Skip to content

Document dependency files supported by Dependency Scanning

What does this MR do?

Explicitly list the dependency files supported by Dependency Scanning.

Before this MR, it's not clear if Dependency Scanning parses the lock file (as this is the case for Bundler) or the main dependency the lock file is derived from (as this is the case for Pipenv).

Related issues

Author's checklist

Review checklist

All reviewers can help ensure accuracy, clarity, completeness, and adherence to the Documentation Guidelines and Style Guide.

1. Primary Reviewer

  • Review by a code reviewer or other selected colleague to confirm accuracy, clarity, and completeness. This can be skipped for minor fixes without substantive content changes.

2. Technical Writer

  • Optional: Technical writer review. If not requested for this MR, must be scheduled post-merge. To request for this MR, assign the writer listed for the applicable DevOps stage.

3. Maintainer

  1. Review by assigned maintainer, who can always request/require the above reviews. Maintainer's review can occur before or after a technical writer review.
  2. Ensure a release milestone is set and that you merge the equivalent EE MR before the CE MR if both exist.
  3. If there has not been a technical writer review, create an issue for one using the Doc Review template.
Edited by Nick Gaskill

Merge request reports

Loading