breakpilot-compliance/backend-compliance/compliance/schemas/screening.py

"""
System Screening schemas — SBOM + vulnerability scan results.

Phase 1 Step 4: extracted from ``compliance.api.screening_routes``.
"""

from typing import Any, Optional

from pydantic import BaseModel


class SecurityIssueResponse(BaseModel):
    id: str
    severity: str
    title: str
    description: Optional[str] = None
    cve: Optional[str] = None
    cvss: Optional[float] = None
    affected_component: str
    affected_version: Optional[str] = None
    fixed_in: Optional[str] = None
    remediation: Optional[str] = None
    status: str = "OPEN"


class SBOMComponentResponse(BaseModel):
    name: str
    version: str
    type: str
    purl: str
    licenses: list[str]
    vulnerabilities: list[dict[str, Any]]


class ScreeningResponse(BaseModel):
    id: str
    status: str
    sbom_format: str
    sbom_version: str
    total_components: int
    total_issues: int
    critical_issues: int
    high_issues: int
    medium_issues: int
    low_issues: int
    components: list[SBOMComponentResponse]
    issues: list[SecurityIssueResponse]
    started_at: Optional[str] = None
    completed_at: Optional[str] = None


class ScreeningListResponse(BaseModel):
    screenings: list[dict[str, Any]]
    total: int


__all__ = [
    "SecurityIssueResponse",
    "SBOMComponentResponse",
    "ScreeningResponse",
    "ScreeningListResponse",
]