repo-trust 0.1.1

A command-line tool that tells you whether an open-source repository deserves your trust — beyond the star count.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34

//! Build the human-friendly explanation list (top strengths, top concerns)
//! from the full evidence vector.

use crate::models::{EvidenceItem, Verdict};

/// Pick the top N positive and concerning evidence items, in deterministic
/// order. Used for the headline section of every report.
#[must_use]
pub fn top_strengths_and_concerns(
    evidence: &[EvidenceItem],
    n: usize,
) -> (Vec<EvidenceItem>, Vec<EvidenceItem>) {
    let mut strengths: Vec<&EvidenceItem> = evidence
        .iter()
        .filter(|e| matches!(e.verdict, Verdict::Positive))
        .collect();
    let mut concerns: Vec<&EvidenceItem> = evidence
        .iter()
        .filter(|e| matches!(e.verdict, Verdict::Concerning | Verdict::HighRisk))
        .collect();

    // Deterministic order: by (module, code).
    strengths.sort_by(|a, b| {
        (a.module.as_str(), a.code.as_str()).cmp(&(b.module.as_str(), b.code.as_str()))
    });
    concerns.sort_by(|a, b| {
        (a.module.as_str(), a.code.as_str()).cmp(&(b.module.as_str(), b.code.as_str()))
    });

    (
        strengths.into_iter().take(n).cloned().collect(),
        concerns.into_iter().take(n).cloned().collect(),
    )
}