Reviewing files that changed from the base of the PR and betweenbccefd1 and8e9e0af.

• backend/apps/github/graphql/nodes/issue.py (2 hunks)
• backend/apps/github/graphql/nodes/user.py (0 hunks)
• backend/apps/github/graphql/queries/issue.py (1 hunks)
• backend/apps/github/graphql/queries/release.py (2 hunks)
• backend/tests/apps/github/graphql/nodes/user_test.py (0 hunks)
• frontend/src/api/queries/userQueries.ts (1 hunks)
• frontend/src/pages/UserDetails.tsx (6 hunks)

• backend/apps/github/graphql/nodes/user.py
• backend/tests/apps/github/graphql/nodes/user_test.py

• GitHub Check: Run frontend e2e tests
• GitHub Check: Run frontend unit tests
• GitHub Check: Run backend tests
• GitHub Check: CodeQL (javascript-typescript)

backend/apps/github/graphql/nodes/issue.py (2)

3-4:LGTM - Import required module.

Adding the graphene import ensures the module is explicitly available for the new field definition.

---

12-13:LGTM - Added URL field.

The addition of the URL field enhances the IssueNode by exposing the URL directly in the GraphQL schema.

frontend/src/pages/UserDetails.tsx (5)

26-27:LGTM - Added state variable for issues.

Good addition of a dedicated state variable for issues, which aligns with the refactored GraphQL query structure.

---

29-30:LGTM - Added state variable for releases.

Good addition of a dedicated state variable for releases, which aligns with the refactored GraphQL query structure.

---

45-48:LGTM - Updated state setters to use refactored GraphQL query fields.

Correctly updated to use the new top-level query fields instead of nested fields from the user object.

---

106-121:LGTM - Updated formattedIssues to use the new issues state variable.

The component now correctly uses the dedicated issues state variable and properly updates the dependency array for the useMemo hook.

---

139-155:LGTM - Updated formattedReleases to use the new releases state variable.

The component now correctly uses the dedicated releases state variable and properly updates the dependency array for the useMemo hook.

frontend/src/api/queries/userQueries.ts (3)

5-10:LGTM - Added recentIssues query field.

Good refactoring to move issues from being nested under the user to a separate top-level field in the query. This provides better separation of concerns and likely improves query performance.

---

16-22:LGTM - Added recentReleases query field.

Good refactoring to move releases from being nested under the user to a separate top-level field in the query. This provides better separation of concerns and likely improves query performance.

---

1-50:

✅ Verification successful

Verify GraphQL query compatibility with backend schema.

The query has been significantly refactored. Let's verify that the backend schema supports these changes to ensure there are no runtime errors.

---

🏁 Script executed:

#!/bin/bash# Check if the schema has corresponding fields for the refactored query# Look for recent_issues field implementation in backend codeecho"Checking for recent_issues field implementation:"rg -A 3"recent_issues\s*=\s*graphene\." --type py# Look for recent_releases field implementation in backend codeecho -e"\nChecking for recent_releases field implementation:"rg -A 3"recent_releases\s*=\s*graphene\." --type py# Look for resolver methods for the new fieldsecho -e"\nChecking for resolver methods:"rg"def resolve_recent_(issues|releases)" --type py

Length of output: 2298

---

GraphQL Query Compatibility Verified

The refactored query has been checked against the backend schema. Specifically, the shell script output confirms that:

• The backend defines the snake_case fields (recent_issues andrecent_releases) with proper resolver methods.
• Graphene’s automatic conversion from snake_case to camelCase ensures that the query’srecentIssues andrecentReleases fields map correctly, avoiding runtime errors.

The remaining fields (recentPullRequests,topContributedRepositories, anduser) follow existing patterns and are assumed to be supported. No compatibility issues were detected.

backend/apps/github/graphql/queries/release.py (6)

16-16:Appropriate modification of default limit value

Reducing the default limit from 15 to 6 is a reasonable optimization that aligns with frontend needs while reducing data transfer. This change is consistent with the PR objectives to refactor GraphQL queries.

---

18-18:Good addition of the login filter parameter

Adding an optional login parameter enables more targeted queries, allowing clients to filter releases by author. This enhances the API's flexibility while maintaining backward compatibility since the parameter is marked as not required.

---

21-21:Properly updated resolver method signature

The resolver method signature has been correctly updated to match the field definition, with the default limit changed to 6 and the new login parameter added with a suitable default value of None.

---

29-29:Well-documented new parameter

The docstring has been properly updated to include documentation for the new login parameter, which is a good practice for maintaining clear API documentation.

---

41-45:Correct implementation of login filtering

The implementation of the login filter is straightforward and effective. It appropriately checks if the login parameter was provided before applying the filter, which maintains backward compatibility with existing queries.

---

14-19:

✅ Verification successful

Verify consistency with other parts of the codebase

The change in default limit from 15 to 6 looks good, but it's worth verifying that this change doesn't affect other parts of the codebase that might expect a larger number of releases.

---

🏁 Script executed:

#!/bin/bash# Check if there are any other parts of the codebase that reference a default limit of 15 for releasesecho"Searching for references to default limits for releases..."rg -A 3 -B 3"RECENT_RELEASES_LIMIT" --glob"**/*.py"rg -A 3 -B 3"\blimit=15\b" --glob"**/*.py"| grep -v"release.py"

Length of output: 4110

---

Ensure Release Query Default Remains Isolated and Intentional

After verifying the codebase, we found that the default limit change to 6 in the release query is isolated to this endpoint. Notably:

• The OWASP project node setsRECENT_RELEASES_LIMIT = 5.
• The GitHub repository node setsRECENT_RELEASES_LIMIT = 10.
• The value 15 still appears only in the issues query (resolve_recent_issues inissue.py).

No other part of the codebase relies on a default of 15 for releases. This variation appears intentional for the respective contexts. Please double-check that the slight difference in default limits across queries (5, 6, 10, and 15 for issues) aligns with your overall design expectations.

Reviewing files that changed from the base of the PR and betweene79590f andf49b33b.

• backend/poetry.lock is excluded by!**/*.lock
• frontend/pnpm-lock.yaml is excluded by!**/pnpm-lock.yaml

• backend/docker/Dockerfile.local (2 hunks)
• frontend/docker/Dockerfile.local (1 hunks)
• frontend/package.json (1 hunks)

frontend/docker/Dockerfile.local (3)

3-3:Shell Configuration Update
The updated SHELL directive using/bin/bash with pipefail is well configured for improved error handling in multi-command RUN instructions.

---

7-9:File System Setup and Global Package Installation
The subsequent commands (removing package lists, creating the/home/owasp directory, setting ownership, and installingpnpm globally via npm) are well structured for a Debian-based image.

---

23-31:Downstream Configuration and File Copy
The remainder of the Dockerfile—copying files from the builder stage, exposing the port, setting the user and work directory—is clear and aligns with typical multi-stage Docker build practices.

backend/docker/Dockerfile.local (5)

1-4:Python Base Image and Shell Configuration
The Dockerfile starts withpython:3.13-slim and sets the shell to/bin/bash with pipefail enabled. This configuration is appropriate for a Debian-based image and helps ensure that shell commands fail fast upon errors.

---

8-10:System User Setup and Dependency Management
The commands for creating a system group and user (owasp), and installing Poetry via pip, are well implemented to ensure a non-root runtime environment with proper dependency management.

---

12-19:Environment Variables and Application Dependencies in Builder Stage
The environment variables (POETRY_VIRTUALENVS_IN_PROJECT andPYTHONUNBUFFERED) and the subsequent installation of project dependencies through Poetry are clearly defined, ensuring consistency in the build environment.

---

21-30:Runtime Stage: Apt-get Installation and User Setup
In the runtime stage, installinglibpq-dev andpostgresql-client meets the application’s database client requirements. The re-creation of the system group and user ensures consistency with the builder stage. This separation is a hallmark of a lean multi-stage Docker build.

---

32-41:Final Stage: Environment Setup and File Copy
The final configuration—setting the environment PATH, exposing port 8000, and copying the necessary files from the builder stage—is implemented in a clean and organized manner. This results in a streamlined runtime image.