dependency-track
dependency-track copied to clipboard
DependencyTrack
Project parent child relationship
The database offers the feature of having a parent child relation between projects. In our case we use projects as parts of the end user project. The content of the end user projects are similar but the versions of the sub projects differs over time.
Current Behavior:
Database column for parent project id exists but this will only cover the 1:1 relationship.
Proposed Behavior:
It shall be possible to associate a project to another project as a child project. The child project and version shall exists more than once. For each parent project the child project and version shall be unique. There shall be an additional tab in the projects view for a list of child projects
This issue seems to be similar but it does not cover the fact that more then one parent project can contain a project with the same version. Projects are identified by i.e. on BOM upload by name and version.
You mean you have a set of Projects, and other projects use these projects as lets say components? Wouldn't that be more like a dependency from the parent project on some "library" which is then your other project?
Not sure if that works, but if you define a package identifier for the sub-projects, then reference those identifiers in the BOM file of the parent project, could that be the solution already?
Maybe that this will work but it means every subproject should be in a repository listed. otherwise dtrack is not able to find outdated projects/components. And of course not every project/subproject can be published to a repo because it is a bundle of i.e. npm parts, dotnet/nuget parts and so on.
