baruchiro
commented
1 year ago - To differentiate between the shared and specific properties, I suggest putting all the properties under the
dataproperty. - It is a common way to use objects with keys, instead of using arrays with the
typeproperty. So, instead ofsources[i].typewe will useObject.keys(sources). - Since each advisory has its own structure, the logic of whether this advisory is bad or not will be implemented inside the advisory code, and will be returned in the
issuesproperty.
{
name: "node-ipc",
loading: true, // indicating the package info is loading
type: "npm",
license: "MIT",
latest: "1.2.3",
created: 1677996776, // epoch utc
stars: 50000,
sources: {
checkmarx: {
error: true, // indicating error occured
},
snyk: {
loading: true, // indicating data is still loading
},
socket: {
issues: 3,
data: {
supplyChainScore: 100,
qualityScore: 74,
maintenanceScore: 78,
vulnerabilitiesScore: 100,
licenseScore: 88,
},
},
openbase: {
issues: 3,
data: {
userRatingScore: 4.8,
userFeedback: [
{
name: "Easy to use",
positive: true,
},
{
name: "Great Documentation",
positive: true,
},
{
name: "Performant",
positive: true,
},
{
name: "Bleeding Edge",
positive: false, // will be displayed as bad
},
{
name: "Highly Customizable",
positive: false, // will be displayed as bad
},
{
name: "Responsive Maintainers",
positive: false, // will be displayed as bad
},
],
},
},
depsDev: {
issues: 3,
data: {
score: 7.5,
checks: [
{
description: "Using protected branches",
score: 3.2,
},
{
description: "signed commits",
score: 5.2,
},
// more scorecards items...
],
},
},
debricked: {
issues: 3,
data: {
contributorsScore: 77,
popularityScore: 82,
securityScore: 59,
},
},
},
}
Either placed transparently on the global store or provided on demand, this is the expected data structure to display both the tooltip, general metadata, and modal.
For example, data structure expected for
node-ipcpackage: