feat: add Security Summary page under OSS Health#473
feat: add Security Summary page under OSS Health#473tym83 wants to merge 1 commit intocozystack:mainfrom
Conversation
- Add "OSS Health > Security Summary" menu item - Create /oss-health/security/ page showing monthly security report - Display cards (new, fixed, in-progress, total tracked) and tables for fixed vulnerabilities, in-progress fixes, and accepted risks - Data source: data/security/monthly.json (updated by security scanner) - Styled consistently with the rest of the site Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> -e Signed-off-by: tym83 <6355522@gmail.com>
✅ Deploy Preview for cozystack ready!
To edit notification comments on pull requests, go to your Netlify project configuration. |
📝 WalkthroughWalkthroughA new OSS Health section for the Cozystack project is being added, featuring a Security Summary page that displays monthly security metrics and vulnerability tracking data. The implementation includes new styling, Hugo templates, navigation entries, documentation pages, and a JSON data schema. Changes
Estimated code review effort🎯 3 (Moderate) | ⏱️ ~20 minutes Poem
🚥 Pre-merge checks | ✅ 3✅ Passed checks (3 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request introduces an 'OSS Health' section and a 'Security Summary' page, including the necessary SCSS, content files, data structures, and Hugo templates. The review feedback suggests improving template robustness by using dot notation for safer data access and providing default values for metrics. It also recommends adding a URL to the 'OSS Health' menu item to improve navigation.
| @@ -0,0 +1,147 @@ | |||
| {{ define "main" }} | |||
| {{ $data := index .Site.Data.security "monthly" }} | |||
There was a problem hiding this comment.
Using the index function on .Site.Data.security is risky because it will cause a build failure if the security key is missing from .Site.Data (e.g., if the data/security/ directory does not exist). Hugo's dot notation is safer as it gracefully returns nil if any part of the path is missing.
| {{ $data := index .Site.Data.security "monthly" }} | |
| {{ $data := .Site.Data.security.monthly }} |
| <div class="card text-center h-100 shadow-sm security-card"> | ||
| <div class="card-body"> | ||
| <div class="security-icon text-info"><i class="fas fa-info-circle"></i></div> | ||
| <div class="security-value">{{ $data.stats.total_tracked }}</div> |
There was a problem hiding this comment.
Accessing nested fields like $data.stats.total_tracked can lead to empty values in the UI if the stats object is missing or null in the JSON data. Using the default filter ensures that the card always displays a fallback value (like 0) instead of being blank.
| <div class="security-value">{{ $data.stats.total_tracked }}</div> | |
| <div class="security-value">{{ $data.stats.total_tracked | default 0 }}</div> |
| - name: OSS Health | ||
| weight: 3 | ||
| identifier: oss-health |
There was a problem hiding this comment.
The OSS Health menu item is currently defined without a URL. While it serves as a parent for the Security Summary item, it's better to link it to the overview page at /oss-health/ (which exists in the content directory) so that users can click the top-level menu item to see the section landing page.
- name: OSS Health
url: /oss-health/
weight: 3
identifier: oss-health![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 1
🧹 Nitpick comments (1)
layouts/oss-health/baseof.html (1)
6-10: Align section base layout with site-wide base conventions.Line 6 and Line 10 omit two patterns used in other base templates (
body_classextension and announcement banner), which can cause inconsistent UX between sections.♻️ Proposed alignment diff
- <body class="td-{{ .Kind }}"> + <body class="td-{{ .Kind }}{{ with .Page.Params.body_class }} {{ . }}{{ end }}"> <header> {{ partial "navbar.html" . }} </header> + {{ partial "announcement-banner.html" . }} <div class="container-fluid td-outer">🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@layouts/oss-health/baseof.html` around lines 6 - 10, Update the base layout to follow site-wide conventions by replacing the hardcoded body class with a block override and adding the announcement partial: change the body tag from class="td-{{ .Kind }}" to use a block like {{ block "body_class" . }}td-{{ .Kind }}{{ end }} so sections can extend body_class, and insert the announcement banner partial (partial "announcement.html" .) near the header (e.g., immediately after {{ partial "navbar.html" . }}) to ensure the announcement displays consistently across sections.
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Inline comments:
In `@assets/scss/main.scss`:
- Line 152: The `@import` "security" statement is placed after non-import rules
causing a SCSS lint failure (no-invalid-position-at-import-rule); move the
`@import` "security" line into the top import block alongside the other `@import`
statements (i.e., relocate the `@import` "security" declaration so it appears
before any non-import rules in main.scss) to satisfy the linter.
---
Nitpick comments:
In `@layouts/oss-health/baseof.html`:
- Around line 6-10: Update the base layout to follow site-wide conventions by
replacing the hardcoded body class with a block override and adding the
announcement partial: change the body tag from class="td-{{ .Kind }}" to use a
block like {{ block "body_class" . }}td-{{ .Kind }}{{ end }} so sections can
extend body_class, and insert the announcement banner partial (partial
"announcement.html" .) near the header (e.g., immediately after {{ partial
"navbar.html" . }}) to ensure the announcement displays consistently across
sections.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: defaults
Review profile: CHILL
Plan: Pro
Run ID: 2adecd0a-d066-45ad-a399-69c19df35fe2
📒 Files selected for processing (8)
assets/scss/_security.scssassets/scss/main.scsscontent/en/oss-health/_index.mdcontent/en/oss-health/security/_index.mddata/security/monthly.jsonhugo.yamllayouts/oss-health/baseof.htmllayouts/oss-health/security.html
| @import "announcement-banner"; | ||
| @import "tabs_alerts"; | ||
| @import "override-docsy-tabs"; | ||
| @import "security"; |
There was a problem hiding this comment.
🧩 Analysis chain
🏁 Script executed:
#!/bin/bash
# Verify no `@import` appears after first non-import statement in assets/scss/main.scss
awk '
BEGIN { seen_non_import=0; bad=0 }
/^[[:space:]]*\/\// { next } # skip single-line comments
/^[[:space:]]*$/ { next } # skip blanks
/^[[:space:]]*@import[[:space:]]+/ {
if (seen_non_import) { print "Late import at line " NR ": " $0; bad=1 }
next
}
{ seen_non_import=1 }
END { exit bad }
' assets/scss/main.scssRepository: cozystack/website
Length of output: 881
Move the @import "security" statement above non-import rules to pass SCSS linting.
The import at line 152 violates no-invalid-position-at-import-rule, which fails CI. Relocate it to the top import block with other @import statements.
Suggested fix
// Import Docsy components
`@import` "docsy/variables_project_after_bs";
`@import` "docsy/support/utilities";
@@
`@import` "docsy/support/rtl";
+@import "security";-@import "security";🧰 Tools
🪛 Stylelint (17.6.0)
[error] 152-152: Unexpected invalid position @import rule (no-invalid-position-at-import-rule)
(no-invalid-position-at-import-rule)
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In `@assets/scss/main.scss` at line 152, The `@import` "security" statement is
placed after non-import rules causing a SCSS lint failure
(no-invalid-position-at-import-rule); move the `@import` "security" line into the
top import block alongside the other `@import` statements (i.e., relocate the
`@import` "security" declaration so it appears before any non-import rules in
main.scss) to satisfy the linter.
2 participants
Summary
/oss-health/security/under the OSS Health dropdown menudata/security/monthly.json(updated automatically by the security scanner pipeline monthly)How it works
monthly.pyon the 1st of each monthlatest.jsonwith triaged security datadata/security/monthly.jsonFiles
hugo.yaml— add OSS Health menu with Security Summary itemcontent/en/oss-health/security/_index.md— page contentlayouts/oss-health/security.html— page template with cards and tableslayouts/oss-health/baseof.html— base template with header/footerassets/scss/_security.scss— page stylesdata/security/monthly.json— placeholder data (populated by CI)🤖 Generated with Claude Code
Summary by CodeRabbit