Ability to show unique dependencies on the Dependency list page

Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.

Proposal

Dependency scanning job detects 20 vulnerabilities from a Java maven and python project. However the dependency list shows multiple dependencies for a multi-module project (274 pages with a lot of duplicates).

This issue is to ask for ability to show only unique libraries regardless of their location.

Steps to reproduce

  1. Create a Spring boot project with a parent pom.xml

pom.xml

  1. Add the modules child-module and child-module-1 with below pom.xml for each:

child-module-2_pom.xml

child-module_pom.xml

  1. Add .gitlab-ci.yml and enable dependency scanning:
include:
  - template: Jobs/Dependency-Scanning.gitlab-ci.yml
  1. After the job is finished, go to Secure > Dependency list. Same dependency is listed multiple times since it was included in both sub modules.

Screenshot_2025-03-17_at_15.21.46

Example Project

https://gitlab.com/e_munn_ultimate_group/tests/ci-tests/spring/-/dependencies

Edited by 🤖 GitLab Bot 🤖