Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
9ce5d04b
Commit
9ce5d04b
authored
Apr 16, 2020
by
Nathan Friend
Browse files
Options
Browse Files
Download
Plain Diff
Merge branch '195928-dependency-list-ui-enabled' into 'master'
Enable new Dependency List UI See merge request gitlab-org/gitlab!29593
parents
e9af13e9
61be8524
Changes
5
Hide whitespace changes
Inline
Side-by-side
Showing
5 changed files
with
20 additions
and
15 deletions
+20
-15
doc/user/application_security/dependency_list/img/dependency_list_v12_10.png
...n_security/dependency_list/img/dependency_list_v12_10.png
+0
-0
doc/user/application_security/dependency_list/index.md
doc/user/application_security/dependency_list/index.md
+7
-14
ee/app/assets/javascripts/dependencies/components/dependencies_table.vue
...avascripts/dependencies/components/dependencies_table.vue
+7
-0
ee/app/controllers/projects/dependencies_controller.rb
ee/app/controllers/projects/dependencies_controller.rb
+1
-1
ee/changelogs/unreleased/195928-dependency-list-ui-enabled.yml
...angelogs/unreleased/195928-dependency-list-ui-enabled.yml
+5
-0
No files found.
doc/user/application_security/dependency_list/img/dependency_list_v12_10.png
0 → 100644
View file @
9ce5d04b
75 KB
doc/user/application_security/dependency_list/index.md
View file @
9ce5d04b
...
@@ -17,32 +17,25 @@ sidebar. This information is sometimes referred to as a Software Bill of Materia
...
@@ -17,32 +17,25 @@ sidebar. This information is sometimes referred to as a Software Bill of Materia
## Viewing dependencies
## Viewing dependencies
![
Dependency List
](
img/dependency_list_v12_
4
.png
)
![
Dependency List
](
img/dependency_list_v12_
10
.png
)
Dependencies are displayed with the following information:
Dependencies are displayed with the following information:
| Field | Description |
| Field | Description |
| --------- | ----------- |
| --------- | ----------- |
| Status | Displays whether or not the dependency has any known vulnerabilities |
| Component | The dependency's name and version |
| Component | The dependency's name |
| Version | The exact locked version of the dependency your project uses |
| Packager | The packager used to install the depedency |
| Packager | The packager used to install the depedency |
| Location | A link to the packager-specific lockfile in your project that declared the dependency |
| Location | A link to the packager-specific lockfile in your project that declared the dependency |
| License | Links to dependency's software licenses |
| License | Links to dependency's software licenses |
Dependencies shown are initially sorted by their names. They can also be sorted
Dependencies shown are initially sorted by the severity of their known vulnerabilities, if any. They
by the packager they were installed by, or by the severity of their known
can also be sorted by name or by the packager that installed them.
vulnerabilities.
There is a second list under the
`Vulnerable components`
tab displaying only
those dependencies with known vulnerabilities. If there are none, this tab is
disabled.
### Vulnerabilities
### Vulnerabilities
If a dependency has known vulnerabilities,
they can be viewed by clicking on
the
If a dependency has known vulnerabilities,
you can view them by clicking the arrow next to
the
`Status`
cell of that dependency. The severity and description of
each
dependency's name or the badge that indicates how many known vulnerabilities exist. For
each
vulnerability
will then be displayed
below it.
vulnerability
, its severity and description then appears
below it.
## Licenses
## Licenses
...
...
ee/app/assets/javascripts/dependencies/components/dependencies_table.vue
View file @
9ce5d04b
...
@@ -93,6 +93,8 @@ export default {
...
@@ -93,6 +93,8 @@ export default {
</
script
>
</
script
>
<
template
>
<
template
>
<!-- tbody- and thead-class props can be removed when
https://gitlab.com/gitlab-org/gitlab/-/issues/213324 is fixed -->
<gl-table
<gl-table
v-if=
"glFeatures.dependencyListUi"
v-if=
"glFeatures.dependencyListUi"
:fields=
"$options.fields"
:fields=
"$options.fields"
...
@@ -100,6 +102,8 @@ export default {
...
@@ -100,6 +102,8 @@ export default {
:busy=
"isLoading"
:busy=
"isLoading"
details-td-class=
"pt-0"
details-td-class=
"pt-0"
stacked=
"md"
stacked=
"md"
thead-class=
"gl-text-gray-900"
tbody-class=
"gl-text-gray-900"
>
>
<!-- toggleDetails and detailsShowing are scoped slot props provided by
<!-- toggleDetails and detailsShowing are scoped slot props provided by
GlTable; they mutate/read the item's _showDetails property, which GlTable
GlTable; they mutate/read the item's _showDetails property, which GlTable
...
@@ -134,10 +138,13 @@ export default {
...
@@ -134,10 +138,13 @@ export default {
</
template
>
</
template
>
<
template
#cell(isVulnerable)=
"{ item, toggleDetails }"
>
<
template
#cell(isVulnerable)=
"{ item, toggleDetails }"
>
<!-- This badge usage will be simplified by
https://gitlab.com/gitlab-org/gitlab/-/merge_requests/28356 -->
<gl-badge
<gl-badge
v-if=
"item.vulnerabilities.length"
v-if=
"item.vulnerabilities.length"
variant=
"warning"
variant=
"warning"
href=
"#"
href=
"#"
class=
"d-inline-flex align-items-center bg-warning-100 text-warning-700 bold"
@
click.native=
"toggleDetails"
@
click.native=
"toggleDetails"
>
>
<gl-icon
name=
"warning"
class=
"text-warning-500 mr-1"
/>
<gl-icon
name=
"warning"
class=
"text-warning-500 mr-1"
/>
...
...
ee/app/controllers/projects/dependencies_controller.rb
View file @
9ce5d04b
...
@@ -5,7 +5,7 @@ module Projects
...
@@ -5,7 +5,7 @@ module Projects
before_action
:authorize_read_dependency_list!
before_action
:authorize_read_dependency_list!
before_action
only:
[
:index
]
do
before_action
only:
[
:index
]
do
push_frontend_feature_flag
(
:dependency_list_ui
,
project
)
push_frontend_feature_flag
(
:dependency_list_ui
,
project
,
default_enabled:
true
)
end
end
def
index
def
index
...
...
ee/changelogs/unreleased/195928-dependency-list-ui-enabled.yml
0 → 100644
View file @
9ce5d04b
---
title
:
Improve readability of Dependency List
merge_request
:
29593
author
:
type
:
changed
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment