[GSoC] EPSS History(Chart+Table)#2328
Conversation
|
Attached the following screenshots as reference: 
Note:
|
|
@tdruez your input is welcomed on the choice of billboard.js (vs. libraries already in use in ScanCode.io?) |
|
@pombredanne We use billboard.js in SCIO as well. |
pombredanne
left a comment
pombredanne
left a comment
There was a problem hiding this comment.
@Samk1710 Thanks... you'll need to resolve merge conflicts. And here are a few things to review.
| cves = { | ||
| alias_obj.alias | ||
| for alias_obj in advisory.aliases.all() | ||
| if alias_obj.alias.startswith("CVE-") |
There was a problem hiding this comment.
Why this check on the prefix? Is there a better way?
There was a problem hiding this comment.
I think a better way would be how the EPSS score is fetched. I followed that. See:
vulnerablecode/vulnerabilities/views.py
Line 679 in 4702c06
| for alias_obj in advisory.aliases.all() | ||
| if alias_obj.alias.startswith("CVE-") | ||
| } | ||
| if advisory.advisory_id and advisory.advisory_id.startswith("CVE-"): |
There was a problem hiding this comment.
I have removed the alias check now after clarifying it on slack.
https://aboutcode-org.slack.com/archives/C0A9H7AGCSJ/p1781805921752269
| ref_obj = AdvisoryReference.objects.create(url=json_data[0]["references"][0]["url"]) | ||
|
|
||
| for i, data in enumerate(json_data): | ||
| is_latest = i == 0 |
There was a problem hiding this comment.
not sure I get what this means: this would be true only on the 1st iteration, and is_latest seems to say the opposite?
There was a problem hiding this comment.
Yes. The first item in the test data is the latest one.
|
|
||
| advisory.references.add(ref_obj) | ||
|
|
||
| severity = data["severities"][0] |
There was a problem hiding this comment.
could you instead iterate on severities? this would be cleaner IMHO.
| const data = getHistoryData(); | ||
| if (!data.length) return; | ||
|
|
||
| toggleDisplay(chartWrap); |
There was a problem hiding this comment.
what is chartwrap? and tablewrap?
There was a problem hiding this comment.
these are the DOM containers for the chart and table. I actually renamed them to containers now, hope that's easier to read.
| @@ -0,0 +1,13 @@ | |||
| about_resource: billboard-3.18.0.pkgd.min.js | |||
There was a problem hiding this comment.
Please also include the non-minified version... also the js is NOT part of the zip you list at all, but part of the npm at https://registry.npmjs.org/billboard.js/-/billboard.js-3.18.0.tgz instead. Please use that version, not some random thing fetched from a CDN.
Also where is d3 coming from in all this?
There was a problem hiding this comment.
The minified JS bundles D3... Is this really a good thing?
Copyright (c) 2017 ~ present NAVER Corp.
billboard.js project is licensed under the MIT license
billboard.js, JavaScript chart library
@Version 3.18.0
All-in-one packaged file for ease use of 'billboard.js' with dependant d3.js modules & polyfills.
- @types/d3-selection ^3.0.11
- @types/d3-transition ^3.0.9
- d3-axis ^3.0.0
- d3-brush ^3.0.0
- d3-drag ^3.0.0
- d3-dsv ^3.0.1
- d3-ease ^3.0.1
- d3-hierarchy ^3.1.2
- d3-interpolate ^3.0.1
- d3-scale ^4.0.2
- d3-selection ^3.0.0
- d3-shape ^3.2.0
- d3-time-format ^4.1.0
- d3-transition ^3.0.1
- d3-zoom ^3.0.0
There was a problem hiding this comment.
I have added the un-minfied bundles for billboard and d3. Should we also change https://github.com/aboutcode-org/scancode.io/blob/main/scancodeio/static/billboard-3.0.1.pkgd.min.js ?
Thanks @pombredanne for the review. I will go through all your comments and update shortly. |
Signed-off-by: Sampurna Pyne <sampurnapyne1710@gmail.com>
Signed-off-by: Sampurna Pyne <sampurnapyne1710@gmail.com>
Signed-off-by: Sampurna Pyne <sampurnapyne1710@gmail.com>
Signed-off-by: Sampurna Pyne <sampurnapyne1710@gmail.com>
Signed-off-by: Sampurna Pyne <sampurnapyne1710@gmail.com> Refactor css for tooltip Signed-off-by: Sampurna Pyne <sampurnapyne1710@gmail.com>
Signed-off-by: Sampurna Pyne <sampurnapyne1710@gmail.com>
Signed-off-by: Sampurna Pyne <sampurnapyne1710@gmail.com>
Signed-off-by: Sampurna Pyne <sampurnapyne1710@gmail.com>
Samk1710
force-pushed
the
gsoc-epss-history
branch
from
3f78bc9 to
b60b3f5
Compare
Rebased and updated as per the review comments. Do let me know if it needs further improvement. @pombredanne |
Signed-off-by: Sampurna Pyne <sampurnapyne1710@gmail.com>
Samk1710
force-pushed
the
gsoc-epss-history
branch
from
b60b3f5 to
2dec56f
Compare
3 participants
Resolves
Tasks Done:
Test log excerpt:
Billboard links: