Technical review queue (#4775)

* chore: fix typo in status message

* feat(labrinth): overhaul malware scanner report storage and routes

* chore: address some review comments

* feat: add Delphi to Docker Compose `with-delphi` profile

* chore: fix unused import Clippy lint

* feat(labrinth/delphi): use PAT token authorization with project read scopes

* chore: expose file IDs in version queries

* fix: accept null decompiled source payloads from Delphi

* tweak(labrinth): expose base62 file IDs more consistently for Delphi

* feat(labrinth/delphi): support new Delphi report severity field

* chore(labrinth): run `cargo sqlx prepare` to fix Docker build errors

* tweak: add route for fetching Delphi issue type schema, abstract Labrinth away from issue types

* chore: run `cargo sqlx prepare`

* chore: fix typo on frontend generated state file message

* feat: update to use new Delphi issue schema

* wip: tech review endpoints

* wip: add ToSchema for dependent types

* wip: report issues return

* wip

* wip: returning more data

* wip

* Fix up db query

* Delphi configuration to talk to Labrinth

* Get Delphi working with Labrinth

* Add Delphi dummy fixture

* Better Delphi logging

* Improve utoipa for tech review routes

* Add more sorting options for tech review queue

* Oops join

* New routes for fetching issues and reports

* Fix which kind of ID is returned in tech review endpoints

* Deduplicate tech review report rows

* Reduce info sent for projects

* Fetch more thread info

* Address PR comments

* fix ci

* fix postgres version mismatch

* fix version creation

* Implement routes

* fix up tech review

* Allow adding a moderation comment to Delphi rejections

* fix up rebase

* exclude rejected projects from tech review

* add status change msg to tech review thread

* cargo sqlx prepare

* also ignore withheld projects

* More filtering on issue search

* wip: report routes

* Fix up for build

* cargo sqlx prepare

* fix thread message privacy

* New tech review search route

* submit route

* details have statuses now

* add default to drid status

* dedup issue details

* fix sqlx query on empty files

* fixes

* Dedupe issue detail statuses and message on entering tech rev

* Fix qa issues

* Fix qa issues

* fix review comments

* typos

* fix ci

* feat: tech review frontend (#4781)

* chore: fix typo in status message

* feat(labrinth): overhaul malware scanner report storage and routes

* chore: address some review comments

* feat: add Delphi to Docker Compose `with-delphi` profile

* chore: fix unused import Clippy lint

* feat(labrinth/delphi): use PAT token authorization with project read scopes

* chore: expose file IDs in version queries

* fix: accept null decompiled source payloads from Delphi

* tweak(labrinth): expose base62 file IDs more consistently for Delphi

* feat(labrinth/delphi): support new Delphi report severity field

* chore(labrinth): run `cargo sqlx prepare` to fix Docker build errors

* tweak: add route for fetching Delphi issue type schema, abstract Labrinth away from issue types

* chore: run `cargo sqlx prepare`

* chore: fix typo on frontend generated state file message

* feat: update to use new Delphi issue schema

* wip: tech review endpoints

* wip: add ToSchema for dependent types

* wip: report issues return

* wip

* wip: returning more data

* wip

* Fix up db query

* Delphi configuration to talk to Labrinth

* Get Delphi working with Labrinth

* Add Delphi dummy fixture

* Better Delphi logging

* Improve utoipa for tech review routes

* Add more sorting options for tech review queue

* Oops join

* New routes for fetching issues and reports

* Fix which kind of ID is returned in tech review endpoints

* Deduplicate tech review report rows

* Reduce info sent for projects

* Fetch more thread info

* Address PR comments

* fix ci

* fix ci

* fix postgres version mismatch

* fix version creation

* Implement routes

* feat: batch scan alert

* feat: layout

* feat: introduce surface variables

* fix: theme selector

* feat: rough draft of tech review card

* feat: tab switcher

* feat: batch scan btn

* feat: api-client module for tech review

* draft: impl

* feat: auto icons

* fix: layout issues

* feat: fixes to code blocks + flag labels

* feat: temp remove mock data

* fix: search sort types

* fix: intl & lint

* chore: re-enable mock data

* fix: flag badges + auto open first issue in file tab

* feat: update for new routes

* fix: more qa issues

* feat: lazy load sources

* fix: re-enable auth middleware

* feat: impl threads

* fix: lint & severity

* feat: download btn + switch to using NavTabs with new local mode option

* feat: re-add toplevel btns

* feat: reports page consistency

* fix: consistency on project queue

* fix: icons + sizing

* fix: colors and gaps

* fix: impl endpoints

* feat: load all flags on file tab

* feat: thread generics changes

* feat: more qa

* feat: fix collapse

* fix: qa

* feat: msg modal

* fix: ISO import

* feat: qa fixes

* fix: empty state basic

* fix: collapsible region

* fix: collapse thread by default

* feat: rough draft of new process/flow

* fix labrinth build

* fix thread message privacy

* New tech review search route

* feat: qa fixes

* feat: QA changes

* fix: verdict on detail not whole issue

* fix: lint + intl

* fix: lint

* fix: thread message for tech rev verdict

* feat: use anim frames

* fix: exports + typecheck

* polish: qa changes

* feat: qa

* feat: qa polish

* feat: fix malic modal

* fix: lint

* fix: qa + lint

* fix: pagination

* fix: lint

* fix: qa

* intl extract

* fix ci

---------

Signed-off-by: Calum H. <contact@cal.engineer>
Co-authored-by: Alejandro González <me@alegon.dev>
Co-authored-by: aecsocket <aecsocket@tutanota.com>

---------

Signed-off-by: Calum H. <contact@cal.engineer>
Co-authored-by: Alejandro González <me@alegon.dev>
Co-authored-by: Calum H. <contact@cal.engineer>

apps/labrinth/migrations/20250810155316_delphi-reports.sql

@@ -0,0 +1,47 @@
+CREATE TYPE delphi_severity AS ENUM ('low', 'medium', 'high', 'severe');
+
+CREATE TYPE delphi_report_issue_status AS ENUM ('pending', 'safe', 'unsafe');
+
+-- A Delphi analysis report for a project version
+CREATE TABLE delphi_reports (
+	id BIGINT PRIMARY KEY GENERATED ALWAYS AS IDENTITY,
+	file_id BIGINT REFERENCES files (id)
+		ON DELETE SET NULL
+		ON UPDATE CASCADE,
+	delphi_version INTEGER NOT NULL,
+	artifact_url VARCHAR(2048) NOT NULL,
+	created TIMESTAMPTZ DEFAULT CURRENT_TIMESTAMP NOT NULL,
+	severity DELPHI_SEVERITY NOT NULL,
+	UNIQUE (file_id, delphi_version)
+);
+CREATE INDEX delphi_version ON delphi_reports (delphi_version);
+
+-- An issue found in a Delphi report. Every issue belongs to a report,
+-- and a report can have zero, one, or more issues attached to it
+CREATE TABLE delphi_report_issues (
+	id BIGINT PRIMARY KEY GENERATED ALWAYS AS IDENTITY,
+	report_id BIGINT NOT NULL REFERENCES delphi_reports (id)
+		ON DELETE CASCADE
+		ON UPDATE CASCADE,
+	issue_type TEXT NOT NULL,
+	status DELPHI_REPORT_ISSUE_STATUS NOT NULL,
+	UNIQUE (report_id, issue_type)
+);
+CREATE INDEX delphi_report_issue_by_status_and_type ON delphi_report_issues (status, issue_type);
+
+-- The details of a Delphi report issue, which contain data about a
+-- Java class affected by it. Every Delphi report issue details object
+-- belongs to a specific issue, and an issue can have zero, one, or
+-- more details attached to it. (Some issues may be artifact-wide,
+-- or otherwise not really specific to any particular class.)
+CREATE TABLE delphi_report_issue_details (
+	id BIGINT PRIMARY KEY GENERATED ALWAYS AS IDENTITY,
+	issue_id BIGINT NOT NULL REFERENCES delphi_report_issues (id)
+		ON DELETE CASCADE
+		ON UPDATE CASCADE,
+	key TEXT NOT NULL,
+	file_path TEXT NOT NULL,
+	decompiled_source TEXT,
+	data JSONB NOT NULL,
+	severity DELPHI_SEVERITY NOT NULL
+);

apps/labrinth/migrations/20251130173416_delphi_report_verdicts.sql

@@ -0,0 +1,2 @@
+ALTER TABLE delphi_reports
+ADD COLUMN status delphi_report_issue_status NOT NULL DEFAULT 'pending';

apps/labrinth/migrations/20251213141500_delphi_report_fixes.sql

@@ -0,0 +1,8 @@
+ALTER TABLE delphi_reports
+DROP COLUMN status;
+
+ALTER TABLE delphi_report_issues
+DROP COLUMN status;
+
+ALTER TABLE delphi_report_issue_details
+ADD COLUMN status DELPHI_REPORT_ISSUE_STATUS NOT NULL DEFAULT 'pending';

apps/labrinth/migrations/20251217234047_delphi_dedupe_issue_detail_statuses.sql

@@ -0,0 +1,26 @@
+ALTER TABLE delphi_report_issue_details
+DROP COLUMN status;
+
+CREATE TABLE delphi_issue_detail_verdicts (
+	project_id BIGINT                     REFERENCES mods(id)
+		ON DELETE SET NULL
+		ON UPDATE CASCADE,
+	detail_key TEXT                       NOT NULL,
+	verdict    delphi_report_issue_status NOT NULL,
+	PRIMARY KEY (project_id, detail_key)
+);
+
+CREATE VIEW delphi_issue_details_with_statuses AS
+SELECT
+	drid.*,
+	m.id AS project_id,
+	COALESCE(didv.verdict, 'pending') AS status
+FROM delphi_report_issue_details drid
+INNER JOIN delphi_report_issues dri ON dri.id = drid.issue_id
+INNER JOIN delphi_reports dr ON dr.id = dri.report_id
+INNER JOIN files f ON f.id = dr.file_id
+INNER JOIN versions v ON v.id = f.version_id
+INNER JOIN mods m ON m.id = v.mod_id
+LEFT JOIN delphi_issue_detail_verdicts didv
+	ON m.id = didv.project_id
+	AND drid.key = didv.detail_key;