feat(frontend): Upstream and Downstream hierarchy display on frontend #3208
Conversation
jess-lowe
changed the title
jess-lowe
requested review from
oliverchang,
andrewpollock,
michaelkedar,
hogo6002,
cuixq and
another-rex
| @@ -302,9 +303,25 @@ def bug_to_response(bug, detailed=True): | |||
| if detailed: | |||
| add_links(response) | |||
| add_source_info(bug, response) | |||
| add_stream_info(bug, response) | |||
There was a problem hiding this comment.
how long does this take, relative to the other add info functions?
| for child in graph[vuln_id]: | ||
| if child != target_bug_id: | ||
| output_lines.append("<ul>") | ||
| print_subtree(child) |
There was a problem hiding this comment.
does this handle cycles?
There was a problem hiding this comment.
Just added a change that will prevent the cycle from displaying, and will log an error, but won't prevent the whole vuln from being displayed.
| """Add upstream hierarchy information to `response`.""" | ||
| # Check whether there are upstreams | ||
| if bug.upstream_raw: | ||
| upstream_hierarchy_string = get_upstreams_of_vulnerability(bug.db_id) |
There was a problem hiding this comment.
Maybe we can use response['upstream'], which already contains upstream information from the upstream_group. Passing response['upstream'] into the function can save a query.
There was a problem hiding this comment.
As far as I can tell, response['upstream'] doesn't exist. and bug only has bug.upstream_raw, which we can't rely on to be the full set of transitive upstreams to feed to the hierarchy string generator.
There was a problem hiding this comment.
Yeah bug itself doesn't contain the final upstream, but vulnerability does. The response here is converted from vulnerability. We did queries for upstream and aliases inside the to_vulnerability() function.
Added the logic to display the hierarchy of the upstream and downstream vuln entries.
Example of top, middle, and bottom levels of vulns: