allow grouping / bucketing of dependency findings
Release notes
Problem to solve
users get overwhelmed by the number of findings, they also want to be able to tell what all are coming from same root or could be fixed by same fix, or at least where the biggest roi is to start
Proposal
add a field to the dependency scanning report where we can pass in a grouping/bucketing data. can this be done in a way other teams (containers) can do similar actions.
this should not be required (for backwards compatability, third parties) - if we choose to make it so that would be 15.0
User experience goal
users feel less overwhelmed and better able to handle DS results
similar to way we do dependency list
Permissions and Security
no change if can see mr report, vuln list, pipeline tab - can see this (no where else we show stuff right?)
Documentation
yes will need to update docs to explain new feature as well as json docs and 3rd party docs
Availability & Testing
yes must have test for this working with and without
Is this a cross-stage feature?
ish? want this ui replicable pattern for containers