►
From YouTube: Group level dependency list -- Demo (ongoing work)
Description
Related epic: https://gitlab.com/groups/gitlab-org/-/epics/8090
A
Hello,
everyone-
this
is
going
to
be
the
a
quick
demo
for
the
group,
supergroup
level
dependency
list.
Mvc
I'm
gonna
make
sure
that
the
link
to
the
Epic
it's
it's
going
to
be
on
the
description
of
the
video
and
let's
go
from
the
existing
feature,
that's
on
the
project
level.
First,
and
then
we
move
to
what
we
have
done
for
the
group
level.
So
far.
A
This
demo
is
also
going
to
include
1mr,
that's
too
under
review
just
to
to
to
show
her
like
a
a
wider
picture
than
what
we
just
have
available
in
master
right
now.
So
if
you
go
to
my
local
gitlab
here
or
what
we
have
is
that
we
have
a
top
level
group
and
then
we
have
a
subgroup,
and
this
subgroup
called
subgroup
test,
has
a
project
test
and
calling
this
just
bottom
project
test,
but
on
the
top
on
the
top
level,
we
also
have
another
project
test.
A
The
reason
I
did
this
is
to
make
sure
that
we
cover
the
basis
for
having
the
same
dependency
for
for
more
than
one
project,
so
that
that's
that's
the
goal
for
the
group
level.
So
if
I
show
the
bottom
project
stats
here,
it's
just
a
dependency
scanning.
That's
going
to
have
this
gemfile.lock
scanned!
A
That's
the
simple
one!
Now,
if
we
go
back
to
the
to
the
the
hierarchy
here
and
we
go
to
the
project
test,
this
one's
a
little
bit
more
complex
because
it
has
the
dependency
scanning
here,
but
the
difference
that
it
has
two
gym:
file.lock,
one
here
and
one
under
the
QA
folder.
The
reason
for
this
is
that
I
want
to
make
sure
that
we
have
a
multiple
occurrences
of
the
same
dependencies
and
in
addition
to
having
multiple
projects
also
for
the
same
occurrence.
A
You
we
see
the
the
dependencies
and
we
see
the
package
here.
Location
license,
I,
don't
have
license
available
here,
and
we
also
have
the
vulnerabilities
on
the
top
here.
On
top
top
right,
we
have
sorting
by
severity
component,
name
and
packaging.
If
we
go
to
component
naming
here,
it's
just
one
interesting
things
that
we
sit
to
with
C2
same
component
gets
duplicated
because
we
have
the
same
gen,
lock.
Gem
file.lock
for
both
QA
folder
and
the
top
level,
so
this
is
the
current
behavior.
A
So
now,
if
we
go
here
on
the
top
level
with
the
feature
flag
and
enable,
of
course-
and
we
go
to
let's
here
dependence
list-
we
are
going
to
have
the
the
group
level
dependence
list.
The
difference
between
the
one
different
aspect
here
is
that,
on
the
group
level,
we
just
read:
data
from
the
S
bulb
features.
A
We
don't
fetch
data
from
the
pipeline
and
on
the
project
level,
as
bone
records
are
not
considered
and
only
records
from
the
the
pipeline
that
that's
the
main
difference
in
terms
of
the
back
end
for
this
features
so
yeah
here
we
don't
have
the
latest
scan
because
we
are
not
looking
to
the
pipeline.
Yet
for
this
MVC
we
don't
have
search
by
severity,
because
also
severity
is
associated
to
vulnerabilities.
That's
going
to
come
a
little
bit
later,
but
what
we
have
here
is
have
we
have
the
component
name.
A
We
have
the
backing
share
and
we
have
the
locations
in
this
case.
Here
we
have
three
locations,
one
from
one
project
and
the
other
two
are
from
the
other
other
projects,
but
we
have
two
approaches
for
each
in
the
future.
We
are
going
to
have
a
pop
over
in
both
location
and
projects.
So
then
additional
filter
is
provided,
but
for
for
for
what
we
have
so
far
in
master
and
in
addition
to
this
Mr,
that's
what
we
have
for
now
and
yeah.
We
have
the
pagination.