Improve display of SSVC decision tree in UI using YAML format #2058

Mahaboobunnisa123 · Mahaboobunnisa123 · commit e4c0a6b8da01 · 2026-02-15T17:42:16.000+05:30
Signed-off-by: Mahaboobunnisa123 &lt;mdshabbi885@gmail.com&gt;
diff --git a/vulnerabilities/templates/advisory_detail.html b/vulnerabilities/templates/advisory_detail.html
@@ -4,6 +4,7 @@
 {% load static %}
 {% load show_cvss %}
 {% load url_filters %}
+{% load ssvc_filters %}
 
 {% block title %}
 VulnerableCode Advisory Details - {{ advisory.advisory_id }}
@@ -583,7 +584,7 @@
                             <summary class="is-size-7 has-text-link" style="cursor: pointer;">
                               View SSVC decision tree
                             </summary>
-                            <pre>{{ ssvc.options|pprint }}</pre>
+                            <pre>{{ ssvc.options|to_yaml }}</pre>
                           </details>
                         </div>
                     </div>
diff --git a/vulnerabilities/templatetags/ssvc_filters.py b/vulnerabilities/templatetags/ssvc_filters.py
@@ -0,0 +1,28 @@
+#
+# Copyright (c) nexB Inc. and others. All rights reserved.
+# VulnerableCode is a trademark of nexB Inc.
+# SPDX-License-Identifier: Apache-2.0
+# See http://www.apache.org/licenses/LICENSE-2.0 for the license text.
+# See https://github.com/aboutcode-org/vulnerablecode for support or download.
+# See https://aboutcode.org for more information about nexB OSS projects.
+#
+
+import saneyaml
+from django import template
+
+register = template.Library()
+
+
+@register.filter(name="to_yaml")
+def to_yaml(value):
+    """
+    Convert a Python object (typically SSVC options) to a
+    human-readable YAML string.
+    """
+    if not value:
+        return ""
+    try:
+        return saneyaml.dump(value).strip()
+    except Exception:
+        return str(value)
+    
diff --git a/vulnerabilities/tests/test_ssvc_filters.py b/vulnerabilities/tests/test_ssvc_filters.py
@@ -0,0 +1,38 @@
+#
+# Copyright (c) nexB Inc. and others. All rights reserved.
+# VulnerableCode is a trademark of nexB Inc.
+# SPDX-License-Identifier: Apache-2.0
+# See http://www.apache.org/licenses/LICENSE-2.0 for the license text.
+# See https://github.com/aboutcode-org/vulnerablecode for support or download.
+# See https://aboutcode.org for more information about nexB OSS projects.
+#
+
+from vulnerabilities.templatetags.ssvc_filters import to_yaml
+
+
+def test_to_yaml_with_ssvc_options():
+    options = [
+        {"Exploitation": "active"},
+        {"Automatable": "yes"},
+        {"Technical Impact": "total"},
+        {"Mission Prevalence": "essential"},
+        {"Public Well-being Impact": "irreversible"},
+        {"Mission & Well-being": "high"},
+    ]
+    result = to_yaml(options)
+    assert "Exploitation: active" in result
+    assert "Technical Impact: total" in result
+    assert "Mission Prevalence: essential" in result
+    assert "Public Well-being Impact: irreversible" in result
+
+
+def test_to_yaml_with_empty_value():
+    assert to_yaml(None) == ""
+    assert to_yaml([]) == ""
+    assert to_yaml("") == ""
+
+
+def test_to_yaml_with_non_serializable_value():
+    result = to_yaml("plain string")
+    assert isinstance(result, str)
+    
