Support PHP (composer.lock) in License Compliance
Problem to solve
Many customers are using PHP as their project language. To date they have been unable to use our License Compliance feature. During this release we plan to make our License Compliance feature support PHP, specifically focusing on composer based projects (using
We entirely rely on License Finder for License Management and they just added support for PHP.
Update License Finder to benefit from the recent addition of support for PHP projects.
WARNING: PHP support for license finder is considered experimental: https://github.com/pivotal/LicenseFinder#experimental-project-types
We should carefully test this and make a clear statement in the documentation.
- bump license finder to add php support: https://gitlab.com/gitlab-org/security-products/license-management/merge_requests/37
- Make sure Documentation and Testing tasks are addressed.
- setup license management feature on our php composer test project by following existing conventions
What does success look like, and how can we measure that?
PHP composer projects get license information about their dependencies.
We should probably count the number of PHP projects using license management but not sure we have that level of granularity in our usage data.