Skip to content

Refine the consistency of Product import actions #241 #268

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
tdruez merged 8 commits into from
Feb 21, 2025
Merged

Refine the consistency of Product import actions #241 #268

tdruez merged 8 commits into from
Feb 21, 2025

Conversation

@tdruez
Copy link
Contributor

@tdruez tdruez commented Feb 20, 2025

UI

  • Updated the label of the following Product actions. The labels were updated everywhere in the UI (page title, documentation, import log, etc...) for consistency:
    • Import data from Scan -> Import ScanCode scan results
    • Load Packages from SBOMs -> Import SBOM
    • Import Packages from manifests -> Import Package manifests
    • Pull ScanCode.io Project data -> Import ScanCode.io project
  • Improve the rendering and layout of the Import related forms for consistency, simplicity, and readability.

Input validation

  • Import ScanCode scan results:

    • Only accepts .json file extension.
    • Validate the content is a ScanCode output and raise a "The uploaded file is not a proper ScanCode output results." for error.

  • Import SBOM:

    • Only accepts .json, .ABOUT, and .zip file extensions.
    • When a json file is provided, check if the content is a "ScanCode output" and raise a "Your file appears to be a ScanCode scan results." error.

Note: While we could enforce stricter validation on SBOM inputs in DejaCode (e.g., requiring valid CycloneDX or SPDX formats), I don’t believe this would be beneficial. In practice, we frequently encounter invalid SBOMs on the ScanCode.io side and have made efforts to support them regardless. Enforcing strict validation in DejaCode while ScanCode.io remains flexible could lead to frustration. For an examples, see aboutcode-org/scancode.io#1185 aboutcode-org/scancode.io#1249 aboutcode-org/scancode.io#1515

Documentation

Updated documentation available at https://dejacode.readthedocs.io/en/241-import-actions/

@DennisClark
Copy link
Member

DennisClark commented Feb 20, 2025

@tdruez the improved UI and messages look great on Staging Starship. One thing that I had not noticed before: we create an Imports tab for SBOM but not for scan results. Is it possible/practical to show the scan results on the Imports tab as well?

@tdruez
Copy link
Contributor Author

tdruez commented Feb 21, 2025

Is it possible/practical to show the scan results on the Imports tab as well?

The "Import ScanCode scan results" is now also logged in the "Import" tab.

@tdruez
Fix failing tests #241
5a1f118 
Signed-off-by: tdruez <[email protected]>
@DennisClark
Copy link
Member

DennisClark commented Feb 21, 2025

@tdruez improved Imports tab confirmed on Staging Starship -- a very nice enhancement, thanks!

@tdruez tdruez merged commit 1f6db43 into main Feb 21, 2025
4 checks passed
@tdruez tdruez deleted the 241-import-actions branch February 21, 2025 23:31
@tdruez tdruez mentioned this pull request Feb 21, 2025
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@tdruez @DennisClark