Group dependencies by location in the Dependency List
Problem to solve
As a Developer, I want to see dependencies grouped so that I can access faster the information I'm looking for.
Intended users
- Delaney (Development Team Lead)
- Sasha (Software Developer)
- Devon (DevOps Engineer)
- Sidney (Systems Administrator)
- Sam (Security Analyst)
- Simone (Software Engineer in Test)
Further details
In the GitLab project, we end up with 112 pages of dependencies, I don't even know what are the locations/files being reported here:
Proposal
Group by location (lock files for now, in the future, we'll need something broader for #9173 (closed)). By default, we should be able to view several locations at once, which means pagination per location, not for the whole page.
GitHub is doing that already, and dependencies are easier to walk through, also because they're organized in a tree, but that's beyond the scope of this issue. Example: https://github.com/oss-review-toolkit/ort/network/dependencies
Permissions and Security
No change
Documentation
Update https://docs.gitlab.com/ee/user/application_security/dependency_list/
Availability & Testing
TBD
What does success look like, and how can we measure that?
- If multiple files are being reported, they're organized as groups in the dependency list.
What is the type of buyer?
Is this a cross-stage feature?
No.