tests: sbom-explorer-details reuse SbomDetailsPage utils

[carlosthe19916]

Depends on #723

This PR includes all changes from #723 so that PR needs to be merged first.

• This PR Removes all the steps Given An ingested SBOM "<sbomName>" is available and let the step User visits SBOM details Page of "<sbomName>" do all the navigation.
• Doing the changes in the PR, we are reusing already existing helpers for navigating to the SBOM Details page

Reasoning:
All tests within the @sbom-explorer directory should assume we successfully arrived to SBOM Details Page; therefore we can safely use our utility classes for navigating to the SBOM Details Page.

Summary by Sourcery

Refactor sbom-explorer end-to-end tests to reuse SbomDetailsPage utilities for navigation and remove redundant Given steps; extract shared SBOM list page steps into a new sbom-search test suite for vulnerability checks and label management.

New Features:

• Add SBOM Search Page tests to verify vulnerabilities and label additions from the SBOM list

Enhancements:

• Simplify sbom-explorer tests by delegating navigation to SbomDetailsPage.build and removing manual list-page steps

Tests:

• Extract common 'ingested SBOM' and 'label addition' steps into a new sbom-search suite
• Introduce sbom-search.step.ts and sbom-search.feature for shared list-page scenarios

[sourcery-ai]

Reviewer's Guide

Refactors SBOM Explorer E2E tests to remove redundant precondition steps and centralize page navigation using SbomDetailsPage utilities, and adds a new SBOM Search test suite covering vulnerability verification and label addition scenarios.

File-Level Changes

Change	Details	Files
Centralize SBOM details navigation and remove redundant test steps in SBOM Explorer suite	Replaced manual SbomListPage navigation calls with SbomDetailsPage.build in the 'User visits SBOM details Page' step Deleted Given steps for SBOM ingestion, vulnerability preconditions, and label addition from sbom-explorer.step.ts Cleaned up sbom-explorer.feature by removing redundant 'Given An ingested SBOM' lines across all scenarios	e2e/tests/ui/features/@sbom-explorer/sbom-explorer.step.ts e2e/tests/ui/features/@sbom-explorer/sbom-explorer.feature
Introduce SBOM Search E2E test suite for search-related scenarios	Added sbom-search.step.ts with Given steps for ingestion and vulnerability checks, and steps for adding/verifying labels Created sbom-search.feature defining scenarios for vulnerability verification and label addition via SBOM Search page	e2e/tests/ui/features/@sbom-search/sbom-search.step.ts e2e/tests/ui/features/@sbom-search/sbom-search.feature

---

Tips and commands

Interacting with Sourcery

• Trigger a new review: Comment @sourcery-ai review on the pull request.
• Continue discussions: Reply directly to Sourcery's review comments.
• Generate a GitHub issue from a review comment: Ask Sourcery to create an
  issue from a review comment by replying to it. You can also reply to a
  review comment with @sourcery-ai issue to create an issue from it.
• Generate a pull request title: Write @sourcery-ai anywhere in the pull
  request title to generate a title at any time. You can also comment
  @sourcery-ai title on the pull request to (re-)generate the title at any time.
• Generate a pull request summary: Write @sourcery-ai summary anywhere in
  the pull request body to generate a PR summary at any time exactly where you
  want it. You can also comment @sourcery-ai summary on the pull request to
  (re-)generate the summary at any time.
• Generate reviewer's guide: Comment @sourcery-ai guide on the pull
  request to (re-)generate the reviewer's guide at any time.
• Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
  pull request to resolve all Sourcery comments. Useful if you've already
  addressed all the comments and don't want to see them anymore.
• Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
  request to dismiss all existing Sourcery reviews. Especially useful if you
  want to start fresh with a new review - don't forget to comment
  @sourcery-ai review to trigger a new review!

Customizing Your Experience

Access your dashboard to:

• Enable or disable review features such as the Sourcery-generated pull request
  summary, the reviewer's guide, and others.
• Change the review language.
• Add, remove or edit custom review instructions.
• Adjust other review settings.

Getting Help

• Contact our support team for questions or feedback.
• Visit our documentation for detailed guides and information.
• Keep in touch with the Sourcery team by following us on X/Twitter, LinkedIn or GitHub.

[sourcery-ai]

Hey there - I've reviewed your changes - here's some feedback:

• Consider extracting the “An ingested SBOM {string} is available” step into a shared module rather than duplicating it under both sbom-explorer and sbom-search so it can be reused across directories.
• The User visits SBOM details Page of {string} step assigns to _sbomDetailsPage without using it—either consume the returned page object or remove the unused variable to improve clarity.
• The xpath-based check in the sbom-search vulnerability step feels brittle; consider adding a helper on SbomListPage or using a more stable selector to assert non-zero vulnerabilities.

Prompt for AI Agents

Please address the comments from this code review:
## Overall Comments
- Consider extracting the “An ingested SBOM {string} is available” step into a shared module rather than duplicating it under both sbom-explorer and sbom-search so it can be reused across directories.
- The `User visits SBOM details Page of {string}` step assigns to `_sbomDetailsPage` without using it—either consume the returned page object or remove the unused variable to improve clarity.
- The xpath-based check in the sbom-search vulnerability step feels brittle; consider adding a helper on `SbomListPage` or using a more stable selector to assert non-zero vulnerabilities.

---

Sourcery is free for open source - if you like our reviews please consider sharing them ✨

• X
• Mastodon
• LinkedIn
• Facebook

_{Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.}

[carlosthe19916]

Converting it to draft until tests pass in ci

[sourcery-ai]

Hey there - I've reviewed your changes - here's some feedback:

• The sbom-search feature scenarios never navigate to the SBOM search page before applying filters—add an explicit ‘When User visits SBOM search page’ step to ensure tests run in the correct context.
• You have duplicate step definitions for ingesting and checking SBOM vulnerabilities in both @sbom-explorer and @sbom-search; extract these into a shared step module to reduce maintenance overhead.
• Have SbomDetailsPage.build assert a key element (like the page title or an info tab) is visible after navigation so failures are caught early and tests don't silently proceed on the wrong page.

Prompt for AI Agents

Please address the comments from this code review:
## Overall Comments
- The sbom-search feature scenarios never navigate to the SBOM search page before applying filters—add an explicit ‘When User visits SBOM search page’ step to ensure tests run in the correct context.
- You have duplicate step definitions for ingesting and checking SBOM vulnerabilities in both @sbom-explorer and @sbom-search; extract these into a shared step module to reduce maintenance overhead.
- Have SbomDetailsPage.build assert a key element (like the page title or an info tab) is visible after navigation so failures are caught early and tests don't silently proceed on the wrong page.

## Individual Comments

### Comment 1
<location> `e2e/tests/ui/features/@sbom-search/sbom-search.step.ts:24` </location>
<code_context>
   },
 );

-Given(
-  "An ingested SBOM {string} containing Vulnerabilities",
-  async ({ page }, sbomName) => {
-    const element = page.locator(
-      `xpath=(//tr[contains(.,'${sbomName}')]/td[@data-label='Vulnerabilities']/div)[1]`,
-    );
-    await expect(element, "SBOM have no vulnerabilities").toHaveText(
-      /^(?!0$).+/,
</code_context>

<issue_to_address>
Vulnerability presence check should include zero-vulnerability scenario.

Please add a test case for an SBOM with zero vulnerabilities to verify the UI handles this scenario correctly.
</issue_to_address>

<suggested_fix>
<<<<<<< SEARCH
Given(
  "An ingested SBOM {string} containing Vulnerabilities",
  async ({ page }, sbomName) => {
    const element = page.locator(
      `xpath=(//tr[contains(.,'${sbomName}')]/td[@data-label='Vulnerabilities']/div)[1]`,
    );
    await expect(element, "SBOM have no vulnerabilities").toHaveText(
      /^(?!0$).+/,
    );
  },
);
=======
Given(
  "An ingested SBOM {string} containing Vulnerabilities",
  async ({ page }, sbomName) => {
    const element = page.locator(
      `xpath=(//tr[contains(.,'${sbomName}')]/td[@data-label='Vulnerabilities']/div)[1]`,
    );
    await expect(element, "SBOM have no vulnerabilities").toHaveText(
      /^(?!0$).+/,
    );
  },
);

Given(
  "An ingested SBOM {string} containing zero Vulnerabilities",
  async ({ page }, sbomName) => {
    const element = page.locator(
      `xpath=(//tr[contains(.,'${sbomName}')]/td[@data-label='Vulnerabilities']/div)[1]`,
    );
    await expect(element, "SBOM should show zero vulnerabilities").toHaveText(
      /^0$/,
    );
  },
);
>>>>>>> REPLACE

</suggested_fix>

---

Sourcery is free for open source - if you like our reviews please consider sharing them ✨

• X
• Mastodon
• LinkedIn
• Facebook

_{Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.}

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 61.05%. Comparing base (be801ba) to head (60c2318).

Additional details and impacted files

@@            Coverage Diff             @@
##             main     #724      +/-   ##
==========================================
- Coverage   62.03%   61.05%   -0.98%     
==========================================
  Files         156      156              
  Lines        2655     2655              
  Branches      601      601              
==========================================
- Hits         1647     1621      -26     
- Misses        778      802      +24     
- Partials      230      232       +2     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.