Skip to content

Add license scanning report class

Oscar Tovar requested to merge license-compliance-with-svc-class into master

What does this MR do and why?

Describe in detail what your merge request does and why.

This MR adds a license scanning report lib class that will handle the logic of fetching the latest dependency license information. The scope of this MR is to add the initial class that will be iterated on as described in Use License Scanning service (&8532 - closed). In the future, the class will change so that it retrieves the projects SBoM components and fetches their respective licenses from the license database. These licenses will then be used to create the license scanning report on the fly so that it can be used instead of fetching a pipeline artifact.

Relates to #378085 (closed)

Screenshots or screen recordings

N/A

How to set up and validate locally

Numbered steps to set up and validate the change are strongly suggested.

N/A

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

Edited by Oscar Tovar

Merge request reports

Loading