Skip to content

Add license type to dependency type

Zamir Martins requested to merge add_license_type_to_dependency_type into master

What does this MR do and why?

Add license type to dependency type. It is a follow-up from Ingest software licenses into SBOM occurrences (!129857 - merged)

EE: true

Related issue: #422254 (closed)

Graphql

query {
  project(fullPath:"top-group/project-1"){
    dependencies(componentNames: ["benchmark-malloc"]) {
      nodes{
        name
        packager
        version
        location {
          blobPath
          path
        }
        licenses{
          name
	  url
        }
      }
    }
  }
}
{
  "data": {
    "project": {
      "dependencies": {
        "nodes": [
          {
            "name": "benchmark-malloc",
            "packager": "BUNDLER",
            "version": "0.2.0",
            "location": {
              "blobPath": "/top-group/project-1/-/blob/5b585e7ef8ff7f125fd6a6ab2aa1753f913e0ed6/Gemfile.lock",
              "path": "Gemfile.lock"
            },
            "licenses": [
              {
                "name": "MIT",
                "url": "https://spdx.org/licenses/MIT.html"
              }
            ]
          },
          {
            "name": "benchmark-malloc",
            "packager": "BUNDLER",
            "version": "0.2.0",
            "location": {
              "blobPath": "/top-group/project-1/-/blob/5b585e7ef8ff7f125fd6a6ab2aa1753f913e0ed6/qa/Gemfile.lock",
              "path": "qa/Gemfile.lock"
            },
            "licenses": [
              {
                "name": "MIT",
                "url": "https://spdx.org/licenses/MIT.html"
              }
            ]
          }
        ]
      }
    }
  }
}

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

Edited by Zamir Martins

Merge request reports

Loading