Add `&licenses[]=<spdx_id>` query string parameter to filter by one or more licenses from `<group>/-/dependencies.json`
Why are we doing this work
Adding a way to filter the list of components in the group level dependency list provides users with a way to find all components that are using a specific software license. This can be useful for finding components that use a software license that is not compatible with an organizations needs.
The frontend will be able to filter by multiple licenses by appending a licenses[]=
query string parameter. e.g. http://gdk.test:3000/groups/gitlab-examples/-/dependencies.json?licenses[]=MIT&licenses[]=Apache-2.0
This filter will only return components that have one of the filtered software licenses. The SPDX ID will be used as eligible values for the filter.
Relevant links
Non-functional requirements
-
Documentation: -
Feature flag: group_level_licenses
-
Performance: -
Testing:
Implementation plan
-
Parse a licenses
query string parameter in the controller. -
Filter results by licenses
in the service layer.
Verification steps
- Visit the Group level dependencies JSON endpoint. example.
- Append a
?licenses[]=
query string parameter to search for one or more licenses. e.g. MIT, Apache-2.0, Apache-2.0 & MIT - Verify that the results that are returned have the expected licenses.
Edited by mo khan