🎨 Design: Dependency List Grouping (MVC)

This is the design issue for the parent epic.

MVC Requirements

1. Group by...

• Component
  • Greatest value... helps identify which projects in a group have a ComponentY version A.B.
  • Grouping by outdated component would also be very helpful - Nikhil
• Project (group-level only)
• License
  • Sort by license needs to be added as part of this
  • Purpose: To check which dependencies have a specific license.There might be a restricted license and the group owner wants to identify all of the components with that license. Eventually, we'd like to deprecate the License Compliance page.

Post-MVC

• Sort by violations (at the top) when grouped by license
• Policy violation exemptions when grouped by license
• Is there a need for group by Packager?
  • Nikhil: may not be needed. Would say Ruby or Go dependencies, so not super useful.
• Group by Location needed?
  • Nikhil: may not be needed
• @jrandazzo: I would get more input as to whether this should be the latest version available, or the most recent version that will fix the vulns

Other feedback:

• Filter by image in order to see what vulnerabilities are under it