Design: MVC: Show dependency path of component in merge request details
Problem to solve
As a security analyst or developer checking a vulnerability introduced by merge requests, I want to know what's causing the vulnerable component to be installed in my project, so that I can better assess the threat. I want the information to be available in the vulnerability modal I open from the MR, and don't want to switch to the dependency list.
This is a follow-up issue to #227620 (closed) which adds dependency paths to the dependency list.
Intended users
- Sasha (Software Developer)
- Devon (DevOps Engineer)
- Sidney (Systems Administrator)
- Sam (Security Analyst)
User experience goal
Design Proposal
See the design section below
Further details
Permissions and Security
Documentation
Availability & Testing
Engineer to update the unit tests. SET to update the end to end tests as tracked at gitlab-org/quality/testcases#992 (closed)
What does success look like, and how can we measure that?
What is the type of buyer?
Is this a cross-stage feature?
Links / references
Edited by Camellia X Yang