From 72cdb18f04ce1ba5e89e54d803a962734ac5b4ee Mon Sep 17 00:00:00 2001
From: Richard Wang <richardwa@google.com>
Date: Tue, 8 Feb 2022 17:23:59 +0900
Subject: [PATCH 1/8] initial search impl

---
 gcp/appengine/frontend3/src/styles.scss | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/gcp/appengine/frontend3/src/styles.scss b/gcp/appengine/frontend3/src/styles.scss
index ea56e1cb493..0974c414f23 100644
--- a/gcp/appengine/frontend3/src/styles.scss
+++ b/gcp/appengine/frontend3/src/styles.scss
@@ -201,6 +201,11 @@ pre {
     content: '';
     display: block;
   }
+
+  // Hide the submit button.
+  input[type=submit] {
+    display: none;
+  }
 }
 
 // Hax: Make @material/mwc-icon-button play well with @material/data-table.

From daeaef58aec8c5e86f984f4238503323018cad4b Mon Sep 17 00:00:00 2001
From: Richard Wang <richardwa@google.com>
Date: Tue, 8 Feb 2022 18:21:18 +0900
Subject: [PATCH 2/8] initial ecosystem impl

the chips won't trigger search when clicked yet, however
---
 gcp/appengine/frontend3/src/styles.scss | 5 -----
 1 file changed, 5 deletions(-)

diff --git a/gcp/appengine/frontend3/src/styles.scss b/gcp/appengine/frontend3/src/styles.scss
index 0974c414f23..ea56e1cb493 100644
--- a/gcp/appengine/frontend3/src/styles.scss
+++ b/gcp/appengine/frontend3/src/styles.scss
@@ -201,11 +201,6 @@ pre {
     content: '';
     display: block;
   }
-
-  // Hide the submit button.
-  input[type=submit] {
-    display: none;
-  }
 }
 
 // Hax: Make @material/mwc-icon-button play well with @material/data-table.

From 519d13e428135b85a5e6875dd259ad18859be268 Mon Sep 17 00:00:00 2001
From: Richard Wang <richardwa@google.com>
Date: Wed, 9 Feb 2022 16:17:11 +0900
Subject: [PATCH 3/8] pass vulns in list directly to template, fix packages
 display

---
 gcp/appengine/frontend3/src/templates/list.html |  8 +++++---
 gcp/appengine/frontend_handlers.py              | 11 +----------
 2 files changed, 6 insertions(+), 13 deletions(-)

diff --git a/gcp/appengine/frontend3/src/templates/list.html b/gcp/appengine/frontend3/src/templates/list.html
index 9a08ab91133..04e616e616c 100644
--- a/gcp/appengine/frontend3/src/templates/list.html
+++ b/gcp/appengine/frontend3/src/templates/list.html
@@ -70,17 +70,19 @@ <h1 class="title">Vulnerability Library</h1>
             <a href="{{ url_for('frontend_handlers.vulnerability', id=vulnerability.id) }}">{{ vulnerability.id }}</a>
           </span>
           <span role="cell" class="vuln-table-cell mdc-data-table__cell">
-            {% for package in vulnerability.packages %}
-            {{ package }}
+            {% for affected in vulnerability.affected %}
+            {{ affected.package.ecosystem }}/{{ affected.package.name }}
             {% endfor %}
           </span>
           <span role="cell" class="vuln-table-cell mdc-data-table__cell">
             {{ vulnerability.summary }}
           </span>
           <span role="cell" class="vuln-table-cell mdc-data-table__cell">
-            {% for version in vulnerability.versions %}
+            {% for affected in vulnerability.affected %}
+            {% for version in affected.versions %}
             {{ version }}
             {% endfor %}
+            {% endfor %}
           </span>
           <span role="cell" class="vuln-table-cell mdc-data-table__cell"></span>
           <span role="cell" class="vuln-table-cell mdc-data-table__cell"></span>
diff --git a/gcp/appengine/frontend_handlers.py b/gcp/appengine/frontend_handlers.py
index 884c2e12573..f805d4b2837 100644
--- a/gcp/appengine/frontend_handlers.py
+++ b/gcp/appengine/frontend_handlers.py
@@ -92,15 +92,6 @@ def list():
   ecosystem = request.args.get('ecosystem')
   results = osv_query(query, page, False, ecosystem)
 
-  vulnerabilities = []
-  for item in results['items']:
-    vulnerabilities.append({
-        "id": item['id'],
-        "summary": item['summary'] if 'summary' in item else '',
-        "packages": item['affected'][0]['package']['ecosystem'],
-        "versions": item['affected'][0]['versions']
-    })
-
   # Fetch ecosystems by default. As an optimization, skip when rendering page fragments.
   ecosystems = osv_get_ecosystems(
   ) if not request.headers.get('Turbo-Frame') else None
@@ -111,7 +102,7 @@ def list():
       query=query,
       selected_ecosystem=ecosystem,
       ecosystems=ecosystems,
-      vulnerabilities=vulnerabilities)
+      vulnerabilities=results['items'])
 
 
 @blueprint.route('/v2/vulnerability/<id>')

From 6679687dec9d242a5cbdd87ded78f789fa379aa9 Mon Sep 17 00:00:00 2001
From: Richard Wang <richardwa@google.com>
Date: Wed, 9 Feb 2022 16:25:48 +0900
Subject: [PATCH 4/8] add more columns

---
 gcp/appengine/frontend3/src/templates/list.html | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/gcp/appengine/frontend3/src/templates/list.html b/gcp/appengine/frontend3/src/templates/list.html
index 04e616e616c..0d4916f51ac 100644
--- a/gcp/appengine/frontend3/src/templates/list.html
+++ b/gcp/appengine/frontend3/src/templates/list.html
@@ -60,6 +60,8 @@ <h1 class="title">Vulnerability Library</h1>
         {{ table_header_cell('affected-versions', 'Affected versions') }}
         {{ table_header_cell('ecosystem', 'Ecosystem') }}
         {{ table_header_cell('last-modified', 'Last modified') }}
+        {{ table_header_cell('fixed', 'Fix') }}
+        {{ table_header_cell('severity', 'Severity') }}
       </div>
     </div>
     <div role="rowgroup" class="vuln-table-rows mdc-data-table__content">
@@ -85,6 +87,10 @@ <h1 class="title">Vulnerability Library</h1>
             {% endfor %}
           </span>
           <span role="cell" class="vuln-table-cell mdc-data-table__cell"></span>
+          <span role="cell" class="vuln-table-cell mdc-data-table__cell">
+            {{ vulnerability.modified }}
+          </span>
+          <span role="cell" class="vuln-table-cell mdc-data-table__cell"></span>
           <span role="cell" class="vuln-table-cell mdc-data-table__cell"></span>
         </div>
         {% endfor %}

From 30098d8062d15542bafa07e7c1dff8790e14a144 Mon Sep 17 00:00:00 2001
From: Richard Wang <richardwa@google.com>
Date: Wed, 9 Feb 2022 16:33:47 +0900
Subject: [PATCH 5/8] overrides for mdc table styling

---
 gcp/appengine/frontend3/src/styles.scss | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/gcp/appengine/frontend3/src/styles.scss b/gcp/appengine/frontend3/src/styles.scss
index ea56e1cb493..32c266f0147 100644
--- a/gcp/appengine/frontend3/src/styles.scss
+++ b/gcp/appengine/frontend3/src/styles.scss
@@ -215,6 +215,17 @@ mwc-icon-button.mdc-data-table__sort-icon-button {
   overflow-x: scroll;
   width: 100%;
 
+  // Override MDC table styling.
+  border-width: 0;
+  .mdc-data-table__header-cell {
+    border-bottom-color: $osv-text-color;
+    border-bottom-style: solid;
+    font-family: $osv-heading-font-family;
+  }
+  .mdc-data-table__cell {
+    border-bottom-style: dashed;
+  }
+
   // Apply table display etc.
   .vuln-table {
     display: table;

From b71ce7e5d837fd5fd41600341718b913fb562fc7 Mon Sep 17 00:00:00 2001
From: Richard Wang <richardwa@google.com>
Date: Wed, 9 Feb 2022 18:29:40 +0900
Subject: [PATCH 6/8] initial homepage styling

---
 gcp/appengine/frontend3/src/base.html         |  1 +
 gcp/appengine/frontend3/src/styles.scss       | 24 +++++++++++++++++++
 .../frontend3/src/templates/home.html         | 12 ++++++++--
 3 files changed, 35 insertions(+), 2 deletions(-)

diff --git a/gcp/appengine/frontend3/src/base.html b/gcp/appengine/frontend3/src/base.html
index 13158e83499..b755455c96e 100644
--- a/gcp/appengine/frontend3/src/base.html
+++ b/gcp/appengine/frontend3/src/base.html
@@ -4,6 +4,7 @@
   <link rel="preconnect" href="https://fonts.googleapis.com">
   <link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
   <link href="https://fonts.googleapis.com/css?family=Material+Icons&display=block" rel="stylesheet">
+  <link href="https://fonts.googleapis.com/css2?family=Google+Material+Icons:wght@400;500;700" rel="stylesheet">
   <link href="https://fonts.googleapis.com/css2?family=Overpass+Mono&family=Overpass:ital,wght@0,400;0,700;1,400&display=swap" rel="stylesheet">
   <meta charset="utf-8">
   <title>OSV</title>
diff --git a/gcp/appengine/frontend3/src/styles.scss b/gcp/appengine/frontend3/src/styles.scss
index 32c266f0147..ca1f4c11c2f 100644
--- a/gcp/appengine/frontend3/src/styles.scss
+++ b/gcp/appengine/frontend3/src/styles.scss
@@ -337,3 +337,27 @@ dl.vulnerability-details,
     border-bottom: 1px dashed #fff;
   }
 }
+
+/** Home page */
+
+.home-page {
+  .title {
+    font-size: 60px;
+    line-height: 70px;
+  }
+
+  .explainer {
+    font-size: 20px;
+  }
+
+  .google-backed::after {
+    display: inline;
+    content: 'google';
+    font-family: 'Google Material Icons';
+  }
+
+  .usage-examples .heading {
+    font-size: 60px;
+    text-align: center;
+  }
+}
diff --git a/gcp/appengine/frontend3/src/templates/home.html b/gcp/appengine/frontend3/src/templates/home.html
index 6acfcb433ea..c3ccda1bf88 100644
--- a/gcp/appengine/frontend3/src/templates/home.html
+++ b/gcp/appengine/frontend3/src/templates/home.html
@@ -4,10 +4,10 @@
 {% block content %}
 <div class="mdc-layout-grid">
   <div class="mdc-layout-grid__inner home-page">
-    <div class="mdc-layout-grid__cell--span-8 hero">
+    <div class="mdc-layout-grid__cell--span-6 hero">
       <h1 class="title">A complete picture of vulnerabilities in your open source dependencies.</h1>
       <div class="explainer">
-        <p>
+        <p class="google-backed">
           An ongoing project backed by Google.
         </p>
         <p>
@@ -16,6 +16,14 @@ <h1 class="title">A complete picture of vulnerabilities in your open source depe
           maintenance across major open source ecosystems.
         </p>
       </div>
+      <div class="cta">
+        <a class="cta-primary link-button" href="{{ url_for('frontend_handlers.list') }}">Search Vulnerability Database</a>
+        <a class="cta-secondary" href="#">Learn more</a>
+      </div>
+    </div>
+    <div class="mdc-layout-grid__cell--span-12 usage-examples">
+      <h2 class="heading">Use the API</h2>
+      ...
     </div>
   </div>
 </div>

From 337731f60358c0262c913f04297f2078dbf17640 Mon Sep 17 00:00:00 2001
From: Richard Wang <richardwa@google.com>
Date: Thu, 10 Feb 2022 21:05:25 +0900
Subject: [PATCH 7/8] fix version listing if there is none set

---
 gcp/appengine/frontend3/src/templates/list.html | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/gcp/appengine/frontend3/src/templates/list.html b/gcp/appengine/frontend3/src/templates/list.html
index 0d4916f51ac..7a742707506 100644
--- a/gcp/appengine/frontend3/src/templates/list.html
+++ b/gcp/appengine/frontend3/src/templates/list.html
@@ -80,10 +80,10 @@ <h1 class="title">Vulnerability Library</h1>
             {{ vulnerability.summary }}
           </span>
           <span role="cell" class="vuln-table-cell mdc-data-table__cell">
-            {% for affected in vulnerability.affected %}
-            {% for version in affected.versions %}
-            {{ version }}
-            {% endfor %}
+            {% for version in vulnerability.affected | map(attribute='versions', default=[]) | sum(start=[]) %}
+              {{ version }}
+            {% else %}
+              See details.
             {% endfor %}
           </span>
           <span role="cell" class="vuln-table-cell mdc-data-table__cell"></span>

From 3504293dbeb6a169d9c51279ee0c9fbbb4dfa58f Mon Sep 17 00:00:00 2001
From: Richard Wang <richardwa@google.com>
Date: Thu, 10 Feb 2022 21:17:28 +0900
Subject: [PATCH 8/8] don't force the horizontal scrollbar

work still tbd on adjusting the columns
---
 gcp/appengine/frontend3/src/styles.scss | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/gcp/appengine/frontend3/src/styles.scss b/gcp/appengine/frontend3/src/styles.scss
index ca1f4c11c2f..773853837f4 100644
--- a/gcp/appengine/frontend3/src/styles.scss
+++ b/gcp/appengine/frontend3/src/styles.scss
@@ -212,7 +212,7 @@ mwc-icon-button.mdc-data-table__sort-icon-button {
 
 .vuln-table-container {
   // The vulnerability list should be full-width but not overflow the page bounds.
-  overflow-x: scroll;
+  overflow-x: auto;
   width: 100%;
 
   // Override MDC table styling.