feat: add Reachability Center and Why Drawer components with tests

- Implemented ReachabilityCenterComponent for displaying asset reachability status with summary and filtering options. - Added ReachabilityWhyDrawerComponent to show detailed reachability evidence and call paths. - Created unit tests for both components to ensure functionality and correctness. - Updated accessibility test results for the new components.
2025-12-12 18:50:35 +02:00
parent efaf3cb789
commit 3f3473ee3a
320 changed files with 10635 additions and 3677 deletions
--- a/docs/api/gateway/samples/policy-evidence-component.json
+++ b/docs/api/gateway/samples/policy-evidence-component.json
@@ -0,0 +1,86 @@
+{
+  "findings": [
+    {
+      "findingId": "finding-1",
+      "vulnId": "CVE-2024-12345",
+      "componentPurl": "pkg:npm/example@1.2.3",
+      "assetId": "asset::registry.local/ops/auth"
+    }
+  ],
+  "policy": {
+    "policyVersion": "sha256:policy-demo",
+    "items": [
+      {
+        "findingId": "finding-1",
+        "status": "affected",
+        "severityBand": "High",
+        "severityScore": 7.5,
+        "exceptions": [
+          {
+            "schemaVersion": "1.0",
+            "exceptionId": "exc-001",
+            "tenantId": "tenant-default",
+            "name": "temporary-risk-acceptance",
+            "displayName": "Temporary Risk Acceptance",
+            "status": "approved",
+            "severity": "high",
+            "scope": {
+              "type": "component",
+              "componentPurls": ["pkg:npm/example@1.2.3"],
+              "vulnIds": ["CVE-2024-12345"]
+            },
+            "justification": {
+              "template": "risk-accepted",
+              "text": "Approved for demo tenant while remediation is planned."
+            },
+            "timebox": {
+              "startDate": "2025-12-01T00:00:00Z",
+              "endDate": "2025-12-31T23:59:59Z"
+            },
+            "createdBy": "user:demo",
+            "createdAt": "2025-12-01T00:00:00Z",
+            "updatedBy": "user:demo",
+            "updatedAt": "2025-12-10T00:00:00Z"
+          }
+        ]
+      }
+    ],
+    "continuationToken": null,
+    "traceId": "trace-sample-6"
+  },
+  "advisories": [
+    {
+      "advisoryId": "CVE-2024-12345",
+      "source": "cve",
+      "title": "Example advisory for offline demo",
+      "severity": "high",
+      "publishedAt": "2025-12-01T00:00:00Z",
+      "updatedAt": "2025-12-10T00:00:00Z",
+      "cveIds": ["CVE-2024-12345"],
+      "affectedPurls": ["pkg:npm/example@1.2.3"],
+      "etag": "\"adv-CVE-2024-12345-v1\""
+    }
+  ],
+  "vexStatements": [
+    {
+      "statementId": "vex::tenant-default::CVE-2024-12345::001",
+      "vulnId": "CVE-2024-12345",
+      "productId": "asset::registry.local/ops/auth",
+      "status": "not_affected",
+      "justification": "Component not present in runtime image.",
+      "updatedAt": "2025-12-10T00:00:00Z",
+      "etag": "\"vex-001-v1\""
+    }
+  ],
+  "linksets": [
+    {
+      "findingId": "finding-1",
+      "vulnId": "CVE-2024-12345",
+      "advisoryIds": ["CVE-2024-12345"],
+      "vexStatementIds": ["vex::tenant-default::CVE-2024-12345::001"]
+    }
+  ],
+  "traceId": "trace-sample-6",
+  "etag": "\"policy-evidence-sample-1\""
+}
+