Use saneyaml.dump for SSVC display in UI

Mahaboobunnisa123 · Mahaboobunnisa123 · commit 4a8b41e3a9c6 · 2026-02-24T23:04:46.000+05:30
diff --git a/vulnerabilities/templates/advisory_detail.html b/vulnerabilities/templates/advisory_detail.html
@@ -583,7 +583,7 @@
                             <summary class="is-size-7 has-text-link" style="cursor: pointer;">
                               View SSVC decision tree
                             </summary>
-                            <pre>{{ ssvc.options|pprint }}</pre>
+                            <pre>{{ ssvc.options_yaml }}</pre>
                           </details>
                         </div>
                     </div>
diff --git a/vulnerabilities/tests/test_view.py b/vulnerabilities/tests/test_view.py
@@ -26,6 +26,7 @@
 from vulnerabilities.utils import get_purl_version_class
 from vulnerabilities.views import PackageDetails
 from vulnerabilities.views import PackageSearch
+from vulnerabilities.views import render_as_yaml
 
 BASE_DIR = os.path.dirname(os.path.abspath(__file__))
 TEST_DIR = os.path.join(BASE_DIR, "test_data/package_sort")
@@ -330,3 +331,19 @@ def test_aggregate_fixed_and_affected_packages(self):
             end_time = time.time()
             assert end_time - start_time < 0.05
             self.assertEqual(response.status_code, 200)
+
+class TestRenderAsYaml:
+    def test_render_as_yaml_with_ssvc_options(self):
+        options = [
+            {"Exploitation": "active"},
+            {"Automatable": "yes"},
+            {"Technical Impact": "total"},
+        ]
+        result = render_as_yaml(options)
+        assert result == "- Exploitation: active\n- Automatable: yes\n- Technical Impact: total\n"
+
+    def test_render_as_yaml_with_none(self):
+        assert render_as_yaml(None) is None
+
+    def test_render_as_yaml_with_empty_list(self):
+        assert render_as_yaml([]) is None
diff --git a/vulnerabilities/views.py b/vulnerabilities/views.py
@@ -7,7 +7,7 @@
 # See https://aboutcode.org for more information about nexB OSS projects.
 #
 import logging
-
+import saneyaml
 from cvss.exceptions import CVSS2MalformedError
 from cvss.exceptions import CVSS3MalformedError
 from cvss.exceptions import CVSS4MalformedError
@@ -45,6 +45,9 @@
 
 PAGE_SIZE = 20
 
+def render_as_yaml(value):
+    if value:
+        return saneyaml.dump(value, indent=2)
 
 class PackageSearch(ListView):
     model = models.Package
@@ -522,6 +525,7 @@ def add_ssvc(ssvc):
                     "vector": ssvc.vector,
                     "decision": ssvc.decision,
                     "options": ssvc.options,
+                    "options_yaml": render_as_yaml(ssvc.options),
                     "advisory_url": ssvc.source_advisory.url,
                     "advisory": ssvc.source_advisory,
                 }
