Document new License Scanning SBOM Scanner
Why are we doing this work
We need to document the "new" License Scanning method (SBOM Scanner). Also, we have to explain when it's active (before it becomes the default).
Further details
When the "new" method (SBOM Scanner) is active when these following conditions are met:
- The Dependency Scanning CI template is included. There are jobs that upload Cyclone SBOMs.
- The License Scanning CI template is NOT included. There are no jobs uploading License Scanning artifacts.
See Fallback to License Scanning SBOM Scanner when ... (#384936 - closed)
Relevant links
Epic proposal: &9693 (closed)
Migration plan: #384936 (comment 1232271457)
Implementation plan
-
Create a new page (or pages) to document the "new" method. - Explain that Dependency Scanning (DS) is a prerequisite. That way, we don't have to link to the specific DS sections. We only need to document anything that's specific to the "new" method.
-
Link the "new" method from the License Compliance doc page. - Explain when the "new" method is active.
Edited by Fabien Catteau