feat: add new scanners, enhanced triage, findings refinement, and deployment tooling

- Add gitleaks secret detection, lint scanning (clippy/eslint/ruff), and LLM code review scanners - Enhance LLM triage with multi-action support (confirm/downgrade/upgrade/dismiss), surrounding code context, and file-path classification confidence adjustment - Add text search, column sorting, and bulk status update to findings dashboard - Fix finding detail page status refresh and add developer feedback field - Fix BSON DateTime deserialization across all models with shared serde helpers - Add scan progress spinner with polling to repositories page - Batch OSV.dev queries to avoid "Too many queries" errors - Add gitleaks, semgrep, and ruff to Dockerfile.agent for deployment Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-09 11:05:31 +01:00
parent 32e5fc21e7
commit 23ba52276b
31 changed files with 1602 additions and 95 deletions
--- a/compliance-dashboard/src/infrastructure/findings.rs
+++ b/compliance-dashboard/src/infrastructure/findings.rs
@@ -11,12 +11,16 @@ pub struct FindingsListResponse {
 }

 #[server]
+#[allow(clippy::too_many_arguments)]
 pub async fn fetch_findings(
    page: u64,
    severity: String,
    scan_type: String,
    status: String,
    repo_id: String,
+    q: String,
+    sort_by: String,
+    sort_order: String,
 ) -> Result<FindingsListResponse, ServerFnError> {
    let state: super::server_state::ServerState =
        dioxus_fullstack::FullstackContext::extract().await?;
@@ -37,6 +41,18 @@ pub async fn fetch_findings(
    if !repo_id.is_empty() {
        url.push_str(&format!("&repo_id={repo_id}"));
    }
+    if !q.is_empty() {
+        url.push_str(&format!(
+            "&q={}",
+            url::form_urlencoded::byte_serialize(q.as_bytes()).collect::<String>()
+        ));
+    }
+    if !sort_by.is_empty() {
+        url.push_str(&format!("&sort_by={sort_by}"));
+    }
+    if !sort_order.is_empty() {
+        url.push_str(&format!("&sort_order={sort_order}"));
+    }

    let resp = reqwest::get(&url)
        .await
@@ -82,3 +98,43 @@ pub async fn update_finding_status(id: String, status: String) -> Result<(), Ser

    Ok(())
 }
+
+#[server]
+pub async fn bulk_update_finding_status(
+    ids: Vec<String>,
+    status: String,
+) -> Result<(), ServerFnError> {
+    let state: super::server_state::ServerState =
+        dioxus_fullstack::FullstackContext::extract().await?;
+    let url = format!("{}/api/v1/findings/bulk-status", state.agent_api_url);
+
+    let client = reqwest::Client::new();
+    client
+        .patch(&url)
+        .json(&serde_json::json!({ "ids": ids, "status": status }))
+        .send()
+        .await
+        .map_err(|e| ServerFnError::new(e.to_string()))?;
+
+    Ok(())
+}
+
+#[server]
+pub async fn update_finding_feedback(
+    id: String,
+    feedback: String,
+) -> Result<(), ServerFnError> {
+    let state: super::server_state::ServerState =
+        dioxus_fullstack::FullstackContext::extract().await?;
+    let url = format!("{}/api/v1/findings/{id}/feedback", state.agent_api_url);
+
+    let client = reqwest::Client::new();
+    client
+        .patch(&url)
+        .json(&serde_json::json!({ "feedback": feedback }))
+        .send()
+        .await
+        .map_err(|e| ServerFnError::new(e.to_string()))?;
+
+    Ok(())
+}