fix(trust-portal): restore soc3/pipeda/ccpa badge mappings (CS-688 follow-up)#3357
Merged
Merged
Conversation
Consolidating the public and admin badge logic into the shared cert-badge-mapper (CS-688) inadvertently dropped soc3, pipeda and ccpa — the public portal's original mapper recognized them but the admin mapper (which the shared version was based on) did not. Vendors with those certifications would lose their public Trust Centre badges after release. Restore all three to the shared mapper. Safe on both surfaces: the public portal renders them via label text (formatComplianceBadgeLabels already has the labels) and the admin UI skips badge types it has no icon for (`if (!IconComponent) return null`), so nothing breaks there. Addresses cubic P1 on the production-deploy PR. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01RgkStnwws7zZL39mJ79PeN
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
claudfuen
pushed a commit
that referenced
this pull request
Jul 6, 2026
# [3.98.0](v3.97.0...v3.98.0) (2026-07-06) ### Bug Fixes * address follow-up ([70c393c](70c393c)) * **api:** add isActive filter to member query ([545bc74](545bc74)) * **api:** tie trust portal access link expiry to the grant duration ([cc493f0](cc493f0)) * **app:** sort assignee list alphabetically in assignee dropdown ([13aa3ef](13aa3ef)) * **cloud-security:** exclude per-task runs from latest scan selection ([c51b17c](c51b17c)) * **risk-treatment:** ensure live tasks filter before ranking in draft plan ([98401f4](98401f4)) * **risk-treatment:** harden orphan task-vector prune (CS-681 review) ([eb3c097](eb3c097)) * **trust-portal:** derive public vendor badges from cert data (CS-688) ([#3355](#3355)) ([dd2ea84](dd2ea84)), closes [3315/#3318](#3318) * **trust-portal:** restore soc3/pipeda/ccpa badge mappings (CS-688) ([#3357](#3357)) ([e8cb123](e8cb123)) * **trust:** address cubic review on the questionnaire toggle ([6e71c3f](6e71c3f)) ### Features * **trust:** add setting to show/hide the Security Questionnaire on the public trust portal ([f89c323](f89c323))
Contributor
|
🎉 This PR is included in version 3.98.0 🎉 The release is available on GitHub release Your semantic-release bot 📦🚀 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Problem
The cubic review on the production-deploy PR (#3356) flagged a P1: consolidating the public + admin badge logic into the shared
cert-badge-mapper(in #3355 / CS-688) dropped soc3, pipeda and ccpa.Verified — real regression. The public portal's original
extractBadgesFromRiskDatamapped those three; the admin mapper (which the shared version was based on) never did. Since the shared mapper now governs both surfaces, vendors with a SOC 3 / PIPEDA / CCPA certification would lose that badge on the public Trust Centre.Fix
Restore all three to the shared
mapCertificationToBadgeType. Safe on both surfaces:formatComplianceBadgeLabelsalready has theSOC 3/PIPEDA/CCPAlabels.TrustPortalVendors.tsx) guards unknown types (if (!IconComponent) return null), so introducing these types shows no icon there but does not break — same as its current behavior.pci_dssetc. use substringincludes, so the three restored checks follow the same style (soc3,pipeda,ccpa), which is broader than the old exact-matchCERT_MAPand therefore strictly no worse.Testing
cert-badge-mapper.spec.ts: added a regression test assertingSOC 3 → soc3,PIPEDA → pipeda,CCPA → ccpa.npx jest src/trust-portal→ 33 passing. Typecheck clean for the changed file.Note on the other cubic finding
The second cubic finding on #3356 (chunk the
updateMany({ id: { in: deletedSourceIds }})inrun-linkage.ts) is stale — that code was introduced in an intermediate commit (70c393c8) and already removed ineb3c097a("harden orphan task-vector prune").deletedSourceIds/ thatupdateManyexist nowhere onmain; hash writes are now per-rowdb.task.update. No action needed.Relates to CS-688.
🤖 Generated with Claude Code
Summary by cubic
Restores SOC 3, PIPEDA, and CCPA badge mappings in the shared
cert-badge-mapperso these badges appear on the public Trust Centre again. Follow-up to CS-688 to keep public/admin mappings aligned; admin UI remains safe.soc3,pipeda, andccpadetections tomapCertificationToBadgeTypeinapps/api/src/trust-portal/cert-badge-mapper.ts.cert-badge-mapper.spec.tsto cover these mappings.Written for commit 7b302a7. Summary will update on new commits.