Skip to content

test: script for AIBOM and CBOM label validation#913

Merged
mrrajan merged 6 commits intoguacsec:mainfrom
mrrajan:tests/aibom_cbom
Feb 5, 2026
Merged

test: script for AIBOM and CBOM label validation#913
mrrajan merged 6 commits intoguacsec:mainfrom
mrrajan:tests/aibom_cbom

Conversation

@mrrajan
Copy link
Copy Markdown
Contributor

@mrrajan mrrajan commented Feb 2, 2026
edited by sourcery-ai bot
Loading

  • Added tests for AIBOM and CBOM label validation
  • Updated toHaveColumnWithValue for table validation
  • Updated test data

Summary by Sourcery

Extend table matchers to support conditional column value checks and add SBOM label validation flows for AIBOM and CBOM across list and explorer pages.

Tests:

  • Add end-to-end scenarios to verify AIBOM and CBOM labels visibility and filtering on SBOM list and explorer pages.
  • Update existing column validation tests to use the new table column matcher options and refresh test data expectations for list and package filters.

@sourcery-ai
Copy link
Copy Markdown
Contributor

sourcery-ai bot commented Feb 2, 2026
edited
Loading

Reviewer's Guide

Extends the table matcher API to support configurable matching conditions, updates all affected tests to the new signature, and adds/adjusts SBOM UI feature scenarios to validate AI/CBOM labels and related list/explorer filtering behavior, including some test data tweaks.

File-Level Changes

Change Details Files
Extend toHaveColumnWithValue matcher to support an options object with rowIndex and a new all/any matching mode, and update all call sites.
  • Change matcher interface to accept an options argument instead of a positional rowIndex parameter.
  • Implement matchingCondition defaulting to 'any' and support 'all' to validate that every row in a column contains a value when no rowIndex is provided.
  • Keep existing single-row behavior by using options.rowIndex when provided.
  • Update success message text to distinguish between all-rows checks and specific-row checks.
  • Refactor all tests that used the old signature to pass { rowIndex } via the options object.
 e2e/tests/ui/assertions/TableMatchers.ts
e2e/tests/ui/pages/vulnerability-details/sboms/columns.spec.ts
e2e/tests/ui/pages/vulnerability-details/advisories/columns.spec.ts
e2e/tests/ui/pages/sbom-details/vulnerabilities/columns.spec.ts
e2e/tests/ui/pages/advisory-details/vulnerabilities/columns.spec.ts
e2e/tests/ui/pages/package-details/sboms/columns.spec.ts
e2e/tests/ui/pages/package-details/vulnerabilities/columns.spec.ts
e2e/tests/ui/pages/common/filter-test-helpers.ts
e2e/tests/ui/features/@sbom-explorer/sbom-explorer.step.ts
Add and enhance SBOM search and explorer feature scenarios and steps to validate AIBOM/CBOM labels and label-based filtering.
  • Adjust existing SBOM label step text to say labels are visible on the page instead of just added, to align with new assertions.
  • Add scenarios to verify CBOM and AIBOM labels on SBOM list and explorer pages using concrete test SBOMs.
  • Introduce generic step definitions to apply label, text, and license filters on the SBOM List page and assert that only SBOMs with a given label are shown using the new all-rows matcher mode.
  • Reuse SbomListPage.fromCurrentPage where navigation is not required and add this constructor-like helper.
 e2e/tests/ui/features/@sbom-search/sbom-search.feature
e2e/tests/ui/features/@sbom-search/sbom-search.step.ts
e2e/tests/ui/features/@sbom-explorer/sbom-explorer.feature
e2e/tests/ui/features/@sbom-explorer/sbom-explorer.step.ts
e2e/tests/ui/pages/sbom-list/SbomListPage.ts
Update filter edge-case tests and underlying expectations to align with new test data (notably for AIBOM/CBOM-related SBOMs/packages).
  • Change expected package name for the empty filter input test on the package list page.
  • Change expected SBOM name for the empty filter input test on the SBOM list page.
  • Ensure filter tests use new or more stable seeded data like 'claude-4-opus' and 'HdrHistogram'.
 e2e/tests/ui/pages/package-list/filter.spec.ts
e2e/tests/ui/pages/sbom-list/filter.spec.ts
Tips and commands

Interacting with Sourcery

  • Trigger a new review: Comment @sourcery-ai review on the pull request.
  • Continue discussions: Reply directly to Sourcery's review comments.
  • Generate a GitHub issue from a review comment: Ask Sourcery to create an
    issue from a review comment by replying to it. You can also reply to a
    review comment with @sourcery-ai issue to create an issue from it.
  • Generate a pull request title: Write @sourcery-ai anywhere in the pull
    request title to generate a title at any time. You can also comment
    @sourcery-ai title on the pull request to (re-)generate the title at any time.
  • Generate a pull request summary: Write @sourcery-ai summary anywhere in
    the pull request body to generate a PR summary at any time exactly where you
    want it. You can also comment @sourcery-ai summary on the pull request to
    (re-)generate the summary at any time.
  • Generate reviewer's guide: Comment @sourcery-ai guide on the pull
    request to (re-)generate the reviewer's guide at any time.
  • Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
    pull request to resolve all Sourcery comments. Useful if you've already
    addressed all the comments and don't want to see them anymore.
  • Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
    request to dismiss all existing Sourcery reviews. Especially useful if you
    want to start fresh with a new review - don't forget to comment
    @sourcery-ai review to trigger a new review!

Customizing Your Experience

Access your dashboard to:

  • Enable or disable review features such as the Sourcery-generated pull request
    summary, the reviewer's guide, and others.
  • Change the review language.
  • Add, remove or edit custom review instructions.
  • Adjust other review settings.

Getting Help

sourcery-ai[bot]
sourcery-ai bot reviewed Feb 2, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@sourcery-ai sourcery-ai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hey - I've left some high level feedback:

  • In toHaveColumnWithValue, the success message for the rowIndex-undefined case always claims All rows match even when matchingCondition === "any"; consider tailoring the message based on the actual matching condition to avoid misleading output.
  • The new options handling in toHaveColumnWithValue includes a redundant const rowIndex = options?.rowIndex ?? undefined; assignment; since options?.rowIndex is already number | undefined, you can simplify by using it directly and reduce noise.
Prompt for AI Agents 
Please address the comments from this code review:

## Overall Comments
- In `toHaveColumnWithValue`, the success message for the rowIndex-undefined case always claims `All rows` match even when `matchingCondition === "any"`; consider tailoring the message based on the actual matching condition to avoid misleading output.
- The new `options` handling in `toHaveColumnWithValue` includes a redundant `const rowIndex = options?.rowIndex ?? undefined;` assignment; since `options?.rowIndex` is already `number | undefined`, you can simplify by using it directly and reduce noise.
Sourcery is free for open source - if you like our reviews please consider sharing them ✨
Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.

carlosthe19916
carlosthe19916 requested changes Feb 2, 2026
View reviewed changes
Copy link
Copy Markdown
Collaborator

@carlosthe19916 carlosthe19916 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the PR, some observations left below

e2e/tests/ui/pages/sbom-list/filter.spec.ts Outdated
testFilterMatches("Empty filter input is handled", {
filters: { "Filter text": "" },
assertions: { columnName: "Name", value: "quarkus-bom" },
assertions: { columnName: "Name", value: "claude-4-opus" },
Copy link
Copy Markdown
Collaborator

@carlosthe19916 carlosthe19916 Feb 2, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't think this change is necesary.
I think there are similar lines like this one in this PR

@codecov
Copy link
Copy Markdown

codecov bot commented Feb 2, 2026
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 64.05%. Comparing base (0bef992) to head (ca90723).
⚠️ Report is 13 commits behind head on main.

Additional details and impacted files 
@@            Coverage Diff             @@
##             main     #913      +/-   ##
==========================================
- Coverage   64.91%   64.05%   -0.87%     
==========================================
  Files         195      195              
  Lines        3338     3338              
  Branches      751      751              
==========================================
- Hits         2167     2138      -29     
- Misses        872      912      +40     
+ Partials      299      288      -11

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

carlosthe19916
carlosthe19916 approved these changes Feb 3, 2026
View reviewed changes
Copy link
Copy Markdown
Collaborator

@carlosthe19916 carlosthe19916 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@mrrajan LGTM!
Before merging it please address the two minor points I mentioned in my comments below

e2e/tests/ui/assertions/TableMatchers.ts Outdated
for (const row of allRows) {
await baseExpect(row).toContainText(value);
}
} else if (typeof rowIndex === "number") {
Copy link
Copy Markdown
Collaborator

@carlosthe19916 carlosthe19916 Feb 3, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The if (typeof rowIndex === "number") is not needed. Because the previous if-else conditions already discarded the possibility of rowIndex being undefined or "all" then typescript can tell that the only alternative is for it to be a number. Let's remove it for cleaning the code

Image

@mrrajan
test: script for AIBOM and CBOM label validation
0996ef4 
Signed-off-by: mrrajan <86094767+mrrajan@users.noreply.github.com.>
@mrrajan
Update test data
fc51997 
Signed-off-by: mrrajan <86094767+mrrajan@users.noreply.github.com.>
@mrrajan
Update rowIndex to handle All rows and given row
aa03a93 
Signed-off-by: mrrajan <86094767+mrrajan@users.noreply.github.com.>
@mrrajan
Remove console log for debugging
6c4dae9 
Signed-off-by: mrrajan <86094767+mrrajan@users.noreply.github.com.>
@mrrajan
Enhance return message
dc87cc0 
Signed-off-by: mrrajan <86094767+mrrajan@users.noreply.github.com.>
@mrrajan
Add regexp support to toHaveColumnWithValue table matcher
ca90723 
Signed-off-by: mrrajan <86094767+mrrajan@users.noreply.github.com.>

Assisted-by: Cursor
@mrrajan mrrajan added this pull request to the merge queue Feb 5, 2026
Merged via the queue into guacsec:main with commit 93fc4ab Feb 5, 2026
11 checks passed
@github-project-automation github-project-automation bot moved this to Done in Trustify Feb 5, 2026
@mrrajan mrrajan added the backport release/0.4.z This PR should be backported to release/0.4.z branch. label Feb 24, 2026
@mrrajan
Copy link
Copy Markdown
Contributor Author

mrrajan commented Feb 24, 2026

/backport

@trustify-ci-bot
Copy link
Copy Markdown
Contributor

trustify-ci-bot bot commented Feb 24, 2026

Backport failed for release/0.4.z, because it was unable to cherry-pick the commit(s).

Please cherry-pick the changes locally and resolve any conflicts.

git fetch origin release/0.4.z
git worktree add -d .worktree/backport-913-to-release/0.4.z origin/release/0.4.z
cd .worktree/backport-913-to-release/0.4.z
git switch --create backport-913-to-release/0.4.z
git cherry-pick -x 93fc4ab39f232f6ebd48b0855d9924067f345a2b

mrrajan added a commit to mrrajan/trustify-ui that referenced this pull request Feb 25, 2026
@mrrajan
test: script for AIBOM and CBOM label validation (guacsec#913)
1e2843b 
Signed-off-by: mrrajan <86094767+mrrajan@users.noreply.github.com.>
mrrajan added a commit to mrrajan/trustify-ui that referenced this pull request Feb 25, 2026
@mrrajan
test: script for AIBOM and CBOM label validation (guacsec#913)
58fe25f 
Signed-off-by: mrrajan <86094767+mrrajan@users.noreply.github.com.>
@mrrajan mrrajan mentioned this pull request Feb 25, 2026
Closed
mrrajan added a commit to mrrajan/trustify-ui that referenced this pull request Feb 25, 2026
@mrrajan
test: script for AIBOM and CBOM label validation (guacsec#913)
95090c2 
Signed-off-by: mrrajan <86094767+mrrajan@users.noreply.github.com.>
mrrajan added a commit to mrrajan/trustify-ui that referenced this pull request Mar 2, 2026
@mrrajan
test: script for AIBOM and CBOM label validation (guacsec#913)
046232c 
Signed-off-by: mrrajan <86094767+mrrajan@users.noreply.github.com.>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sourcery-ai sourcery-ai[bot] sourcery-ai[bot] left review comments

@carlosthe19916 carlosthe19916 carlosthe19916 approved these changes

Assignees

No one assigned

Labels

backport release/0.4.z This PR should be backported to release/0.4.z branch.

Projects

Trustify
Status: Done

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@mrrajan @carlosthe19916