## Executive Summary The group level dependency list should be migrated over to GraphQL in order to be at parity with the current architecture and design of the platform as well as leverage new functionality such as elasticSearch for filtering. #### Engineering Assessment tbd ### Dependencies None known ### DRIs * PM: @mclausen35 * EM: @nmccorrison * ~"group::security insights" * Engineering Owner: @nmccorrison ## ## Current Architecture There are 2 requests happening to filter the dependency list: 1. A GraphQL request search for the component 2. Calls `dependencies.json` to return the filtered dependency list | 1\. Search for component (GraphQL) | 2\. Filter dependency list (REST) | |------------------------------------|-----------------------------------| |  |  | ## Proposal We should consolidate both requests into GraphQL instead of mixing GraphQL and REST calls. ``` Filter dependency list REST --> GraphQL ``` This change would: - :white_check_mark: Eliminate complication of handling two different request types - :white_check_mark: Adhere to GitLab's preference of using GraphQL - :white_check_mark: Adds documentation and make it as a public facing endpoint ## Current GraphQL - Group: https://gitlab.com/groups/gitlab-examples/security/-/dependencies ### Implementation Plan Note: The ~frontend part of this epic depends on the [project-level](https://gitlab.com/groups/gitlab-org/-/epics/17253) migration to be completed, because it will provide the necessary ground-work. ```glql display: table fields: title, status, milestone, assignees sort: milestone asc query: epic = &17254 and type = Issue and state = opened ```