Add Dependency List to /explore

Why are we doing this work

This work allows info sec professionals the ability to find specific dependencies that might be in use in their organization in the event that a security related vulnerability is identified.

This page is only available for self managed instances and will be restricted to instance admins.

Relevant links

• Prototype

Non-functional requirements

• Documentation:
• Feature flag: explore_dependencies
• Performance:
• Testing:

Implementation plan

• backend Add a menu item for the Dependency List to the /explore page
• backend Create a new controller (explore/dependencies#index) to display the dependencies discovered for the default organization.
• backend Add an endpoint to load all dependencies via JSON that matches the schema found in groups/<namespace>/dependencies.json
• frontend Connect the Dependencies Component to the JSON endpoint.
• Add Next/Previous links to paginate through results using the default sort order

Verification steps

1. Visit https://gitlab.com/explore/dependencies
2. Ensure that a 404 error code is returned
3. Enable feature flag for your user account.

   /chatops run feature set --user=<username> explore_dependencies true

4. Visit https://gitlab.com/explore/dependencies
5. Ensure that a 403 error code is returned