Add prawn and prawn-svg to Gemfile for PDFs

Michael Beckerrequested to merge
524059-legal-review-of-prawn-licensing into master

What does this MR do and why?

Context

We want to use prawn and prawn-svg to build out PDF reporting features for our security features.

We previously built a proof of concept, and have decided to move forward implementing the report with prawn1

Before beginning the development work, we need to:2

  • get legal approval for the gem licenses 3
  • adds the license approvals to the license scanner (!187297 (merged))
  • update omnibus to with regards to the new gems (omnibus-gitlab!8249 (merged))
  • update the gitlab project's Gemfile (this MR)

This MR

  1. adds the gems to the gemfiles

References

Screenshots or screen recordings

This MR only adds the dependencies. Below is a screen-recording from the proof of concept provided for context.

Proof of concept demo
demo

We will be building out a version of this report going forward

How to set up and validate locally

  1. With the branch pulled down, run bundle

    bundle

  2. Verify the license check passes

    bundle exec license_finder
     # expected output
 ~/gdk/gitlab$ bundle exec license_finder
 LicenseFinder::Bundler: is active
 LicenseFinder::NPM: is active
 LicenseFinder::Yarn: is active
 LicenseFinder::Pipenv: is active
 
 All dependencies are approved for use

  3. Verify hello world pdf can be generated

    # generates a hello.pdf file you should be able to open
bundle exec rails runner "$(cat <<'EOT'
require "prawn"

Prawn::Document.generate("hello.pdf") do
  text "Hello World!"
end
EOT
)"

MR acceptance checklist

Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

related to: #524059 (closed)
Changelog: added

  1. The proof of concept MR builds out a demo using the gems

  2. These steps come from the "Getting an Unknown Licensed Software Approved" and Legal's handbook page on "Using Open Souce Software"

  3. License approval was already obtained here

Edited by Michael Becker

Merge request reports