identifiers in advanced search [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/537673) in GitLab 18.1 with the feature flag `advanced_vulnerability_management`. Available in GitLab.com and GitLab Dedicated. Disabled by default.
 - Ingestion of vulnerability data into advanced search is [generally available](https://gitlab.com/gitlab-org/gitlab/-/issues/536299) on GitLab.com and GitLab Dedicated in GitLab 18.2. Feature flag `vulnerability_es_ingestion` removed.
 - Filters for OWASP 2021 grouping and identifiers in advanced search [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/537673) in GitLab 18.2 with the feature flag `advanced_vulnerability_management`. Available in GitLab.com and GitLab Dedicated. Enabled by default.
+- Filters for policy violations in advanced search [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/561739) in GitLab 18.6 with the feature flag `policy_violations_es_filter`. Available in GitLab.com and GitLab Dedicated. Enabled by default.
 
 {{< /history >}}
 
@@ -590,6 +592,7 @@ Advanced search powers the following features:
 1. Filtering based on a vulnerability's identifier in the vulnerability report for a project or group.
 1. Filtering based on the reachability value in the vulnerability report for a project or group.
 1. Filtering based on validity check value in the vulnerability report for a project or group.
+1. Filtering based on the policy violation bypass reason.
 
 Advanced search is used only for these specific features, including when they are combined with other [filters](#filter-vulnerabilities). Other filters, when used independently, continue to use the standard PostgreSQL filtering.
 
-- 
GitLab


From a549a01453c0fc4676ef68576e3c1b108d734f4b Mon Sep 17 00:00:00 2001
From: Marcos Rocha <mrocha@gitlab.com>
Date: Fri, 31 Oct 2025 11:49:59 +0000
Subject: [PATCH 2/3] Apply MR suggestion

---
 doc/user/application_security/vulnerability_report/_index.md | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/doc/user/application_security/vulnerability_report/_index.md b/doc/user/application_security/vulnerability_report/_index.md
index 6c7f3a9f3120f7..9b4c38dc3f37cc 100644
--- a/doc/user/application_security/vulnerability_report/_index.md
+++ b/doc/user/application_security/vulnerability_report/_index.md
@@ -117,6 +117,7 @@ To view the vulnerability report:
 
 - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/452492) the **Identifier** filter in GitLab 17.7 [with a flag](../../../administration/feature_flags/_index.md) named `vulnerability_filtering_by_identifier`. Enabled by default.
 - [Generally available](https://gitlab.com/gitlab-org/gitlab/-/issues/502930) in GitLab 17.9. Feature flag `vulnerability_filtering_by_identifier` removed.
+- [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/561739) the **Policy Violations** filter in GitLab 18.6 [with a flag](../../../administration/feature_flags/_index.md) named `policy_violations_es_filter` and `security_policy_approval_warn_mode`. Enabled on GitLab.com.
 
 {{< /history >}}
 
@@ -573,7 +574,7 @@ The newly-created vulnerability's detail page is opened.
 - Filters for OWASP 2021 grouping and identifiers in advanced search [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/537673) in GitLab 18.1 with the feature flag `advanced_vulnerability_management`. Available in GitLab.com and GitLab Dedicated. Disabled by default.
 - Ingestion of vulnerability data into advanced search is [generally available](https://gitlab.com/gitlab-org/gitlab/-/issues/536299) on GitLab.com and GitLab Dedicated in GitLab 18.2. Feature flag `vulnerability_es_ingestion` removed.
 - Filters for OWASP 2021 grouping and identifiers in advanced search [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/537673) in GitLab 18.2 with the feature flag `advanced_vulnerability_management`. Available in GitLab.com and GitLab Dedicated. Enabled by default.
-- Filters for policy violations in advanced search [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/561739) in GitLab 18.6 with the feature flag `policy_violations_es_filter`. Available in GitLab.com and GitLab Dedicated. Enabled by default.
+- Filters for policy violations in advanced search [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/561739) in GitLab 18.6 with the feature flags `policy_violations_es_filter`  and `security_policy_approval_warn_mode`. Available in GitLab.com and GitLab Dedicated. Enabled by default.
 
 {{< /history >}}
 
-- 
GitLab


From 9bb5435a89b9425fbddca099a086b83cf213c140 Mon Sep 17 00:00:00 2001
From: Marcos Rocha <mrocha@gitlab.com>
Date: Mon, 3 Nov 2025 21:49:05 +0000
Subject: [PATCH 3/3] Apply reviewer suggestions

---
 .../application_security/vulnerability_report/_index.md     | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/doc/user/application_security/vulnerability_report/_index.md b/doc/user/application_security/vulnerability_report/_index.md
index 9b4c38dc3f37cc..e01260b7ed4eea 100644
--- a/doc/user/application_security/vulnerability_report/_index.md
+++ b/doc/user/application_security/vulnerability_report/_index.md
@@ -115,9 +115,9 @@ To view the vulnerability report:
 
 {{< history >}}
 
-- [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/452492) the **Identifier** filter in GitLab 17.7 [with a flag](../../../administration/feature_flags/_index.md) named `vulnerability_filtering_by_identifier`. Enabled by default.
-- [Generally available](https://gitlab.com/gitlab-org/gitlab/-/issues/502930) in GitLab 17.9. Feature flag `vulnerability_filtering_by_identifier` removed.
-- [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/561739) the **Policy Violations** filter in GitLab 18.6 [with a flag](../../../administration/feature_flags/_index.md) named `policy_violations_es_filter` and `security_policy_approval_warn_mode`. Enabled on GitLab.com.
+- The **Identifier** filter was [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/452492) in GitLab 17.7 [with a flag](../../../administration/feature_flags/_index.md) named `vulnerability_filtering_by_identifier`. Enabled by default.
+- The **Identifier** filter was [generally available](https://gitlab.com/gitlab-org/gitlab/-/issues/502930) in GitLab 17.9. Feature flag `vulnerability_filtering_by_identifier` removed.
+- The **Policy Violations** filter was [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/561739) in GitLab 18.6 [with flags](../../../administration/feature_flags/_index.md) named `policy_violations_es_filter` and `security_policy_approval_warn_mode`. Enabled on GitLab.com.
 
 {{< /history >}}
 
-- 
GitLab