Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add a Vulnerabilities tab in the Product details view #95 #173

Merged
merged 9 commits into from
Sep 2, 2024
Merged

Add a Vulnerabilities tab in the Product details view #95 #173

merged 9 commits into from
Sep 2, 2024

Conversation

tdruez
Copy link
Contributor

@tdruez tdruez commented Aug 29, 2024

No description provided.

tdruez added 9 commits August 28, 2024 17:12
@tdruez
Add a Vulnerabilities tab in the Product details view #95
bb91c1b 
Signed-off-by: tdruez <[email protected]>
@tdruez
Refactor ProductTabVulnerabilitiesView to remove duplication #95
1f6ed29 
Signed-off-by: tdruez <[email protected]>
@tdruez
Improve ProductTabVulnerabilitiesView #95
ec9d975 
Signed-off-by: tdruez <[email protected]>
@tdruez
Add unit tests #95
25a8430 
Signed-off-by: tdruez <[email protected]>
@tdruez
Fix failing tests #95
ff4a4a5 
Signed-off-by: tdruez <[email protected]>
@tdruez
Display the tab as disabled when no vulnerabilities found #95
bf4758f 
Signed-off-by: tdruez <[email protected]>
@tdruez
Fix the JS file integrity following the repo migration #95
0a6557b 
Signed-off-by: tdruez <[email protected]>
@tdruez
Fix failing tests #95
6d8a21b 
Signed-off-by: tdruez <[email protected]>
@tdruez
Fix column sorting for tabs #95
4ce5cf9 
Signed-off-by: tdruez <[email protected]>
@tdruez
Copy link
Contributor Author

tdruez commented Aug 30, 2024
edited
Loading

@DennisClark This is ready for review.
A new "Vulnerabilities" tab is available in the Product details view, listing all vulnerabilities of a Product. With the ability to filter and sort by score.
Note that the tab is displayed but disabled if no vulnerabilities is found for the Product.

@DennisClark
Copy link
Member

@tdruez The new "Vulnerabilities" tab is very impressive, and performance is excellent; however, I noticed a discrepancy that is a bit confusing. In Staging Starship, I opened product Astrolabe 2.5.7 and the Vulnerabilities tab presents 25 rows, but when I go to the Inventory tab and use the Filter "Affected by vulnerabilities", I only see 11 rows.

Wait, I think I just figured it out. One of the packages pkg:pypi/[email protected] has 13 vulnerabilities, and some others have more than one as well. The Inventory tab is a listing of packages (and components) and the Vulnerabilities tab is a listing of the vulnerabilities, and one can easily see that a number of packages are repeated in the right column. Great.

So far so good then ! No problems found.

@DennisClark
Copy link
Member

@tdruez , the new Vulnerabilities tab works quite well to provide information, and in that respect it is working just fine. I think we still need the filter on the Inventory tab, because that is where the user can access the Product-Package relationship and update the review status and add notes, etc.

I think this one is ready to deploy.

@tdruez tdruez merged commit 45cc6ba into main Sep 2, 2024
3 checks passed
@tdruez tdruez deleted the 95-product-vulnerabilities-tab branch September 2, 2024 04:02
@tdruez tdruez mentioned this pull request Sep 2, 2024
Closed
@tdruez tdruez mentioned this pull request Oct 24, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@tdruez @DennisClark