Refine the consistency of Product import actions #241 #268

tdruez · 2025-02-20T22:44:27Z

UI

Updated the label of the following Product actions. The labels were updated everywhere in the UI (page title, documentation, import log, etc...) for consistency:
- Import data from Scan -> Import ScanCode scan results
- Load Packages from SBOMs -> Import SBOM
- Import Packages from manifests -> Import Package manifests
- Pull ScanCode.io Project data -> Import ScanCode.io project
Improve the rendering and layout of the Import related forms for consistency, simplicity, and readability.

Input validation

Import ScanCode scan results:
- Only accepts .json file extension.
- Validate the content is a ScanCode output and raise a "The uploaded file is not a proper ScanCode output results." for error.
Import SBOM:
- Only accepts .json, .ABOUT, and .zip file extensions.
- When a json file is provided, check if the content is a "ScanCode output" and raise a "Your file appears to be a ScanCode scan results." error.

Note: While we could enforce stricter validation on SBOM inputs in DejaCode (e.g., requiring valid CycloneDX or SPDX formats), I don’t believe this would be beneficial. In practice, we frequently encounter invalid SBOMs on the ScanCode.io side and have made efforts to support them regardless. Enforcing strict validation in DejaCode while ScanCode.io remains flexible could lead to frustration. For an examples, see aboutcode-org/scancode.io#1185 aboutcode-org/scancode.io#1249 aboutcode-org/scancode.io#1515

Documentation

Updated documentation available at https://dejacode.readthedocs.io/en/241-import-actions/

Signed-off-by: tdruez <tdruez@nexb.com>

DennisClark · 2025-02-20T23:45:15Z

@tdruez the improved UI and messages look great on Staging Starship. One thing that I had not noticed before: we create an Imports tab for SBOM but not for scan results. Is it possible/practical to show the scan results on the Imports tab as well?

Signed-off-by: tdruez <tdruez@nexb.com>

tdruez · 2025-02-21T22:20:46Z

Is it possible/practical to show the scan results on the Imports tab as well?

The "Import ScanCode scan results" is now also logged in the "Import" tab.

Signed-off-by: tdruez <tdruez@nexb.com>

DennisClark · 2025-02-21T22:32:54Z

@tdruez improved Imports tab confirmed on Staging Starship -- a very nice enhancement, thanks!

Signed-off-by: tdruez <tdruez@nexb.com>

tdruez added 5 commits February 20, 2025 10:49

Refine the consistency of Product import actions #241

12b5806

Signed-off-by: tdruez <tdruez@nexb.com>

Refine the consistency of Product import actions #241

0fc6b32

Signed-off-by: tdruez <tdruez@nexb.com>

Improve the Import forms rendering for better readability #241

4851d11

Signed-off-by: tdruez <tdruez@nexb.com>

Add validation for the LoadSBOMsForm #241

f03843c

Signed-off-by: tdruez <tdruez@nexb.com>

Fix parts of the failing tests #241

2e12517

Signed-off-by: tdruez <tdruez@nexb.com>

Log "Import ScanCode scan results" as ScanCodeProject #241

c845968

Signed-off-by: tdruez <tdruez@nexb.com>

Fix failing tests #241

5a1f118

Signed-off-by: tdruez <tdruez@nexb.com>

Add unit tests and CHANGELOG entry #241

83a4a3b

Signed-off-by: tdruez <tdruez@nexb.com>

tdruez merged commit 1f6db43 into main Feb 21, 2025
4 checks passed

tdruez deleted the 241-import-actions branch February 21, 2025 23:31

tdruez mentioned this pull request Feb 21, 2025

Enhancement request: Help users choose between loading scan results vs SBOMs to a Product #241

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Refine the consistency of Product import actions #241 #268

Refine the consistency of Product import actions #241 #268

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Refine the consistency of Product import actions #241 #268

Refine the consistency of Product import actions #241 #268

Uh oh!

Conversation

UI

Input validation

Documentation

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!