# Issues reported in GitLab

## Pull request decoration <a href="#pull-request-decoration" id="pull-request-decoration"></a>

SonarQube Server sets up the report of your quality gate status and analysis metrics directly to your GitLab merge requests. Inline annotations are not supported.

{% hint style="info" %}
Pull request decoration requires that pull request integration be correctly configured for your project. See [setting-up-at-project-level](https://docs.sonarsource.com/sonarqube-server/devops-platform-integration/gitlab-integration/setting-up-at-project-level "mention").
{% endhint %}

## Vulnerability report <a href="#vulnerability-report" id="vulnerability-report"></a>

When you analyze a project in SonarQube Server, the detected security issues are displayed on the GitLab interface as security vulnerabilities if set up in GitLab CI/CD. See [#reporting-vulnerabilities](https://docs.sonarsource.com/sonarqube-server/devops-platform-integration/gitlab-integration/setting-up-at-project-level#reporting-vulnerabilities "mention")for more information. When you change the status of a security issue in the SonarQube Server interface that status change is immediately reflected in the GitLab interface.

{% hint style="warning" %}
If you change the status of a security vulnerability in GitLab, that change is *not* reflected in SonarQube Server.
{% endhint %}

To view the security vulnerabilities:

* Go to the **GitLab** > **Vulnerability** report page.

{% hint style="info" %}
If your issues appear duplicated (it may be the case after the modification of a file), we recommend using the **Activity** > **Still detected** filter.
{% endhint %}