Add License information to the Bill Of Materials
Problem to solve
The Bill Of Materials (BOM) lists all the dependencies in a project.
One of the relevant information people are interested in for this view is the license status for each dependency. In this way, they can easily check (and prove to Compliance) that the app doesn't contain any forbidden component.
We already have License Management results available. We should link this information in the BOM view.
- Delaney, Development Team Lead
Add a new column to the BOM with the license information for each given dependency, if available.
Each dependency will report its license. We can also add the status based on the license rules set for the project.
Permissions and Security
Permissions to see the licenses allow everyone to see that. Permissions to see license status should be consistent with permissions of the same information in the merge request widget.
We need to document which information is available and explain the possible values.
We can also crosslink this from the License Management documentation.
What does success look like, and how can we measure that?
Number of page views for the BOM.