Extend dependencies exporter to support group
Why are we doing this work
Currently dependency list and exporter are only available on the project level.
Relevant links
Non-functional requirements
-
Documentation: -
Feature flag: -
Performance: -
Testing:
Implementation plan
- backend A feature flag could be either created or shared with the one from this issue.
-
backend Update model and table (i.e.,
dependency_list_exports
) to have association with group. -
backend Update
CreateExportService
andExportWorker
to support group. -
backend DependencyEntity might have to be updated as
project
won't be available. - backend Extend this API to support generation of exports on a group level.
-
backend
::Sbom::DependenciesFinder
will be used instead of::Security::DependencyListService
.
Note: The fact that ::Sbom::DependenciesFinder
will be used instead of ::Security::DependencyListService
means that both licenses and vulnerabilities data won't be available in the report. Those columns could be either be left there with empty values or removed for now.
Verification steps
Edited by Zamir Martins