Improve chapters/project leaders presentation

[rudransh-shrivastava]

Resolves #1431

Hello, I need help @arkid15r ,

here's what I did in this PR:

• exposed leaders (m2m relationship with github.User) as leaders_temp field
• extracted the Leaders Block in a component
• used it in about page and projects page (chapters left out for now)

questions/blockers:

1. I had to use leaders_temp as i could not come up with a different name. There's already a leaders field exposed but it's misleading as its actually leaders_raw in the database which is just string[]. I'm not sure what to name it. I think renaming the existing leaders to leaders_raw or leaders_names would be a good approach.
2. The original Leaders block requires data in the following format:

const leaders = {
  arkid15r: 'CCSP, CISSP, CSSLP',
  kasya: 'CC',
  mamicidal: 'CISSP',
}

however, I'm not sure how to get the CCSP, CISSP, CSSLP part from the database.
3. since leaders_temp is of type User[] we need to convert it in the above format (type LeadersListBlockProps). in this implementation, I have just reduced it using code. But I'm not sure if this is a good approach, please let me know.

Please let me know what you think, I will update the code and the related tests accordingly.

[sonarqubecloud]

Quality Gate passed

Issues
1 New issue
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[coderabbitai]

Summary by CodeRabbit

• New Features

  • Introduced a new Leaders section for projects and about pages, displaying detailed leader profiles with avatars, names, and profile links.
  • Added a new LeadersListBlock component for rendering leader information in a unified and responsive card layout.

• Enhancements

  • Project and card details pages now show leader profiles with improved data fetching and presentation.
  • Updated GraphQL queries and data types to support richer leader information across the app.

• Refactor

  • Simplified leader data handling by consolidating logic into the new LeadersListBlock component.

Walkthrough

A reusable LeadersListBlock component was created to display leader profiles and is now used on both the About page and project details pages. Supporting backend and type changes were made to expose leaders as user objects. The new component centralizes leader data fetching and presentation.

Changes

Files/Paths	Change Summary
backend/apps/owasp/graphql/nodes/common.py	Added leaders_temp resolver returning UserNode list; imported UserNode.
frontend/src/app/about/page.tsx	Removed inline LeaderData logic; now uses LeadersListBlock for leaders section.
frontend/src/app/projects/[projectKey]/page.tsx	Passed project.leadersTemp as leaders prop to DetailsCard.
frontend/src/components/CardDetailsPage.tsx	DetailsCard accepts new leaders prop; renders LeadersListBlock if present.
frontend/src/components/LeadersListBlock.tsx	New component: LeadersListBlock for rendering leader user profiles, including data fetching logic.
frontend/src/server/queries/projectQueries.ts	Added leadersTemp { login } to GET_PROJECT_DATA GraphQL query.
frontend/src/types/card.ts	Added optional leaders?: User[] to DetailsCardProps interface.
frontend/src/types/leaders.ts	Added type LeadersListBlockProps (string-to-string map).
frontend/src/types/project.ts	Added leadersTemp: User[] to Project type.

Assessment against linked issues

Objective	Addressed	Explanation
Extract About page leaders logic into a reusable component (LeadersListBlock) (#1431)	✅
Use the new leaders component on the About page, preserving layout (#1431)	✅
Add a Leaders block to chapter/project details pages above Top Contributors (#1431)	✅
Backend and type changes to support leaders as user objects for new component (#1431)	✅

Suggested labels

frontend-tests

Suggested reviewers

• kasya
• arkid15r

✨ Finishing Touches

• 📝 Generate Docstrings

🧪 Generate unit tests

• Create PR with unit tests
• Post copyable unit tests in a comment

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Explain this complex logic.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai explain this code block.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and explain its main purpose.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR.
• @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
• @coderabbitai auto-generate unit tests to generate unit tests for this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 6

📜 Review details

Configuration used: .coderabbit.yaml
Review profile: ASSERTIVE
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between b573410 and 42a647a.

📒 Files selected for processing (9)

• backend/apps/owasp/graphql/nodes/common.py (1 hunks)
• frontend/src/app/about/page.tsx (2 hunks)
• frontend/src/app/projects/[projectKey]/page.tsx (1 hunks)
• frontend/src/components/CardDetailsPage.tsx (4 hunks)
• frontend/src/components/LeadersListBlock.tsx (1 hunks)
• frontend/src/server/queries/projectQueries.ts (1 hunks)
• frontend/src/types/card.ts (2 hunks)
• frontend/src/types/leaders.ts (1 hunks)
• frontend/src/types/project.ts (2 hunks)

🧰 Additional context used

🧠 Learnings (3)

frontend/src/app/projects/[projectKey]/page.tsx (1)

Learnt from: ahmedxgouda
PR: OWASP/Nest#1633
File: frontend/src/components/HealthMetrics.tsx:30-30
Timestamp: 2025-06-20T16:12:59.256Z
Learning: In the DetailsCard component (frontend/src/components/CardDetailsPage.tsx), there's a length check before rendering HealthMetrics: `healthMetricsData.length > 0`. This ensures that when HealthMetrics is rendered, the data array has at least one element, making accessing data[0] safe within the HealthMetrics component.

frontend/src/types/card.ts (1)

Learnt from: ahmedxgouda
PR: OWASP/Nest#1714
File: frontend/src/components/ProjectTypeDashboardCard.tsx:8-12
Timestamp: 2025-07-08T17:07:50.957Z
Learning: In the OWASP/Nest project, union types for component props are not necessary when they would require creating separate type definitions. The project prefers inline prop type definitions even for props with specific string values, maintaining consistency with the single-use component prop pattern.

frontend/src/components/CardDetailsPage.tsx (2)

Learnt from: ahmedxgouda
PR: OWASP/Nest#1633
File: frontend/src/components/HealthMetrics.tsx:30-30
Timestamp: 2025-06-20T16:12:59.256Z
Learning: In the DetailsCard component (frontend/src/components/CardDetailsPage.tsx), there's a length check before rendering HealthMetrics: `healthMetricsData.length > 0`. This ensures that when HealthMetrics is rendered, the data array has at least one element, making accessing data[0] safe within the HealthMetrics component.

Learnt from: ahmedxgouda
PR: OWASP/Nest#1633
File: frontend/src/components/HealthMetrics.tsx:30-30
Timestamp: 2025-06-20T16:12:59.256Z
Learning: In the DetailsCard component (frontend/src/components/CardDetailsPage.tsx), there's a safety check that ensures HealthMetrics component is only rendered when healthMetricsData exists and has at least one element: `healthMetricsData && healthMetricsData.length > 0`. This makes accessing data[0] safe within the HealthMetrics component.

🧬 Code Graph Analysis (4)

frontend/src/types/card.ts (1)

frontend/src/types/user.ts (1)

• User (10-30)

frontend/src/types/project.ts (1)

frontend/src/types/user.ts (1)

• User (10-30)

backend/apps/owasp/graphql/nodes/common.py (1)

backend/apps/github/graphql/queries/user.py (1)

• user (40-56)

frontend/src/components/CardDetailsPage.tsx (3)

backend/apps/owasp/graphql/nodes/common.py (1)

• leaders (19-21)

backend/apps/github/graphql/queries/user.py (1)

• user (40-56)

frontend/src/types/leaders.ts (1)

• LeadersListBlockProps (5-7)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)

• GitHub Check: Run frontend e2e tests

🔇 Additional comments (12)

frontend/src/types/project.ts (2)

8-8: LGTM! Import correctly added.

The User type import is properly added to support the new leadersTemp field.

---

29-29: LGTM! New field added correctly.

The leadersTemp field is properly typed as User[]. As mentioned in the PR objectives, this temporary naming addresses the confusion with the existing leaders field that corresponds to string arrays.

frontend/src/app/projects/[projectKey]/page.tsx (1)

106-106: No type mismatch—DetailsCard handles User[] correctly.

The DetailsCardProps interface defines leaders?: User[], and inside CardDetailsPage.tsx the component converts that array into the {[key: string]: string} mapping for LeadersListBlock via .reduce(...). Passing project.leadersTemp (a User[]) directly is therefore valid and needs no further transformation.

frontend/src/types/card.ts (2)

14-14: LGTM! Import correctly added.

The User type import is properly added to support the new leaders prop in DetailsCardProps.

---

57-57: LGTM! Optional prop maintains backward compatibility.

The leaders?: User[] prop is correctly typed and optional, ensuring backward compatibility with existing usage of DetailsCardProps.

backend/apps/owasp/graphql/nodes/common.py (1)

6-6: LGTM!

The import addition is correct and necessary for the new method.

frontend/src/components/CardDetailsPage.tsx (3)

14-14: LGTM!

The imports are correctly added for the new functionality.

Also applies to: 23-23

---

54-54: LGTM!

The addition of the optional leaders prop to the component signature is correctly placed and typed.

---

203-211: Data transformation validated—please document empty descriptions

The reduce call in frontend/src/components/CardDetailsPage.tsx (around lines 203–211) correctly builds a LeadersListBlockProps ({ [login: string]: string }), mapping each leader’s login to ''. Since LeadersListBlock uses description={leaders[user.login]}, the empty string is intentional given that certification data isn’t yet available.

• File to update:

• frontend/src/components/CardDetailsPage.tsx (around the reduce block)
  • Suggested change:
• Add a brief code comment or update the component’s documentation to note that descriptions are blank by design until certification details are introduced.

frontend/src/app/about/page.tsx (2)

26-26: LGTM!

The import for the new LeadersListBlock component is correctly added.

---

111-113: LGTM!

The integration of LeadersListBlock is clean and follows the established pattern. The conditional rendering, icon prop, and label are appropriately configured.

frontend/src/components/LeadersListBlock.tsx (1)

58-68: LGTM!

The main component structure and rendering logic look good. The responsive layout with flexbox and the mapping over leader keys is implemented correctly.

[coderabbitai]

🛠️ Refactor suggestion

Consider fetching additional User fields for complete leader display.

Currently, only the login field is being fetched from leadersTemp. However, for a proper leader display component, you'll likely need additional fields such as:

• avatarUrl for profile pictures
• name for display names
• company and location for professional information
• bio for user descriptions

 leadersTemp {
   login
+  avatarUrl
+  name
+  company
+  location
+  bio
+  url
 }

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	leadersTemp {
	login
	}
	leadersTemp {
	login
	avatarUrl
	name
	company
	location
	bio
	url
	}

🤖 Prompt for AI Agents

In frontend/src/server/queries/projectQueries.ts around lines 13 to 15, the
GraphQL query for leadersTemp only fetches the login field, which is
insufficient for a complete leader display. Update the query to also fetch
avatarUrl, name, company, location, and bio fields from leadersTemp to provide
richer user information for the UI.

[coderabbitai]

🧹 Nitpick (assertive)

LGTM! Type definition follows requirements.

The LeadersListBlockProps type correctly defines the string-to-string mapping format expected by the component, as mentioned in the PR objectives.

Consider adding a comment to clarify the structure:

+// Maps username to certification strings (e.g., { arkid15r: 'CCSP, CISSP, CSSLP' })
 export type LeadersListBlockProps = {
   [key: string]: string
 }

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	export type LeadersListBlockProps = {
	[key: string]: string
	}
	// Maps username to certification strings (e.g., { arkid15r: 'CCSP, CISSP, CSSLP' })
	export type LeadersListBlockProps = {
	[key: string]: string
	}

🤖 Prompt for AI Agents

In frontend/src/types/leaders.ts around lines 5 to 7, add a brief comment above
the LeadersListBlockProps type definition to clarify that it represents a
mapping of string keys to string values, which helps improve code readability
and maintainability.

[coderabbitai]

🧹 Nitpick (assertive)

Consider improving method naming and documentation.

The implementation correctly exposes User objects via GraphQL, but consider the following improvements:

1. The method name leaders_temp suggests this is temporary. Based on the PR objectives, consider planning for the eventual rename.
2. The docstring says "Resolve leaders logins" but it actually returns User objects, not just logins.

-    def leaders_temp(self) -> list[UserNode]:
-        """Resolve leaders logins."""
+    def leaders_temp(self) -> list[UserNode]:
+        """Resolve leaders as User objects."""

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	@strawberry.field
	def leaders_temp(self) -> list[UserNode]:
	"""Resolve leaders logins."""
	return self.leaders.all()
	@strawberry.field
	def leaders_temp(self) -> list[UserNode]:
	"""Resolve leaders as User objects."""
	return self.leaders.all()

🤖 Prompt for AI Agents

In backend/apps/owasp/graphql/nodes/common.py around lines 13 to 16, rename the
method from leaders_temp to a more descriptive and permanent name like leaders
to reflect its purpose accurately. Update the docstring to clearly state that
the method returns a list of User objects representing leaders, not just their
logins, ensuring the documentation matches the method's functionality.

[coderabbitai]

🧹 Nitpick (assertive)

Consider potential performance implications and error handling improvements.

The nested LeaderData component creates individual GraphQL queries for each leader, which could lead to N+1 query performance issues. Consider these improvements:

1. Performance: If multiple leaders are displayed, this creates multiple separate queries. Consider batching or using a single query with multiple variables.

2. Error handling: The error states are basic. Consider providing more user-friendly error messages or retry mechanisms.

3. Loading state: Individual loading states per leader might create a poor UX when multiple leaders are loading.

For better performance, consider fetching all leader data in a single query or using GraphQL batching:

// Alternative approach - single query for all leaders
const { data, loading, error } = useQuery(GET_MULTIPLE_LEADERS_DATA, {
  variables: { usernames: Object.keys(leaders) },
})

🤖 Prompt for AI Agents

In frontend/src/components/LeadersListBlock.tsx around lines 22 to 56, the
LeaderData component runs a separate GraphQL query for each leader, causing
potential N+1 query performance issues and fragmented loading/error states.
Refactor to fetch all leader data in a single query by creating a new GraphQL
query that accepts multiple usernames as variables and returns their data
collectively. Replace the multiple individual queries with one useQuery call
that fetches all leaders at once, then map over the results to render each
leader's data. Additionally, improve error handling by providing more
user-friendly messages and consider adding retry logic. Consolidate loading
states to avoid multiple loading indicators and improve UX.

[coderabbitai]

⚠️ Potential issue

Fix type annotation for handleButtonClick parameter.

The parameter type should match the actual user object structure from the GraphQL response, not the Sentry User type.

-    const handleButtonClick = (user: User) => {
+    const handleButtonClick = (user: any) => {
       router.push(`/members/${user.login}`)
     }

Or better yet, define a proper User type and use it consistently throughout the application.

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	const handleButtonClick = (user: User) => {
	router.push(`/members/${user.login}`)
	}
	const handleButtonClick = (user: any) => {
	router.push(`/members/${user.login}`)
	}

🤖 Prompt for AI Agents

In frontend/src/components/LeadersListBlock.tsx around lines 37 to 39, the
handleButtonClick function parameter is currently typed as Sentry's User type,
which does not match the actual user object structure from the GraphQL response.
To fix this, define a proper User type that reflects the GraphQL user data
structure and update the parameter type annotation of handleButtonClick to use
this new User type consistently throughout the application.

[coderabbitai]

⚠️ Potential issue

Fix incorrect import for User type.

The User type should not be imported from @sentry/nextjs. This is likely meant to be a local User type definition.

-import { User } from '@sentry/nextjs'
+import { User } from 'types/user'

If the User type doesn't exist in types/user, you may need to create it or import from the correct location.

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	import { User } from '@sentry/nextjs'
	-import { User } from '@sentry/nextjs'
	+import { User } from 'types/user'

🤖 Prompt for AI Agents

In frontend/src/components/LeadersListBlock.tsx at line 4, the User type is
incorrectly imported from '@sentry/nextjs'. Remove this import and instead
import the User type from the correct local path, such as 'types/user'. If the
User type does not exist there, create the appropriate type definition in that
location before importing it.

[rudransh-shrivastava]

will resolve cr comments.