Add gitlab meta schema version property
What does this MR do?
This MR fixes the CycloneDX generation so that we include the correct properties described in the taxonomy.
Specifically, it does the following:
- Add a
gitlab:meta:schema_version
property that is required. - Move to
gitlab:dependency_scanning:file:path
- Move to
gitlab:dependency_scanning:package_manager:name
Without these, the SBoM report object that's parsed will not include the source of the data which will be needed to generate the findings from the sbom and advisories.
What are the relevant issue numbers?
gitlab-org/gitlab#398580 (closed)
Does this MR meet the acceptance criteria?
-
Changelog entry added -
Documentation created/updated for GitLab EE, if necessary -
Documentation created/updated for this project, if necessary -
Documentation reviewed by technical writer or follow-up review issue created -
Tests added for this feature/bug -
Job definition updated, if necessary -
Conforms to the code review guidelines -
Conforms to the Go guidelines -
Security reports checked/validated by reviewer
Edited by Oscar Tovar