Move Dependency Scanning parsing and data storage to CE
Problem to solve
We are considering to move Dependency Scanning to
gitlab-ce and make it opensource. See discussion in &440 for more information and timelines.
This task requires that all the parsing and the data storage are available in the
This is independent from the data visualization (e.g., security reports in the MR widget).
Port relevant code from
gitlab-ce, removing any license check for it.
To access Gemnasium data, we can require a free registration to obtain an access key to use to request a scan.
Registration would require that users keep Usage Ping enabled. This can be done in a transparent way for users, so they just need to register once and then they can use the features. With this approach, we can get more information about how customers are using our features and where we should focus to create more Ultimate value.
The registration token is discussed in &532 (closed).