Add DAST, graph modules, toast notifications, and dashboard enhancements

Add DAST scanning and code knowledge graph features across the stack: - compliance-dast and compliance-graph workspace crates - Agent API handlers and routes for DAST targets/scans and graph builds - Core models and traits for DAST and graph domains - Dashboard pages for DAST targets/findings/overview and graph explorer/impact - Toast notification system with auto-dismiss for async action feedback - Button click animations and disabled states for better UX Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-04 13:53:50 +01:00
parent 03ee69834d
commit cea8f59e10
69 changed files with 8745 additions and 54 deletions
--- a/compliance-agent/src/llm/triage.rs
+++ b/compliance-agent/src/llm/triage.rs
@@ -3,6 +3,7 @@ use std::sync::Arc;
 use compliance_core::models::{Finding, FindingStatus};

 use crate::llm::LlmClient;
+use crate::pipeline::orchestrator::GraphContext;

 const TRIAGE_SYSTEM_PROMPT: &str = r#"You are a security finding triage expert. Analyze the following security finding and determine:
 1. Is this a true positive? (yes/no)
@@ -12,11 +13,15 @@ const TRIAGE_SYSTEM_PROMPT: &str = r#"You are a security finding triage expert.
 Respond in JSON format:
 {"true_positive": true/false, "confidence": N, "remediation": "..."}"#;

-pub async fn triage_findings(llm: &Arc<LlmClient>, findings: &mut Vec<Finding>) -> usize {
+pub async fn triage_findings(
+    llm: &Arc<LlmClient>,
+    findings: &mut Vec<Finding>,
+    graph_context: Option<&GraphContext>,
+) -> usize {
    let mut passed = 0;

    for finding in findings.iter_mut() {
-        let user_prompt = format!(
+        let mut user_prompt = format!(
            "Scanner: {}\nRule: {}\nSeverity: {}\nTitle: {}\nDescription: {}\nFile: {}\nLine: {}\nCode: {}",
            finding.scanner,
            finding.rule_id.as_deref().unwrap_or("N/A"),
@@ -28,6 +33,37 @@ pub async fn triage_findings(llm: &Arc<LlmClient>, findings: &mut Vec<Finding>)
            finding.code_snippet.as_deref().unwrap_or("N/A"),
        );

+        // Enrich with graph context if available
+        if let Some(ctx) = graph_context {
+            if let Some(impact) = ctx
+                .impacts
+                .iter()
+                .find(|i| i.finding_id == finding.fingerprint)
+            {
+                user_prompt.push_str(&format!(
+                    "\n\n--- Code Graph Context ---\n\
+                     Blast radius: {} nodes affected\n\
+                     Entry points affected: {}\n\
+                     Direct callers: {}\n\
+                     Communities affected: {}\n\
+                     Call chains: {}",
+                    impact.blast_radius,
+                    if impact.affected_entry_points.is_empty() {
+                        "none".to_string()
+                    } else {
+                        impact.affected_entry_points.join(", ")
+                    },
+                    if impact.direct_callers.is_empty() {
+                        "none".to_string()
+                    } else {
+                        impact.direct_callers.join(", ")
+                    },
+                    impact.affected_communities.len(),
+                    impact.call_chains.len(),
+                ));
+            }
+        }
+
        match llm
            .chat(TRIAGE_SYSTEM_PROMPT, &user_prompt, Some(0.1))
            .await