Add "license" filter option to group-level dependencies app
What does this MR do and why?
Adds the "license" search-option to the group-level dependency report.
Note: The backend endpoints are not yet ready, so this can't be fully tested end-to-end yet.
Screenshots or screen recordings
| Before | After |
|---|---|
 |
 |
How to set up and validate locally
- Enable the related feature flags
echo "Feature.enable(:group_level_dependencies_filtering)" | rails c - Apply the following patch: licenses.patch to add the needed endpoint with mock data
- Go to a group's dependency list: "Secure" -> "Dependency List"
- Verify that when focusing the "Search of filter dependencies ..." input the "License" option appears
- Verify that licenses can be selected/deselected
- Verify that when the filters get submitted, the correct request is made - for example
-/dependencies.json?sort_by=packager&sort=asc&page=1&filter=all&license[]=Apache-2.0&license[]=MIT
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Related to #422355 (closed)
Merge request reports
Activity
changed milestone to %16.5
assigned to @dpisek
2 Warnings 
featureaddition and featureenhancement merge requests normally have a documentation change. Consider adding a documentation update or confirming the documentation plan with the Technical Writer counterpart.
For more information, see:
- The Handbook page on merge request types.
- The definition of done documentation.
This merge request contains lines with testid selectors. Please ensure e2e:package-and-testjob is run.2 Messages 
CHANGELOG missing: If this merge request needs a changelog entry, add the
Changelogtrailer to the commit message you want to add to the changelog.If this merge request doesn't need a CHANGELOG entry, feel free to ignore this message.
This merge request adds or changes files that require a review from the Database team. This merge request requires a database review. To make sure these changes are reviewed, take the following steps:
- Ensure the merge request has database and databasereview pending labels. If the merge request modifies database files, Danger will do this for you.
- Prepare your MR for database review according to the docs.
- Assign and mention the database reviewer suggested by Reviewer Roulette.
If you no longer require a database review, you can remove this suggestion by removing the database label and re-running the
danger-reviewjob.Testid Selectors
The following changed lines in this MR contain testid selectors:
- file
ee/app/assets/javascripts/dependencies/components/filtered_search/tokens/license_token.vue: -
-
<gl-intersperse data-testid="selected-licenses">
-
-
-
data-testid="check-icon"
-
If the
e2e:package-and-testjob in theqastage has run automatically, please ensure the tests are passing. If the job has not run, please start thetrigger-omnibus-and-follow-up-e2ejob in theqastage and ensure the tests infollow-up-e2e:package-and-test-eepipeline are passing.For the list of known failures please refer to the latest pipeline triage issue.
If your changes are under a feature flag, please check our Testing with feature flags documentation for instructions.
Reviewer roulette
Changes that require review have been detected!
Please refer to the table below for assigning reviewers and maintainers suggested by Danger in the specified category:
Category Reviewer Maintainer database acroitor(UTC+3, 1 hour ahead of
@dpisek)ahegyi(UTC+2, same timezone as
@dpisek)frontend elwyn-gitlab(UTC+13, 11 hours ahead of
@dpisek)justin_ho(UTC+7, 5 hours ahead of
@dpisek)Please check reviewer's status!
-
Reviewer is available!
-
Reviewer is unavailable!
Feel free to override these selections if you think someone else would be better-suited or use the GitLab Review Workload Dashboard to find other available reviewers.
To read more on how to use the reviewer roulette, please take a look at the Engineering workflow and code review guidelines. Please consider assigning a reviewer or maintainer who is a domain expert in the area of the merge request.
Once you've decided who will review this merge request, assign them as a reviewer! Danger does not automatically notify them for you.
If needed, you can retry the
danger-reviewjob that generated this comment.Generated by
Bundle size analysis [beta]
This compares changes in bundle size for entry points between the commits bed6f19c and a0390c33
Entrypoint / Name Size before Size after Diff Diff in percent average 4.21 MB 4.21 MB - 0.0 % mainChunk 3.08 MB 3.08 MB - 0.0 %
Note: We do not have exact data for bed6f19c. So we have used data from: c1e6c11a.
The intended commit has no webpack pipeline, so we chose the last commit with one before it.Please look at the full report for more details
Read more about how this report works.
Generated by
Allure report
allure-report-publishergenerated test report!e2e-test-on-gdk:
expand test summary
+------------------------------------------------------------------+ | suites summary | +-------------+--------+--------+---------+-------+-------+--------+ | | passed | failed | skipped | flaky | total | result | +-------------+--------+--------+---------+-------+-------+--------+ | Govern | 35 | 0 | 0 | 0 | 35 | ✅ | | Plan | 51 | 0 | 0 | 0 | 51 | ✅ | | Create | 37 | 0 | 0 | 0 | 37 | ✅ | | Verify | 8 | 0 | 0 | 0 | 8 | ✅ | | Data Stores | 18 | 0 | 2 | 0 | 20 | ✅ | | Manage | 12 | 0 | 1 | 0 | 13 | ✅ | +-------------+--------+--------+---------+-------+-------+--------+ | Total | 161 | 0 | 3 | 0 | 164 | ✅ | +-------------+--------+--------+---------+-------+-------+--------+e2e-review-qa:
expand test summary
+-----------------------------------------------------------------------+ | suites summary | +------------------+--------+--------+---------+-------+-------+--------+ | | passed | failed | skipped | flaky | total | result | +------------------+--------+--------+---------+-------+-------+--------+ | Govern | 34 | 0 | 0 | 0 | 34 | ✅ | | Framework sanity | 0 | 0 | 1 | 0 | 1 | ➖ | | Monitor | 4 | 0 | 0 | 0 | 4 | ✅ | | Manage | 1 | 0 | 0 | 0 | 1 | ✅ | | Create | 8 | 0 | 1 | 0 | 9 | ✅ | | Plan | 3 | 0 | 1 | 0 | 4 | ✅ | | Data Stores | 1 | 0 | 1 | 0 | 2 | ✅ | | Package | 0 | 0 | 1 | 0 | 1 | ➖ | +------------------+--------+--------+---------+-------+-------+--------+ | Total | 51 | 0 | 5 | 0 | 56 | ✅ | +------------------+--------+--------+---------+-------+-------+--------+added 172 commits
-
4974e7ab...7f175a8f - 168 commits from branch
master - efcc30fa - WIP: Add license token
- a154f1c4 - WIP: small refactor - renaming
- f34622de - WIP: Update locales
- de25c6c0 - WIP: start on fetching licenses
Toggle commit list-
4974e7ab...7f175a8f - 168 commits from branch
added 212 commits
-
c12cc4c2...c4a9866e - 205 commits from branch
master - a10a9c42 - WIP: Add license token
- c92e518e - WIP: small refactor - renaming
- 9d515d6a - WIP: Update locales
- 4c414a69 - WIP: start on fetching licenses
- 46b9c2c6 - WIP: inject licenses endpoint
- b40b9ed0 - WIP: add to fetch logic
- 33bc48ce - WIP: add info to filter method
Toggle commit list-
c12cc4c2...c4a9866e - 205 commits from branch
added 201 commits
-
33bc48ce...5ff33e6c - 194 commits from branch
master - d0c38d79 - WIP: Add license token
- 64f0853c - WIP: small refactor - renaming
- b7a6c5ef - WIP: Update locales
- cc66d236 - WIP: start on fetching licenses
- ee639352 - WIP: inject licenses endpoint
- 54becf16 - WIP: add to fetch logic
- b2fc0b10 - WIP: add info to filter method
Toggle commit list-
33bc48ce...5ff33e6c - 194 commits from branch
added 189 commits
-
5f2707d8...d34bf613 - 178 commits from branch
master - c5aba1a4 - 1 earlier commit
- 415b3345 - WIP: small refactor - renaming
- 34edc7a2 - WIP: Update locales
- 7b65595f - WIP: start on fetching licenses
- 4f31de39 - WIP: inject licenses endpoint
- 6d2cd06a - WIP: add to fetch logic
- d080f569 - WIP: add info to filter method
- 3b26251d - WIP: Add error handling
- f1cf9002 - WIP: Change error message
- 7679b6df - WIP: Handle search params
- 2a506b74 - WIP: Finish params construction
Toggle commit list-
5f2707d8...d34bf613 - 178 commits from branch
83 }; 84 </script> 85 86 <template> 87 <gl-filtered-search-token 88 :config="config" 89 v-bind="{ ...$props, ...$attrs }" 90 :multi-select-values="selectedLicenses" 91 v-on="$listeners" 92 @select="toggleSelectedLicenses" 93 @input="searchLicenses" 94 > 95 <template #view> 96 <span v-for="(component, index) in selectedLicenses" :key="index"> 97 {{ component }} 98 <span v-if="!isLastLicense(index)" class="gl-mx-2">, </span> changed this line in version 15 of the diff
added 2 commits
added 343 commits
-
ad455ad7...5cc29bda - 322 commits from branch
master - 5cc29bda...76230baf - 11 earlier commits
- 7222a560 - WIP: Update translation strings
- 9fcd8970 - WIP: Fix multi-select spacing
- ebf005d5 - WIP: Fix linting error
- edaf4518 - WIP: fix failing specs
- adcf6104 - WIP: Bootstrap token specs
- 7b3d567f - WIP: add specs for loading indicator
- 44029813 - WIP: Switch to axios instead of fetch
- aa313d5f - WIP: Small refactor
- 9e5d9da2 - WIP: Add fetch specs
- 606177d4 - WIP: small refactor of specs
Toggle commit list-
ad455ad7...5cc29bda - 322 commits from branch
added 128 commits
-
02358153...fcad7358 - 104 commits from branch
master - fcad7358...b15d2441 - 14 earlier commits
- 5dc8f604 - WIP: fix failing specs
- 005d7f3c - WIP: Bootstrap token specs
- 450cbced - WIP: add specs for loading indicator
- 03e5b3ca - WIP: Switch to axios instead of fetch
- 625f2444 - WIP: Small refactor
- e5f1ae66 - WIP: Add fetch specs
- 871d56ff - WIP: small refactor of specs
- 52086b5c - WIP: Add specs for selection text
- aee535c7 - WIP: Small specs refactor
- 2953cc48 - WIP: Add submit spec
Toggle commit list-
02358153...fcad7358 - 104 commits from branch
40 }, 41 methods: { 42 searchLicenses: debounce(function debouncedSearchLicenses(searchValue) { 43 const { data: searchTerm } = searchValue; 44 this.fetchLicenses(searchTerm); 45 }, 500), 46 async fetchLicenses(searchTerm) { 47 this.isLoadingLicenses = true; 48 49 try { 50 const { data } = await axios.get(this.groupLicensesEndpoint, { 51 params: { search: searchTerm }, 52 }); 53 // const { licenses } = await axios.get(`${groupLicensesEndpoint}?${queryParams}`); 54 // NOTE: For local testing - remove before checking in 55 // const { licenses } = await (await fetch(`${groupLicensesEndpoint}?${queryParams}`)).json(); changed this line in version 29 of the diff
added 1 commit
- 924bfdd2 - Add license as filter option to group-dependencies
added 1 commit
- 18903177 - Add license as filter option to group-dependencies
added 79 commits
-
18903177...9ef8086d - 78 commits from branch
master - e2eda5bb - Add license as filter option to group-dependencies
-
18903177...9ef8086d - 78 commits from branch
added 11 commits
-
e2eda5bb...3c5bf6e2 - 10 commits from branch
master - 90f406e3 - Add license as filter option to group-dependencies
-
e2eda5bb...3c5bf6e2 - 10 commits from branch
added 1 commit
- 9612b0c9 - Add license as filter option to group-dependencies
added 1 commit
- a8b56def - Add license as filter option to group-dependencies
added 1 commit
- bf821889 - Add license as filter option to group-dependencies
added 149 commits
-
bf821889...4289c903 - 148 commits from branch
master - fbef376c - Add license as filter option to group-dependencies
-
bf821889...4289c903 - 148 commits from branch
added 1 commit
- fd589648 - Add license as filter option to group-dependencies
28 value: { 29 type: Object, 30 required: true, 31 }, 32 }, 33 data() { 34 return { 35 licenses: [], 36 selectedLicenseSpdxIds: this.value.data ? this.value.data.split(',') : [], 37 isLoadingLicenses: true, 38 }; 39 }, 40 computed: { 41 selectedLicenses() { 42 return this.licenses.filter((license) => 43 this.selectedLicenseSpdxIds.includes(license.spdx_identifier), changed this line in version 40 of the diff
added 1 commit
- f5581641 - Add license as filter option to group-dependencies
requested review from @zmartins
- Resolved by Savas Vedova
- Last reply by David Pisek
- Resolved by David Pisek
@mokhax - FYI, I based the patch that I've linked to in the description for testing this on your branch #422293 (closed) ... just wanted to check some points:
- I am expecting the licenses endpoint to return an array of objects, which at least contain a
nameandspdx_identifierproperty. - The endpoint will support a
searchparameter - Once your MR is in, we will need to provide the endpoint's URL to the frontend, via a data-property in
ee/app/views/groups/dependencies/index.html.haml. Could we add that in your MR or maybe do separately?
- I am expecting the licenses endpoint to return an array of objects, which at least contain a
- Last reply by David Pisek
mentioned in epic &10090
added 211 commits
-
f5581641...4df573af - 210 commits from branch
master - 1f931f7e - Add license as filter option to group-dependencies
-
f5581641...4df573af - 210 commits from branch
added 257 commits
-
0224bd1f...72a20345 - 255 commits from branch
master - d24610fa - Add license as filter option to group-dependencies
- 402646e9 - Change shape of API response
-
0224bd1f...72a20345 - 255 commits from branch
added 52 commits
-
402646e9...df79753a - 50 commits from branch
master - f4e3a81f - Add license as filter option to group-dependencies
- 02e540a1 - Change shape of API response
-
402646e9...df79753a - 50 commits from branch
- A deleted user
added backend database databasereview pending labels
mentioned in merge request !132597 (merged)
@zmartins, thanks for approving this merge request.This is the first time the merge request has been approved. To ensure full test coverage, a new pipeline will be started shortly.
For more info, please refer to the following links:
added pipeline:mr-approved label
removed review request for @zmartins
@dpisek Some end-to-end (E2E) tests should run based on the stage label.
Please start the
trigger-omnibus-and-follow-up-e2ejob in theqastage and ensure tests in thefollow-up-e2e:package-and-test-eepipeline pass before this MR is merged. (E2E tests are computationally intensive and don't run automatically for every push/rebase, so we ask you to run this job manually at least once.)To run all E2E tests, apply the pipeline:run-all-e2e label and run a new pipeline.
E2E test jobs are allowed to fail due to flakiness. See current failures at the latest pipeline triage issue.
Once done, apply the
Team members only: for any questions or help, reach out on the internal
#qualitySlack channel.added 193 commits
-
212e26ae...a2f77934 - 190 commits from branch
master - 89e4e850 - Add license as filter option to group-dependencies
- ae6edf68 - Change shape of API response
- 1cfdad46 - Change filter name to licenses
Toggle commit list-
212e26ae...a2f77934 - 190 commits from branch
requested review from @svedova
added 240 commits
Toggle commit listadded 162 commits
-
6b6f8663...14b02781 - 156 commits from branch
master - ca2dda17 - Add license as filter option to group-dependencies
- eb803f8e - Change shape of API response
- 311c3635 - Change filter name to licenses
- cbf82d0a - Review suggestion: use spdx as key
- 2bfaf0a2 - Fix failing specs
- 3846ecd7 - Update to use client-side search only
Toggle commit list-
6b6f8663...14b02781 - 156 commits from branch
added 1 commit
- 9854f60b - Add license as filter option to group-dependencies
added 1 commit
- b0766231 - Add license as filter option to group-dependencies
added 116 commits
-
b0766231...8d062151 - 114 commits from branch
master - 02fbf86f - Add license as filter option to group-dependencies
- a0390c33 - Review feedback: comment and namespace i18n
-
b0766231...8d062151 - 114 commits from branch
- Resolved by Savas Vedova
@svedova - Thanks for having another look and the feedback. I've responded and pushed some changes. Back to you once more
- Last reply by Savas Vedova
enabled an automatic merge when the pipeline for db2c0e4e succeeds
mentioned in commit 52e7312f
added workflowstaging-canary label and removed workflowin dev label
added workflowcanary label and removed workflowstaging-canary label
added workflowstaging label and removed workflowcanary label
added workflowproduction label and removed workflowstaging label
added releasedcandidate label
added workflowpost-deploy-db-staging label and removed workflowproduction label
added workflowpost-deploy-db-production label and removed workflowpost-deploy-db-staging label
added releasedpublished label and removed releasedcandidate label
