coulomb/state-hub
2
0
Fork 0
generated from coulomb/repo-seed
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
c5c8ee52ebf9bbd77dbc48aa547dd2dfcb2ca8de
state-hub/migrations/versions/d3e4f5a6b7c8_v0_3_sbom_entries.py
tegwick 8d38110275 feat(state-hub): v0.3 schema — contributions + sbom_entries migrations, models, schemas, routers 
Migrations (chain: b1c2d3e4f5a6 → c2d3e4f5a6b7 → d3e4f5a6b7c8):
- c2d3e4f5a6b7: contributions table (contributiontype BR/FR/EP/UPR enum,
  contributionstatus 7-state lifecycle, FKs to topics/workstreams)
- d3e4f5a6b7c8: sbom_entries table (ecosystem enum, snapshot-based replacement),
  + sbom_source + last_sbom_at columns on managed_repos

New models: Contribution (ContributionType, ContributionStatus), SBOMEntry (Ecosystem)
Modified: ManagedRepo (sbom_source, last_sbom_at columns)

New routers:
- /contributions/ — CRUD + lifecycle-guarded PATCH /status + soft-delete (withdrawn)
- /sbom/ — ingest (replace snapshot), list, per-repo view, licence report

Modified:
- /state/summary now includes contribution_counts and licence_risk_count
- main.py: registers contributions + sbom routers; bumps version to 0.6.0

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-02-28 17:28:27 +01:00

61 lines
2.5 KiB
Python
Raw Blame History

"""v0.3 — sbom_entries table + managed_repos SBOM columns
Adds software bill-of-materials tracking: per-repo dependency snapshots with
package name, version, ecosystem, SPDX licence, and direct/dev flags.
Also adds sbom_source and last_sbom_at to managed_repos.
Revision ID: d3e4f5a6b7c8
Revises: c2d3e4f5a6b7
Create Date: 2026-02-28 00:00:00.000000
"""
from typing import Sequence, Union
import sqlalchemy as sa
from alembic import op
from sqlalchemy.dialects import postgresql
revision: str = "d3e4f5a6b7c8"
down_revision: Union[str, None] = "c2d3e4f5a6b7"
branch_labels: Union[str, Sequence[str], None] = None
depends_on: Union[str, Sequence[str], None] = None
def upgrade() -> None:
# Add SBOM-related columns to managed_repos
op.add_column("managed_repos", sa.Column("sbom_source", sa.Text, nullable=True))
op.add_column("managed_repos",
sa.Column("last_sbom_at", sa.DateTime(timezone=True), nullable=True))
ecosystem_enum = postgresql.ENUM(
"python", "node", "rust", "go", "java", "other",
name="ecosystem", create_type=True,
)
op.create_table(
"sbom_entries",
sa.Column("id", postgresql.UUID(as_uuid=True), primary_key=True,
server_default=sa.text("gen_random_uuid()")),
sa.Column("repo_id", postgresql.UUID(as_uuid=True),
sa.ForeignKey("managed_repos.id", ondelete="RESTRICT"), nullable=False),
sa.Column("package_name", sa.String(300), nullable=False),
sa.Column("package_version", sa.String(100), nullable=True),
sa.Column("ecosystem", ecosystem_enum, nullable=False),
sa.Column("license_spdx", sa.String(100), nullable=True),
sa.Column("is_direct", sa.Boolean, nullable=False, server_default="true"),
sa.Column("is_dev", sa.Boolean, nullable=False, server_default="false"),
sa.Column("snapshot_at", sa.DateTime(timezone=True),
server_default=sa.text("now()"), nullable=False),
sa.Column("created_at", sa.DateTime(timezone=True),
server_default=sa.text("now()"), nullable=False),
)
op.create_index("ix_sbom_entries_repo_id", "sbom_entries", ["repo_id"])
op.create_index("ix_sbom_entries_package_name", "sbom_entries", ["package_name"])
op.create_index("ix_sbom_entries_license_spdx", "sbom_entries", ["license_spdx"])
def downgrade() -> None:
op.drop_table("sbom_entries")
op.execute("DROP TYPE IF EXISTS ecosystem")
op.drop_column("managed_repos", "last_sbom_at")
op.drop_column("managed_repos", "sbom_source")
Reference in New Issue View Git Blame Copy Permalink