Adding scan criticality

[schiwekM]

Add ScanStates Entity with Criticality for Enhanced Status Display

New Features

✨ Introduced a new ScanStates entity to provide localized status names and criticality levels for attachment scan statuses, improving the visual representation of scan results in the UI.

Changes

• attachments.cds: Added new ScanStates entity extending CodeList with code, name, and criticality fields. Updated MediaData aspect to include statusNav association to ScanStates and set default status to 'Unscanned'.

• attachments-annotations.cds: Enhanced status display with Common.Text and Common.TextArrangement annotations, added criticality visualization in LineItem, and removed unused $Type annotation from HeaderInfo.

• sap.attachments-ScanStates.csv & sap.attachments-ScanStates_texts.csv: Added CSV data files defining scan states (Unscanned, Scanning, Infected, Clean, Failed) with their corresponding criticality levels (1=Critical, 2=Warning, 3=Success) and localized descriptions.

• ReadAttachmentsHandler.java: Updated scan trigger logic to re-scan attachments that are Clean or Failed for more than 3 days, added timestamp imports, and improved scan condition handling for better security posture.

• Registration.java: Added environment configuration to dynamically append CSV paths for loading scan state data, with proper null-safety checks and logging.

• application.yaml: Added new configuration file to define default CSV data source paths.

• ReadAttachmentsHandlerTest.java: Enhanced test coverage by adding scannedAt field initialization to attachment test objects.

Build & CI Changes

• ci.yml: Changed GitHub token from custom GH_TOKEN to standard GITHUB_TOKEN and updated pull request trigger from pull_request to pull_request_target.

• pom.xml: Bumped project version from 1.2.4 to 1.2.5-SNAPSHOT and reduced JaCoCo coverage thresholds from 95% to 90% for instruction, branch, and complexity metrics.

• samples/bookshop/pom.xml: Updated cds-feature-attachments dependency version to 1.2.5-SNAPSHOT.

Test Improvements

• Integration test files (AWSClientIT.java, AzureClientIT.java, GoogleClientIT.java): Added assumeTrue checks to skip tests gracefully when cloud storage credentials are not available in the environment.

Configuration

• translation_v2.json: Added new attachments_data collection configuration to include CSV translation files in the TEW translation delivery process.

• .gitignore: Added .cdsrc-private.json to ignored files list.

• 🔄 Regenerate and Update Summary

[Schmarvinius]

Until CAP-Java don't deliver automatic data-source search. This has to wait.
The extra config would require all users to adapt to this and later when the feature is delivered to remove it again.

[Schmarvinius]

Couldn't wait so we will deliver with a temporary solution using CdsProperties

[hyperspace-insights]

The review has been concluded!

PR Bot Information

Version: 1.16.33

• Correlation ID: 51d38940-dc1f-11f0-81c9-da6f65e75dd1
• Event Trigger: issue_comment.created
• LLM: anthropic--claude-4.5-sonnet

[mofterdinger]

Why not add some additional tests to full-fill this requirement ?

[mofterdinger]

The target folder is only available during build time with Maven. How will this work with an application using the attachments plugin during productive usage?

[Schmarvinius]

Oh, I didn't know that. I thought it has the same structures in prod as we have it on our machine.
Then we will have to reconsider our strategy.

[beckermarc]

For production this is not relevant, as CSV data is never deployed by CAP Java in production, but via the HANA build task, which should already correctly pick up the CSV data anyway.

When running locally you might want to check the working directory to figure out the correct path to the target folder. Depending where the app is started (e.g. root directory or srv directory) the path might need to be adjusted.