Fix license category in license compliance widget
What does this MR do and why?
Fix license category in license compliance widget
This MR fix the license check to return the correct category in the license compliance widget when the project has license approvals configured.
Related to: #416006 (closed)
Screenshots or screen recordings
Screenshots are required for UI changes, and strongly recommended for all other merge requests.
Before | After |
---|---|
How to set up and validate locally
- Create a blank project and select
Initialize repository with a README
when creating - Enable the feature flag
license_compliance_widget_category
Feature.enable(:license_compliance_widget_category)
-
Add a Scan Result Policy to the project to
Only allow new MIT licensed dependencies
:type: scan_result_policy name: Deny new MIT licensed dependencies description: '' enabled: true rules: - type: license_finding match_on_inclusion: true license_types: - MIT license_states: - newly_detected branch_type: protected actions: - type: require_approval approvals_required: 1 group_approvers_ids: - 64024513 approval_settings: block_protected_branch_modification: enabled: true
-
Open an MR with the same diff as https://gitlab.com/gitlab-org/govern/security-policies/ali-test-group/debug_license_compliance_widget/-/merge_requests/1+
-
Notice that both the License Compliance MR widget and the full report indicates the
MIT
licensed dependencies asDenied
.
If the licenses are marked as unknown
, you might need to run the LicensesSyncWorker. More instructions on how to run it locally can be found here(internal only).
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.