Open harshad16 opened 2 years ago
/priority important-soon /triage accepted /sig stack-guidance
/kind feature
/assign
Here is a list of justifications metadata I could think of so far:
(Added in https://github.com/thoth-station/prescriptions-refresh-job/pull/155)
(Added in https://github.com/thoth-station/prescriptions-refresh-job/pull/177)
Do not hesitate if anything more could be added to this list.
cc @fridex @harshad16 @Gkrumbach07
Is there more data on security scorecards that could be returned as well? On the UI I have to search each justification for key words related to scorecards in order to properly display them. So a justification that contains the words "scorecard" and "fuzzing" match to the fuzzing scorecard data.
Also I believe scorecard data each get a rating of 0-10 to form an overall score. Can this also be returned?
We could return the scorecards information if it makes it easier to find justifications on the UI, but would this be considered metadata? My idea of scorecards metadata would be closer to the version of the scorecards dataset that was used for example.
I think you are right, it might not be metadata. Including the version in the metadata should be fine. Where would other data about scorecard go. Beyond just a message, link, and severity?
Do you mean where should it be returned for you to use it in the Search UI?
For that use case yes, but it would be helpful across other endpoints as well
Descriptions:
As a user of Thoth, I would like to have machine-readable access to the results of the recommendation engine. To support this, I would like to access results and read metadata in each justification and stack info entry. An example can be a justification entry provided by the unit responsible for providing CVE information - it can state how fresh the data are. Then, each user of Thoth would have access to this information and would be able to read this information.
Acceptance criteria