Skip to content

feat(integration): Exploit Intelligence integration#1125

Draft
Strum355 wants to merge 6 commits into
guacsec:mainfrom
Strum355:nsc/exploit-intelligence-integration
Draft

feat(integration): Exploit Intelligence integration#1125
Strum355 wants to merge 6 commits into
guacsec:mainfrom
Strum355:nsc/exploit-intelligence-integration

Conversation

@Strum355

@Strum355 Strum355 commented Jul 1, 2026

Copy link
Copy Markdown
Member

Summary

Adds "Exploit Intelligence" integration support into the trustify UI. Based on the mockups by Meredith found here: https://meredithrenda.github.io/trustify-ui/sboms/a1b2c3d4-0001-4000-8000-000000000001?sd%3AactiveTab=vulnerabilities, adds the "Exploit Intelligence Analysis" column with "Request Analysis" button, analysis results cell & link to report, as well as the trustify API wiring for this.

TPA backend implementation found at the following branch: https://github.com/guacsec/trustify/compare/main...Strum355:trustify:TC-4677?expand=1

Related Issues

https://redhat.atlassian.net/browse/TC-4676 and https://redhat.atlassian.net/browse/TC-4678

Type of Change

  • Bug fix
  • New feature
  • Refactor / code improvement
  • Documentation
  • Other (describe below)

Testing

  • All tests pass (npm test)
  • No lint errors (npm run lint)
  • No type errors (TypeScript compiles cleanly)
  • New/changed UI behavior visually verified in browser
  • Mock data updated if API types changed

Screenshots

TODO: will add later

Summary by Sourcery

Integrate exploit intelligence analysis into the SBOM vulnerabilities view, including UI, state mapping, and API wiring.

New Features:

  • Add an Exploit Intelligence column to the SBOM vulnerabilities table with request and results display.
  • Introduce a reusable Exploit Intelligence analysis cell component that supports multi-component findings, tooltips, and report links.
  • Add client-side queries and mutations for exploit intelligence jobs and analysis submission against the backend API.

Enhancements:

  • Adjusted column widths to accommodate the new column.

Tests:

  • Add unit tests for exploit intelligence query state mapping and the analysis cell component’s rendering and interactions.

Strum355 and others added 5 commits June 11, 2026 15:51
… table

Add a new "Exploit Intelligence" column to the SBOM details vulnerability
table that enables exploit intelligence analysis for Critical and High
severity vulnerabilities. The component uses local state with mock data;
real API integration is planned for a future task.

- Create ExploitIntelligenceAnalysisCell component with severity gating
- Non-eligible severities display "Not eligible" with tooltip
- Eligible vulnerabilities show "Run analysis" button
- Mock analysis returns deterministic results based on CVE identifier
- Results displayed as color-coded PatternFly Labels

Implements TC-4676

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Assisted-by: Claude Code
…cell

- Add initialSort for CVSS descending in vulnerability table
- Fix timer leak in handleRunAnalysis using useRef + useEffect cleanup
- Expand analysis state model from 3 states to all 6 spec states
- Replace inline color token with PatternFly Content component

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Refactor ExploitIntelligenceAnalysisCell to pure presentational component
- Export ExploitIntelligenceCellState type for TC-4678 API wiring
- Add View report link for completed findings with reportUrl
- Fix non-eligible CVE rendering to disabled button with tooltip
- Add 9 unit tests covering all states and callbacks

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Replace mock state management with TanStack Query hooks that fetch job
status from /api/v3/exploit-intelligence and submit analysis requests.
Auto-polls every 10s while jobs are pending or running.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Rework the ExploitIntelligenceAnalysisCell to match the updated UX
mockup for SPDX multi-component analysis results:

- Refactor finding type to a discriminated union with optional count
  and breakdown fields per variant (replaces flat componentProgress)
- Show count-prefixed labels for multi-component results (e.g.
  "21 Vulnerable", "4 Uncertain")
- Replace Popover + DescriptionList breakdown with a Tooltip showing
  plain-text lines for non-zero categories
- Switch "Request Analysis" button from link+icon to secondary variant
- Render "In progress" as a Label with inline Spinner icon
- Add "Not vulnerable" filled label variant
- Add failed-state tooltip message
- Update jobToState() to produce count/breakdown from backend
  component counts on completed multi-component jobs
- Update tests for new type shapes and rendering

Implements: TC-4676

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@sourcery-ai

sourcery-ai Bot commented Jul 1, 2026

Copy link
Copy Markdown
Contributor

Reviewer's Guide

Adds Exploit Intelligence integration to the SBOM vulnerabilities table, including a new analysis column wired to a backend EI API, React Query hooks for job polling and submission, a reusable cell component with status/tooltip/report link behavior, severity-based eligibility rules, notifications on submission failure, and comprehensive unit tests for state mapping and UI rendering.

Sequence diagram for Exploit Intelligence analysis request and job polling

sequenceDiagram
  actor User
  participant VulnerabilitiesBySbom
  participant ExploitIntelligenceAnalysisCell
  participant useSubmitExploitAnalysisMutation
  participant ExploitIntelligenceAPI
  participant useFetchExploitIntelligenceJobs

  User->>ExploitIntelligenceAnalysisCell: click Request Analysis
  ExploitIntelligenceAnalysisCell->>VulnerabilitiesBySbom: onRequestAnalysis(vulnerabilityIdentifier)
  VulnerabilitiesBySbom->>useSubmitExploitAnalysisMutation: mutate({ sbom_id, vulnerability_id })
  useSubmitExploitAnalysisMutation->>ExploitIntelligenceAPI: POST /api/v3/exploit-intelligence/analyze
  ExploitIntelligenceAPI-->>useSubmitExploitAnalysisMutation: SubmitAnalysisResponse
  useSubmitExploitAnalysisMutation->>useFetchExploitIntelligenceJobs: invalidateQueries([ExploitIntelligenceQueryKey, "jobs", sbom_id])
  loop while hasActiveJobs(jobs)
    useFetchExploitIntelligenceJobs->>ExploitIntelligenceAPI: GET /api/v3/exploit-intelligence/jobs?sbom_id
    ExploitIntelligenceAPI-->>useFetchExploitIntelligenceJobs: JobsListResponse
    useFetchExploitIntelligenceJobs->>useFetchExploitIntelligenceJobs: buildStateMap(jobs)
    useFetchExploitIntelligenceJobs-->>VulnerabilitiesBySbom: stateMap
    VulnerabilitiesBySbom-->>ExploitIntelligenceAnalysisCell: state
  end
  useSubmitExploitAnalysisMutation-->>VulnerabilitiesBySbom: onError
  VulnerabilitiesBySbom->>NotificationsContext: pushNotification({ title, variant: "danger" })
Loading

File-Level Changes

Change Details Files
Wire vulnerabilities-by-sbom table to Exploit Intelligence jobs and analysis submission.
  • Import NotificationsContext and new exploit-intelligence query hooks into the SBOM vulnerabilities page.
  • Create ELIGIBLE_SEVERITIES set and pass severity-based requestAnalysisEligible into the EI cell.
  • Fetch EI job stateMap per SBOM and pass per-row state into the EI cell.
  • Add an Exploit Intelligence column with tooltip to the vulnerabilities table and adjust column widths and default sort order to accommodate it.
  • Implement handleRequestAnalysis callback that triggers the EI mutation and shows a danger notification on error.
client/src/app/pages/sbom-details/vulnerabilities-by-sbom.tsx
Introduce Exploit Intelligence table cell component encapsulating UI states, tooltips, and report link behavior.
  • Define ExploitIntelligenceFinding and ExploitIntelligenceCellState types to model EI status, including multi-component breakdown and optional report URL.
  • Render a Request Analysis button when no job has run, with accessibility labels and an ineligibility tooltip when disabled.
  • Render status labels (vulnerable, not_vulnerable, uncertain, in_progress with spinner, failed with icon) with color coding and optional report link button.
  • Provide tooltips for multi-component findings showing breakdown counts, and style the in-progress label via a dedicated CSS class.
client/src/app/pages/sbom-details/components/exploit-intelligence-analysis-cell.tsx
client/src/app/pages/sbom-details/components/exploit-intelligence.css
Add React Query hooks and state-mapping logic for Exploit Intelligence jobs API.
  • Define EI API types, including job summary structure with component-level counts and submit-analysis request/response types.
  • Implement jobToState and helpers to convert raw jobs into cell states, including breakdown counts, variant mapping, and report URL propagation.
  • Build a vulnerability_id-keyed state map that prefers active or more informative jobs using a replacement heuristic.
  • Create useFetchExploitIntelligenceJobs hook that calls the EI jobs endpoint, derives jobs/stateMap/flags, and polls while jobs are active.
  • Create useSubmitExploitAnalysisMutation hook that posts analyze requests and invalidates the jobs query on success.
client/src/app/queries/exploit-intelligence.ts
Add unit tests for Exploit Intelligence state mapping and cell rendering behavior.
  • Test jobToState for all job status/finding combinations, including multi-component breakdown handling and null/default behavior.
  • Test buildStateMap to ensure correct keying, precedence of in-progress jobs, and preservation of breakdown info.
  • Test ExploitIntelligenceAnalysisCell rendering for all states, button enable/disable, count-prefixed labels, report link generation, and callback invocation.
  • Verify absence of tooltips for single-component findings and correct labeling for in-progress state.
client/src/app/queries/exploit-intelligence.test.ts
client/src/app/pages/sbom-details/components/exploit-intelligence-analysis-cell.test.tsx

Tips and commands

Interacting with Sourcery

  • Trigger a new review: Comment @sourcery-ai review on the pull request.
  • Continue discussions: Reply directly to Sourcery's review comments.
  • Generate a GitHub issue from a review comment: Ask Sourcery to create an
    issue from a review comment by replying to it. You can also reply to a
    review comment with @sourcery-ai issue to create an issue from it.
  • Generate a pull request title: Write @sourcery-ai anywhere in the pull
    request title to generate a title at any time. You can also comment
    @sourcery-ai title on the pull request to (re-)generate the title at any time.
  • Generate a pull request summary: Write @sourcery-ai summary anywhere in
    the pull request body to generate a PR summary at any time exactly where you
    want it. You can also comment @sourcery-ai summary on the pull request to
    (re-)generate the summary at any time.
  • Generate reviewer's guide: Comment @sourcery-ai guide on the pull
    request to (re-)generate the reviewer's guide at any time.
  • Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
    pull request to resolve all Sourcery comments. Useful if you've already
    addressed all the comments and don't want to see them anymore.
  • Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
    request to dismiss all existing Sourcery reviews. Especially useful if you
    want to start fresh with a new review - don't forget to comment
    @sourcery-ai review to trigger a new review!

Customizing Your Experience

Access your dashboard to:

  • Enable or disable review features such as the Sourcery-generated pull request
    summary, the reviewer's guide, and others.
  • Change the review language.
  • Add, remove or edit custom review instructions.
  • Adjust other review settings.

Getting Help

@codecov

codecov Bot commented Jul 1, 2026

Copy link
Copy Markdown

Codecov Report

❌ Patch coverage is 85.45455% with 24 lines in your changes missing coverage. Please review.
✅ Project coverage is 53.97%. Comparing base (310ec61) to head (5f7f4ec).
⚠️ Report is 23 commits behind head on main.

Files with missing lines Patch % Lines
client/src/app/queries/exploit-intelligence.ts 80.28% 13 Missing and 1 partial ⚠️
.../components/exploit-intelligence-analysis-cell.tsx 92.85% 5 Missing and 1 partial ⚠️
...app/pages/sbom-details/vulnerabilities-by-sbom.tsx 60.00% 4 Missing ⚠️
Additional details and impacted files
@@            Coverage Diff             @@
##             main    #1125      +/-   ##
==========================================
+ Coverage   51.48%   53.97%   +2.48%     
==========================================
  Files         275      272       -3     
  Lines        5988     6044      +56     
  Branches     1853     1920      +67     
==========================================
+ Hits         3083     3262     +179     
+ Misses       2593     2476     -117     
+ Partials      312      306       -6     
Flag Coverage Δ
e2e 69.84% <36.11%> (+0.33%) ⬆️
unit 8.93% <78.88%> (+6.11%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Harness.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@Strum355 Strum355 changed the title Nsc/exploit intelligence integration feat(integration): Exploit Intelligence integration Jul 1, 2026
The initialSort override changed the vulnerability table default from
Id ascending to CVSS descending, breaking existing e2e sort tests.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

Status: No status

Development

Successfully merging this pull request may close these issues.

1 participant