Rework of Vulnerability Database and Package Inspector#114
Merged
Conversation
…rked packageinspect
There was a problem hiding this comment.
Pull request overview
This PR refreshes the Vulnerability Database and Package Inspector experiences by introducing new “raw” layouts, richer detail pages (risk context, exploit messaging, ecosystem logos), and social sharing support via OG images.
Changes:
- Reworked CVE detail and PURL inspector pages into a new split-column “Shell” layout with banners, FAQs, CTAs, and updated search/filter UX.
- Added an OG image API endpoint and wired it into CVE detail meta tags for Open Graph/Twitter previews.
- Updated shared UI primitives (Button/Input/Badge/Tooltip) and added ecosystem logo assets used in lists.
Reviewed changes
Copilot reviewed 27 out of 46 changed files in this pull request and generated 5 comments.
Show a summary per file
| File | Description |
|---|---|
| src/styles/globals.css | Updates theme colors and hero layout alignment. |
| src/pages/vulnerability-database/[ID].mdx | Switches to raw layout and adds page-specific global CSS overrides. |
| src/pages/package-inspector/[purl].mdx | Switches to raw layout and adds page-specific global CSS overrides. |
| src/pages/api/vulndb/[id].ts | Uppercases IDs and adds upstream error handling/response behavior. |
| src/pages/api/og-image.tsx | Adds OG image generation endpoint (edge-style handler). |
| src/pages/_app.tsx | Improves page lookup fallback for index pages in the pageMap. |
| src/lib/fetcher.ts | Updates default API base URL. |
| src/components/vulnerability-database/vulnerability-database-page.tsx | Replaces DB FAQ/CTA components with shared section components and embeds FAQ content. |
| src/components/vulnerability-database/radar-chart.tsx | Adjusts Card styling (removes transparent/borderless rendering). |
| src/components/vulnerability-database/cve-detail.tsx | Major CVE detail UI rework; adds OG meta tags, exploit/EPSS/CVSS messaging, filtering and new layout. |
| src/components/ui/tooltip.tsx | Introduces Radix Tooltip wrapper components. |
| src/components/ui/Searchbar.tsx | Minor class ordering/style changes. |
| src/components/ui/input.tsx | Simplifies input structure and changes styling / search-button rendering. |
| src/components/ui/button.tsx | Expands variants/sizes and changes base styling/disabled behavior. |
| src/components/ui/badge.tsx | Tweaks badge shape and adds break-all. |
| src/components/sections/Faq.tsx | Refactors FAQ into a reusable component accepting FAQ data via props. |
| src/components/sections/DevGuardBanner.tsx | Adds reusable marketing banner component. |
| src/components/sections/Cta.tsx | Refactors CTA into a reusable component with configurable copy/links. |
| src/components/package-inspector/VulnerabilityList.tsx | Adds pagination + filtering and deduplication for vulnerability entries. |
| src/components/package-inspector/ScoreCardChart.tsx | Adjusts score badge styling and removes per-row bar visualization. |
| src/components/package-inspector/purlPage.tsx | Major Package Inspector detail UI rework; adds new layout, facts sidebar, vuln filtering, and SEO tags. |
| src/components/package-inspector/PackageSearch.tsx | Restyles search inputs and removes visible submit controls. |
| src/components/package-inspector/PackageInspectorPage.tsx | Adds FAQ + CTA sections to the landing page. |
| src/components/package-inspector/PackageHeroCard.tsx | Simplifies hero header content into a lighter badge-based header. |
| src/components/common/EcosystemImage.tsx | Adds ecosystem logo rendering with tooltip fallback to text. |
| src/components/404.tsx | Minor class ordering/style change. |
| public/logos/rubygems-svgrepo-com.svg | Adds Rubygems logo asset. |
| public/logos/php-svgrepo-com.svg | Adds PHP logo asset. |
| public/logos/packagist-svgrepo-com.svg | Adds Packagist logo asset. |
| public/logos/opencode.svg | Adds opencode logo asset. |
| public/logos/nuget-svgrepo-com.svg | Adds NuGet logo asset. |
| public/logos/npm-svgrepo-com.svg | Adds npm logo asset. |
| public/logos/nix-svgrepo-com.svg | Adds Nix logo asset. |
| public/logos/maven-svgrepo-com.svg | Adds Maven logo asset. |
| public/logos/golang-svgrepo-com.svg | Adds Go logo asset. |
| public/logos/deb-svgrepo-com.svg | Adds Debian logo asset. |
| public/logos/crates.io-svgrepo-com.svg | Adds Crates.io logo asset. |
| public/logos/cargo-svgrepo-com.svg | Adds Cargo logo asset. |
| public/logos/bitnami-svgrepo-com.svg | Adds Bitnami logo asset. |
| public/logos/apk-svgrepo-com.svg | Adds APK logo asset. |
| package.json | Updates ESLint version. |
| package-lock.json | Lockfile updates for ESLint dependency graph. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR refreshes the Vulnerability Database and Package Inspector experiences by introducing new “raw” layouts, richer detail pages (risk context, exploit messaging, ecosystem logos), and social sharing support via OG images.