fix: validating code and replacing the hard-coded severity list

abanoub-samy-farhan · abanoub-samy-farhan · commit 8192efb33b78 · 2025-04-26T02:13:07.000+03:00
Signed-off-by: Abanoub Aziz &lt;abanoubsamy2341@gmail.com&gt;
diff --git a/scanpipe/models.py b/scanpipe/models.py
@@ -2202,6 +2202,15 @@ def compliance_issues(self, severity):
 
         return self.filter(compliance_alert__in=severity_mapping[severity])
 
+    def compliance_alerts_ordered_by_severity(self):
+        """Return a list of compliance alerts ordered by severity."""
+        compliance = self.model.Compliance
+        return [
+            compliance.ERROR.value,
+            compliance.WARNING.value,
+            compliance.MISSING.value,
+        ]
+
 
 def convert_glob_to_django_regex(glob_pattern):
     """
diff --git a/scanpipe/pipes/compliance.py b/scanpipe/pipes/compliance.py
@@ -72,15 +72,17 @@ def group_compliance_alerts_by_severity(queryset):
     string representations of the instances associated with that severity.
     """
     compliance_alerts = defaultdict(list)
-    severity_levels = ['error', 'warning', 'missing']
+    severity_levels = queryset.compliance_alerts_ordered_by_severity()
 
     for instance in queryset:
         compliance_alerts[instance.compliance_alert].append(str(instance))
 
     # Sort keys for consistent ordering (["error", "warning", "missing"])
     sorted_keys = sorted(
         compliance_alerts.keys(),
-        key=lambda label: severity_levels.index(label) if label in severity_levels else len(severity_levels)
+        key=lambda label: severity_levels.index(label)
+        if label in severity_levels
+        else len(severity_levels),
     )
 
     sorted_compliance_alerts = {
diff --git a/scanpipe/tests/pipes/test_compliance.py b/scanpipe/tests/pipes/test_compliance.py
@@ -63,14 +63,15 @@ def test_scanpipe_compliance_get_project_compliance_alerts(self):
         make_package(
             project,
             package_url="pkg:generic/name@2.0",
-            compliance_alert=CodebaseResource.Compliance.WARNING,
+            compliance_alert=CodebaseResource.Compliance.ERROR,
         )
         make_package(
             project,
             package_url="pkg:generic/name@3.0",
             compliance_alert=CodebaseResource.Compliance.MISSING,
         )
-        compliance_alerts = get_project_compliance_alerts(project)
+        compliance_alerts = get_project_compliance_alerts(project, fail_level="missing")
+        print(compliance_alerts)
         expected = {
             "packages": {
                 "error": ["pkg:generic/name@1.0", "pkg:generic/name@2.0"],
