From 30fe2a1fd2e2b204d25f880f307ab2a91916efaa Mon Sep 17 00:00:00 2001
From: tdruez <tdruez@nexb.com>
Date: Mon, 3 Mar 2025 10:41:39 +0400
Subject: [PATCH 1/5] Add ability to provide initial values in
 ProjectCreateView

Signed-off-by: tdruez <tdruez@nexb.com>
---
 scanpipe/views.py | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/scanpipe/views.py b/scanpipe/views.py
index 52e48c30b4..a5a9437966 100644
--- a/scanpipe/views.py
+++ b/scanpipe/views.py
@@ -639,6 +639,14 @@ class ProjectCreateView(ConditionalLoginRequired, FormAjaxMixin, generic.CreateV
     form_class = ProjectForm
     template_name = "scanpipe/project_form.html"
 
+    def get_initial(self):
+        """Get initial data for the form from the URL query parameters."""
+        initial = super().get_initial()
+        for field in self.form_class().fields:
+            if value := self.request.GET.get(field):
+                initial[field] = value
+        return initial
+
     def get_context_data(self, **kwargs):
         context = super().get_context_data(**kwargs)
         pipelines = {

From ba5029edec953833b16b2d9701e6da23605bf7ca Mon Sep 17 00:00:00 2001
From: tdruez <tdruez@nexb.com>
Date: Mon, 3 Mar 2025 10:42:10 +0400
Subject: [PATCH 2/5] Display scan and download links in Package list

Signed-off-by: tdruez <tdruez@nexb.com>
---
 scanpipe/templates/scanpipe/package_list.html | 30 ++++++++++++++-----
 1 file changed, 22 insertions(+), 8 deletions(-)

diff --git a/scanpipe/templates/scanpipe/package_list.html b/scanpipe/templates/scanpipe/package_list.html
index ee415673f8..0853729938 100644
--- a/scanpipe/templates/scanpipe/package_list.html
+++ b/scanpipe/templates/scanpipe/package_list.html
@@ -22,14 +22,28 @@
       <tbody>
         {% for package in object_list %}
           <tr class="break-word">
-            <td style="min-width: 500px;" title="{{ package.package_uid }}">
-              {# CAUTION: Avoid relying on get_absolute_url to prevent unnecessary query triggers #}
-              <a href="{% url 'package_detail' project.slug package.uuid %}">{{ package.package_url }}</a>
-              {% if package.is_vulnerable %}
-                <a href="{% url 'package_detail' project.slug package.uuid %}#vulnerabilities">
-                  <i class="fa-solid fa-bug fa-sm has-text-danger" title="Vulnerabilities"></i>
-                </a>
-              {% endif %}
+            <td style="min-width: 500px;">
+              <div class="is-flex is-justify-content-space-between">
+                <div title="{{ package.package_uid }}">
+                  {# CAUTION: Avoid relying on get_absolute_url to prevent unnecessary query triggers #}
+                  <a href="{% url 'package_detail' project.slug package.uuid %}">{{ package.package_url }}</a>
+                </div>
+                <div>
+                  {% if package.is_vulnerable %}
+                    <a href="{% url 'package_detail' project.slug package.uuid %}#vulnerabilities">
+                      <i class="fa-solid fa-bug fa-sm has-text-danger" title="Vulnerabilities"></i>
+                    </a>
+                  {% endif %}
+                  {% if package.download_url %}
+                    <a class="is-grey-link ml-1" href="{{ package.download_url }}" title="Download" target="_blank" title="{{ package.download_url }}">
+                      <i class="fa-solid fa-download fa-sm"></i>
+                    </a>
+                    <a class="is-grey-link ml-1" title="Scan" href="{% url 'project_add' %}?name=package-{{ package.uuid }}&input_urls={{ package.download_url }}&pipeline=scan_single_package">
+                      <i class="fa-solid fa-barcode fa-sm"></i>
+                    </a>
+                  {% endif %}
+                </div>
+              </div>
             </td>
             <td style="min-width: 300px; max-width: 400px;">
               <a href="?declared_license_expression={{ package.declared_license_expression }}" class="is-black-link">

From 53f7c81159263e65277fa2927c5c6997f8c18b19 Mon Sep 17 00:00:00 2001
From: tdruez <tdruez@nexb.com>
Date: Mon, 3 Mar 2025 11:06:51 +0400
Subject: [PATCH 3/5] Add analysis_subproject field on DiscoveredPackage model
 #1613

To track analysis of the package as a subproject

Signed-off-by: tdruez <tdruez@nexb.com>
---
 ...0_discoveredpackage_analysis_subproject.py | 19 +++++++++++++++++++
 scanpipe/models.py                            |  9 +++++++++
 2 files changed, 28 insertions(+)
 create mode 100644 scanpipe/migrations/0070_discoveredpackage_analysis_subproject.py

diff --git a/scanpipe/migrations/0070_discoveredpackage_analysis_subproject.py b/scanpipe/migrations/0070_discoveredpackage_analysis_subproject.py
new file mode 100644
index 0000000000..2702972519
--- /dev/null
+++ b/scanpipe/migrations/0070_discoveredpackage_analysis_subproject.py
@@ -0,0 +1,19 @@
+# Generated by Django 5.1.5 on 2025-03-03 06:53
+
+import django.db.models.deletion
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('scanpipe', '0069_project_purl'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='discoveredpackage',
+            name='analysis_subproject',
+            field=models.OneToOneField(blank=True, editable=False, help_text='Sub-project dedicated to analyzing this package.', null=True, on_delete=django.db.models.deletion.SET_NULL, related_name='analyzed_package', to='scanpipe.project'),
+        ),
+    ]
diff --git a/scanpipe/models.py b/scanpipe/models.py
index 0461cc663a..0f448c43f4 100644
--- a/scanpipe/models.py
+++ b/scanpipe/models.py
@@ -3442,6 +3442,15 @@ class DiscoveredPackage(
     notes = models.TextField(blank=True)
     source_packages = models.JSONField(default=list, blank=True)
     tag = models.CharField(blank=True, max_length=50)
+    analysis_subproject = models.OneToOneField(
+        Project,
+        related_name="analyzed_package",
+        help_text=_("Sub-project dedicated to analyzing this package."),
+        on_delete=models.SET_NULL,
+        blank=True,
+        null=True,
+        editable=False,
+    )
 
     objects = DiscoveredPackageQuerySet.as_manager()
 

From 91b3d98d6a975bdf9a3d5d78009e27bad1c1237e Mon Sep 17 00:00:00 2001
From: tdruez <tdruez@nexb.com>
Date: Mon, 3 Mar 2025 11:07:22 +0400
Subject: [PATCH 4/5] Refine the actions display in Pacakge list #1613

Signed-off-by: tdruez <tdruez@nexb.com>
---
 scanpipe/templates/scanpipe/package_list.html | 14 ++++++++++----
 1 file changed, 10 insertions(+), 4 deletions(-)

diff --git a/scanpipe/templates/scanpipe/package_list.html b/scanpipe/templates/scanpipe/package_list.html
index 0853729938..5283e36778 100644
--- a/scanpipe/templates/scanpipe/package_list.html
+++ b/scanpipe/templates/scanpipe/package_list.html
@@ -35,12 +35,18 @@
                     </a>
                   {% endif %}
                   {% if package.download_url %}
-                    <a class="is-grey-link ml-1" href="{{ package.download_url }}" title="Download" target="_blank" title="{{ package.download_url }}">
+                    <a class="is-grey-link ml-1" href="{{ package.download_url }}" title="Download {{ package.download_url }}" target="_blank">
                       <i class="fa-solid fa-download fa-sm"></i>
                     </a>
-                    <a class="is-grey-link ml-1" title="Scan" href="{% url 'project_add' %}?name=package-{{ package.uuid }}&input_urls={{ package.download_url }}&pipeline=scan_single_package">
-                      <i class="fa-solid fa-barcode fa-sm"></i>
-                    </a>
+                    {% if package.analysis_subproject %}
+                      <a class="is-grey-link ml-1" title="View scan page" href="{% url 'project_detail' package.analysis_subproject.slug %}" target="_blank">
+                        <i class="fa-solid fa-eye fa-sm"></i>
+                      </a>
+                    {% else %}
+                      <a class="is-grey-link ml-1" title="Scan package" href="{% url 'project_add' %}?name=package-{{ package.uuid }}&input_urls={{ package.download_url }}&pipeline=scan_single_package" target="_blank">
+                        <i class="fa-solid fa-barcode fa-sm"></i>
+                      </a>
+                    {% endif %}
                   {% endif %}
                 </div>
               </div>

From d72a8cd224f7c6f985d145f8f0e11d74cd0839d7 Mon Sep 17 00:00:00 2001
From: tdruez <tdruez@nexb.com>
Date: Tue, 4 Mar 2025 12:45:38 +0400
Subject: [PATCH 5/5] Display a warning notification on the analyzed_package
 project page

Signed-off-by: tdruez <tdruez@nexb.com>
---
 .../project_analyzed_package_warning.html     | 26 +++++++++++++++++++
 .../templates/scanpipe/project_detail.html    |  4 +++
 scanpipe/tests/test_models.py                 |  1 +
 scanpipe/views.py                             |  2 ++
 4 files changed, 33 insertions(+)
 create mode 100644 scanpipe/templates/scanpipe/includes/project_analyzed_package_warning.html

diff --git a/scanpipe/templates/scanpipe/includes/project_analyzed_package_warning.html b/scanpipe/templates/scanpipe/includes/project_analyzed_package_warning.html
new file mode 100644
index 0000000000..23a1f5756d
--- /dev/null
+++ b/scanpipe/templates/scanpipe/includes/project_analyzed_package_warning.html
@@ -0,0 +1,26 @@
+<section class="pt-0 mx-5 mb-3">
+  <article class="message is-warning">
+    <div class="message-body">
+      <p class="block">
+        <span class="icon width-1 height-1 mr-1">
+          <i class="fa-solid fa-info-circle"></i>
+        </span>
+        <span>
+          This package analysis was initiated for the
+          <strong>
+            <a href="{% url 'package_detail' project.analyzed_package.project.slug project.analyzed_package.uuid %}">
+              {{ project.analyzed_package.package_url }}
+            </a>
+          </strong>
+          package of the
+          <strong>
+            <a href="{% url 'project_detail' project.analyzed_package.project.slug %}">
+              {{ project.analyzed_package.project.slug }}
+            </a>
+          </strong>
+          project.
+        </span>
+      </p>
+    </div>
+  </article>
+</section>
\ No newline at end of file
diff --git a/scanpipe/templates/scanpipe/project_detail.html b/scanpipe/templates/scanpipe/project_detail.html
index 89cad4436b..b20b8a1d64 100644
--- a/scanpipe/templates/scanpipe/project_detail.html
+++ b/scanpipe/templates/scanpipe/project_detail.html
@@ -54,6 +54,10 @@
     </section>
 
     <hr class="mx-5 mt-0">
+
+    {% if project.analyzed_package %}
+      {% include "scanpipe/includes/project_analyzed_package_warning.html" %}
+    {% endif %}
     {% include "scanpipe/includes/project_summary_level.html" with project=project title_class="title" %}
 
     <section class="pt-0 mx-5">
diff --git a/scanpipe/tests/test_models.py b/scanpipe/tests/test_models.py
index 428591bf0c..bc086f4bfe 100644
--- a/scanpipe/tests/test_models.py
+++ b/scanpipe/tests/test_models.py
@@ -2503,6 +2503,7 @@ def test_scanpipe_package_model_integrity_with_toolkit_package_model(self):
             "resolved_from_dependencies",
             "parent_packages",
             "children_packages",
+            "analysis_subproject",
             "notes",
         ]
 
diff --git a/scanpipe/views.py b/scanpipe/views.py
index a5a9437966..937b672405 100644
--- a/scanpipe/views.py
+++ b/scanpipe/views.py
@@ -1662,11 +1662,13 @@ def get_queryset(self):
                 "package_uid",
                 *PACKAGE_URL_FIELDS,
                 "project",
+                "download_url",
                 "primary_language",
                 "declared_license_expression",
                 "compliance_alert",
                 "copyright",
                 "affected_by_vulnerabilities",
+                "analysis_subproject",
             )
             .with_resources_count()
             .order_by_package_url()