Skip to content

Fix automation #2700

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
david-a-wheeler merged 14 commits into from
Feb 13, 2026
Merged

Fix automation #2700

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
14 commits
Select commit Hold shift + click to select a range
98b3da8
Fix automation rules
david-a-wheeler Feb 13, 2026
e012650
Document final automation rules
david-a-wheeler Feb 13, 2026
9d1c361
Revise automation
david-a-wheeler Feb 13, 2026
e2e4bca
Simplify automation code
david-a-wheeler Feb 13, 2026
9976b81
Highlight justification changes
david-a-wheeler Feb 13, 2026
9839164
Add test for _justification-only change
david-a-wheeler Feb 13, 2026
e44b067
Fix typo
david-a-wheeler Feb 13, 2026
da0d6dd
Use URL to highlight save and continue automation
david-a-wheeler Feb 13, 2026
68ea5ee
Don't use hidden fields for highlighting
david-a-wheeler Feb 13, 2026
8143c71
Add license, implementation_languages, and CPE to all forms with auto…
david-a-wheeler Feb 13, 2026
d69906a
Add general_comments to General subsection in all forms
david-a-wheeler Feb 13, 2026
90db313
Add visual cues that "Save and continue" runs automation
david-a-wheeler Feb 13, 2026
79f02d1
Remove info icons from Save and continue buttons
david-a-wheeler Feb 13, 2026
344b695
Move robot emoji to follow Save and continue button text
david-a-wheeler Feb 13, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
330 changes: 170 additions & 160 deletions app/controllers/projects_controller.rb
View file
Open in desktop

Large diffs are not rendered by default.

4 changes: 2 additions & 2 deletions app/lib/github_basic_detective.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -146,12 +146,12 @@ def analyze(_evidence, current)
# but if this really is the "main" repo (as claimed) then this is met.
results[:osps_qa_01_01_status] = {
value: CriterionStatus::MET, confidence: 3,
explanation: 'Repository is publcly available on GitHub.'
explanation: 'Repository is publicly available on GitHub.'
}
# If the main repo is on GitHub, then git will store this
results[:osps_qa_01_02_status] = {
value: CriterionStatus::MET, confidence: 3,
explanation: 'Repository git metadata is publcly available on GitHub.'
explanation: 'Repository git metadata is publicly available on GitHub.'
}

# Get basic evidence
Expand Down
34 changes: 23 additions & 11 deletions app/lib/test_forced_detective.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,34 +3,46 @@
# Copyright the OpenSSF Best Practices badge contributors
# SPDX-License-Identifier: MIT

# Test-only detective that forces an override when given specific input.
# This detective is used to test override detection and warning paths
# Test-only detective that produces automation results for specific URLs.
# Used to test override detection, non-forced auto-fill, and warning paths
# in projects_controller without needing to mock Chief behavior.
#
# Only active in test environment. Only forces override for specific test URL.
# Only active in test environment. Only triggers for specific test URLs.
class TestForcedDetective < Detective
INPUTS = [:repo_url].freeze
OUTPUTS = [:description_good_status].freeze
OVERRIDABLE_OUTPUTS = [:description_good_status].freeze

# @return [Hash] Forced override for specific test URL, empty otherwise
# Map of test URLs to their confidence levels.
TEST_URLS = {
'https://example.com/test/force-override' => 5, # Forced override
'https://example.com/test/auto-fill' => 2 # Non-forced fill
}.freeze

# @return [Hash] Proposed change for specific test URLs, empty otherwise
def analyze(_evidence, current)
# Only force override for specific test URL pattern (non-GitHub to avoid VCR)
repo_url = current[:repo_url]

# Special URL to test Chief exception handling
if repo_url == 'https://example.com/test/chief-failure'
raise StandardError, 'Test chief failure for coverage'
end

return {} unless repo_url == 'https://example.com/test/force-override'
confidence = TEST_URLS[repo_url]
return {} unless confidence

{ description_good_status: met_proposal(confidence) }
end

private

# @param confidence [Integer] Confidence level for the proposal
# @return [Hash] A proposal hash setting description_good_status to Met
def met_proposal(confidence)
{
description_good_status: {
value: 'Met',
confidence: 5, # High confidence triggers forced override
explanation: 'Test override for automated override detection coverage'
}
value: 'Met',
confidence: confidence,
explanation: "Test automation (confidence #{confidence})"
}
end
end
274 changes: 19 additions & 255 deletions app/views/projects/_form_0.html.erb
View file
Open in desktop

Large diffs are not rendered by default.

40 changes: 22 additions & 18 deletions app/views/projects/_form_1.html.erb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,9 +25,6 @@
<%= bootstrap_form_for project, url: update_project_path(project, section: criteria_level) do |f| %>
<%= render 'shared/error_messages', object: f.object %>
<%= f.hidden_field :lock_version %>
<%# Store automation state across save-and-continue (just field names) %>
<%= hidden_field_tag :automated_fields, (@automated_fields || []).map { |f| f[:field] }.join(',') %>
<%= hidden_field_tag :overridden_fields, (@overridden_fields || []).map { |f| f[:field] }.join(',') %>

<br>

Expand All @@ -43,7 +40,7 @@
}) %>
<div class="panel-collapse collapse in">
<ul class="list-group">
<li class="list-group-item"><h3 id="section_identification"><%= t('headings.Identification') %></h3>
<li class="list-group-item"><h3 id="section_general_project_info"><%= t('headings.General_project_info') %></h3>
<%= render(partial: 'form_basics',
locals:
{
Expand Down Expand Up @@ -78,8 +75,9 @@
<% unless view_only %>
<div class="panel-footer text-center">
<%= t 'projects.edit.submit_cdla_permissive_20_html' %>
<%= f.button t('projects.edit.save_and_continue'), type: 'submit', name: 'continue',
value: 'changecontrol', class:"btn btn-success btn-submit" %>
<%= f.button "#{t('projects.edit.save_and_continue')} #{ApplicationHelper::ROBOT_EMOJI_SAFE}".html_safe, type: 'submit', name: 'continue',
value: 'changecontrol', class:"btn btn-success btn-submit",
title: t('projects.edit.save_and_continue_tooltip') %>
<%= f.submit t('projects.edit.submit_and_exit'), class:"btn btn-success btn-submit" %>
</div>
<% end %>
Expand All @@ -106,8 +104,9 @@
<% unless view_only %>
<div class="panel-footer text-center">
<%= t 'projects.edit.submit_cdla_permissive_20_html' %>
<%= f.button t('projects.edit.save_and_continue'), type: 'submit', name: 'continue',
value: 'reporting', class:"btn btn-success btn-submit" %>
<%= f.button "#{t('projects.edit.save_and_continue')} #{ApplicationHelper::ROBOT_EMOJI_SAFE}".html_safe, type: 'submit', name: 'continue',
value: 'reporting', class:"btn btn-success btn-submit",
title: t('projects.edit.save_and_continue_tooltip') %>
<%= f.submit t('projects.edit.submit_and_exit'), class:"btn btn-success btn-submit" %>
</div>
<% end %>
Expand Down Expand Up @@ -137,8 +136,9 @@
<% unless view_only %>
<div class="panel-footer text-center">
<%= t 'projects.edit.submit_cdla_permissive_20_html' %>
<%= f.button t('projects.edit.save_and_continue'), type: 'submit', name: 'continue',
value: 'quality', class:"btn btn-success btn-submit" %>
<%= f.button "#{t('projects.edit.save_and_continue')} #{ApplicationHelper::ROBOT_EMOJI_SAFE}".html_safe, type: 'submit', name: 'continue',
value: 'quality', class:"btn btn-success btn-submit",
title: t('projects.edit.save_and_continue_tooltip') %>
<%= f.submit t('projects.edit.submit_and_exit'), class:"btn btn-success btn-submit" %>
</div>
<% end %>
Expand Down Expand Up @@ -186,8 +186,9 @@
<% unless view_only %>
<div class="panel-footer text-center">
<%= t 'projects.edit.submit_cdla_permissive_20_html' %>
<%= f.button t('projects.edit.save_and_continue'), type: 'submit', name: 'continue',
value: 'security', class:"btn btn-success btn-submit" %>
<%= f.button "#{t('projects.edit.save_and_continue')} #{ApplicationHelper::ROBOT_EMOJI_SAFE}".html_safe, type: 'submit', name: 'continue',
value: 'security', class:"btn btn-success btn-submit",
title: t('projects.edit.save_and_continue_tooltip') %>
<%= f.submit t('projects.edit.submit_and_exit'), class:"btn btn-success btn-submit" %>
</div>
<% end %>
Expand Down Expand Up @@ -244,8 +245,9 @@
<% unless view_only %>
<div class="panel-footer text-center">
<%= t 'projects.edit.submit_cdla_permissive_20_html' %>
<%= f.button t('projects.edit.save_and_continue'), type: 'submit', name: 'continue',
value: 'analysis', class:"btn btn-success btn-submit" %>
<%= f.button "#{t('projects.edit.save_and_continue')} #{ApplicationHelper::ROBOT_EMOJI_SAFE}".html_safe, type: 'submit', name: 'continue',
value: 'analysis', class:"btn btn-success btn-submit",
title: t('projects.edit.save_and_continue_tooltip') %>
<%= f.submit t('projects.edit.submit_and_exit'), class:"btn btn-success btn-submit" %>
</div>
<% end %>
Expand Down Expand Up @@ -275,8 +277,9 @@
<% unless view_only %>
<div class="panel-footer text-center">
<%= t 'projects.edit.submit_cdla_permissive_20_html' %>
<%= f.button t('projects.edit.save_and_continue'), type: 'submit', name: 'continue',
value: 'future', class:"btn btn-success btn-submit" %>
<%= f.button "#{t('projects.edit.save_and_continue')} #{ApplicationHelper::ROBOT_EMOJI_SAFE}".html_safe, type: 'submit', name: 'continue',
value: 'future', class:"btn btn-success btn-submit",
title: t('projects.edit.save_and_continue_tooltip') %>
<%= f.submit t('projects.edit.submit_and_exit'), class:"btn btn-success btn-submit" %>
</div>
<% end %>
Expand All @@ -291,8 +294,9 @@
user: project.user_display_name %>
<% else %>
<%= t 'projects.edit.submit_cdla_permissive_20_html' %>
<%= f.button t('projects.edit.save_and_continue'), type: 'submit', name: 'continue',
value: 'Save', class:"btn btn-success btn-submit" %>
<%= f.button "#{t('projects.edit.save_and_continue')} #{ApplicationHelper::ROBOT_EMOJI_SAFE}".html_safe, type: 'submit', name: 'continue',
value: 'Save', class:"btn btn-success btn-submit",
title: t('projects.edit.save_and_continue_tooltip') %>
<%= f.submit t('projects.edit.submit_and_exit'), class:"btn btn-success btn-submit" %>
<% end %>
</div>
Expand Down
35 changes: 19 additions & 16 deletions app/views/projects/_form_2.html.erb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,9 +25,6 @@
<%= bootstrap_form_for project, url: update_project_path(project, section: criteria_level) do |f| %>
<%= render 'shared/error_messages', object: f.object %>
<%= f.hidden_field :lock_version %>
<%# Store automation state across save-and-continue (just field names) %>
<%= hidden_field_tag :automated_fields, (@automated_fields || []).map { |f| f[:field] }.join(',') %>
<%= hidden_field_tag :overridden_fields, (@overridden_fields || []).map { |f| f[:field] }.join(',') %>

<br>

Expand All @@ -43,7 +40,7 @@
}) %>
<div class="panel-collapse collapse in">
<ul class="list-group">
<li class="list-group-item"><h3 id="section_identification"><%= t('headings.Identification') %></h3>
<li class="list-group-item"><h3 id="section_general_project_info"><%= t('headings.General_project_info') %></h3>
<%= render(partial: 'form_basics',
locals:
{
Expand All @@ -67,8 +64,9 @@
<% unless view_only %>
<div class="panel-footer text-center">
<%= t 'projects.edit.submit_cdla_permissive_20_html' %>
<%= f.button t('projects.edit.save_and_continue'), type: 'submit', name: 'continue',
value: 'changecontrol', class:"btn btn-success btn-submit" %>
<%= f.button "#{t('projects.edit.save_and_continue')} #{ApplicationHelper::ROBOT_EMOJI_SAFE}".html_safe, type: 'submit', name: 'continue',
value: 'changecontrol', class:"btn btn-success btn-submit",
title: t('projects.edit.save_and_continue_tooltip') %>
<%= f.submit t('projects.edit.submit_and_exit'), class:"btn btn-success btn-submit" %>
</div>
<% end %>
Expand All @@ -95,8 +93,9 @@
<% unless view_only %>
<div class="panel-footer text-center">
<%= t 'projects.edit.submit_cdla_permissive_20_html' %>
<%= f.button t('projects.edit.save_and_continue'), type: 'submit', name: 'continue',
value: 'reporting', class:"btn btn-success btn-submit" %>
<%= f.button "#{t('projects.edit.save_and_continue')} #{ApplicationHelper::ROBOT_EMOJI_SAFE}".html_safe, type: 'submit', name: 'continue',
value: 'reporting', class:"btn btn-success btn-submit",
title: t('projects.edit.save_and_continue_tooltip') %>
<%= f.submit t('projects.edit.submit_and_exit'), class:"btn btn-success btn-submit" %>
</div>
<% end %>
Expand Down Expand Up @@ -127,8 +126,9 @@
<% unless view_only %>
<div class="panel-footer text-center">
<%= t 'projects.edit.submit_cdla_permissive_20_html' %>
<%= f.button t('projects.edit.save_and_continue'), type: 'submit', name: 'continue',
value: 'security', class:"btn btn-success btn-submit" %>
<%= f.button "#{t('projects.edit.save_and_continue')} #{ApplicationHelper::ROBOT_EMOJI_SAFE}".html_safe, type: 'submit', name: 'continue',
value: 'security', class:"btn btn-success btn-submit",
title: t('projects.edit.save_and_continue_tooltip') %>
<%= f.submit t('projects.edit.submit_and_exit'), class:"btn btn-success btn-submit" %>
</div>
<% end %>
Expand Down Expand Up @@ -181,8 +181,9 @@
<% unless view_only %>
<div class="panel-footer text-center">
<%= t 'projects.edit.submit_cdla_permissive_20_html' %>
<%= f.button t('projects.edit.save_and_continue'), type: 'submit', name: 'continue',
value: 'analysis', class:"btn btn-success btn-submit" %>
<%= f.button "#{t('projects.edit.save_and_continue')} #{ApplicationHelper::ROBOT_EMOJI_SAFE}".html_safe, type: 'submit', name: 'continue',
value: 'analysis', class:"btn btn-success btn-submit",
title: t('projects.edit.save_and_continue_tooltip') %>
<%= f.submit t('projects.edit.submit_and_exit'), class:"btn btn-success btn-submit" %>
</div>
<% end %>
Expand All @@ -208,8 +209,9 @@
<% unless view_only %>
<div class="panel-footer text-center">
<%= t 'projects.edit.submit_cdla_permissive_20_html' %>
<%= f.button t('projects.edit.save_and_continue'), type: 'submit', name: 'continue',
value: 'future', class:"btn btn-success btn-submit" %>
<%= f.button "#{t('projects.edit.save_and_continue')} #{ApplicationHelper::ROBOT_EMOJI_SAFE}".html_safe, type: 'submit', name: 'continue',
value: 'future', class:"btn btn-success btn-submit",
title: t('projects.edit.save_and_continue_tooltip') %>
<%= f.submit t('projects.edit.submit_and_exit'), class:"btn btn-success btn-submit" %>
</div>
<% end %>
Expand All @@ -224,8 +226,9 @@
user: project.user_display_name %>
<% else %>
<%= t 'projects.edit.submit_cdla_permissive_20_html' %>
<%= f.button t('projects.edit.save_and_continue'), type: 'submit', name: 'continue',
value: 'Save', class:"btn btn-success btn-submit" %>
<%= f.button "#{t('projects.edit.save_and_continue')} #{ApplicationHelper::ROBOT_EMOJI_SAFE}".html_safe, type: 'submit', name: 'continue',
value: 'Save', class:"btn btn-success btn-submit",
title: t('projects.edit.save_and_continue_tooltip') %>
<%= f.submit t('projects.edit.submit_and_exit'), class:"btn btn-success btn-submit" %>
<% end %>
</div>
Expand Down
15 changes: 7 additions & 8 deletions app/views/projects/_form_baseline.html.erb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -32,9 +32,6 @@
<%= bootstrap_form_for project, url: update_project_path(project, section: criteria_level) do |f| %>
<%= render 'shared/error_messages', object: f.object %>
<%= f.hidden_field :lock_version %>
<%# Store automation state across save-and-continue (just field names) %>
<%= hidden_field_tag :automated_fields, (@automated_fields || []).map { |f| f[:field] }.join(',') %>
<%= hidden_field_tag :overridden_fields, (@overridden_fields || []).map { |f| f[:field] }.join(',') %>

<br>

Expand All @@ -50,7 +47,7 @@
}) %>
<div class="panel-collapse collapse in">
<ul class="list-group">
<li class="list-group-item"><h3 id="section_identification"><%= t('headings.Identification') %></h3>
<li class="list-group-item"><h3 id="section_general_project_info"><%= t('headings.General_project_info') %></h3>
<%= render(partial: 'form_basics',
locals:
{
Expand All @@ -64,8 +61,9 @@
<% unless view_only %>
<div class="panel-footer text-center">
<%= t 'projects.edit.submit_cdla_permissive_20_html' %>
<%= f.button t('projects.edit.save_and_continue'), type: 'submit', name: 'continue',
value: 'controls', class:"btn btn-success btn-submit" %>
<%= f.button "#{t('projects.edit.save_and_continue')} #{ApplicationHelper::ROBOT_EMOJI_SAFE}".html_safe, type: 'submit', name: 'continue',
value: 'controls', class:"btn btn-success btn-submit",
title: t('projects.edit.save_and_continue_tooltip') %>
<%= f.submit t('projects.edit.submit_and_exit'), class:"btn btn-success btn-submit" %>
</div>
<% end %>
Expand Down Expand Up @@ -105,8 +103,9 @@
user: project.user_display_name %>
<% else %>
<%= t 'projects.edit.submit_cdla_permissive_20_html' %>
<%= f.button t('projects.edit.save_and_continue'), type: 'submit', name: 'continue',
value: 'Save', class:"btn btn-success btn-submit" %>
<%= f.button "#{t('projects.edit.save_and_continue')} #{ApplicationHelper::ROBOT_EMOJI_SAFE}".html_safe, type: 'submit', name: 'continue',
value: 'Save', class:"btn btn-success btn-submit",
title: t('projects.edit.save_and_continue_tooltip') %>
<%= f.submit t('projects.edit.submit_and_exit'), class:"btn btn-success btn-submit" %>
<% end %>
</div>
Expand Down
Loading