wire up status buttons, fix UI lag, and resolve Radix warnings

[lakshay122007]

Before opening: make sure there is an issue tracking this work, and link it below. PRs without a linked issue may be closed without review.

Linked issue

Closes #139

What this PR does

This PR resolves the issue where the "Accept Risk" and "Ignore Finding" buttons were permanently disabled. It builds the complete end-to-end flow by introducing a new PATCH /findings/{id}/status backend endpoint and wiring the frontend UI to interact with it. It introduces loading states, toggle logic (e.g., clicking "Accepted" reverts it to "Open"), and instantly updates the local React state without requiring a page reload.

Additionally, this PR addresses two major performance/stability bugs discovered during implementation:

1. React DOM Lag: Capped the background table rendering to 150 items to prevent the browser from freezing during massive state repaints.
2. Radix UI Errors: Replaced the manual DOM injection with the official shadcn/ui <SheetDescription> component to completely silence strict accessibility console warnings.

Type of change

• Bug fix
• New feature
• ML model / training pipeline
• Refactor (no behaviour change)
• Documentation
• Tests only

ML tier (if applicable)

• Tier 1 — Triage
• Tier 2 — Predictive
• Tier 3 — Autonomous
• Not ML-related

Stack affected

• Backend
• Frontend
• Both

---

Changes

Backend

• backend/app/main.py: Added the PATCH /findings/{finding_id}/status route with error handling and validation. Includes a failsafe auto-migration block to append the status column to existing SQLite databases if missing.
• backend/app/models.py: Added the FindingStatusUpdate Pydantic model to validate the incoming JSON payload.

Frontend

• frontend/src/app/lib/api.ts: Added the updateFindingStatus API client function.
• frontend/src/app/pages/findings.tsx:
  • Wired the "Accept Risk" and "Ignore Finding" buttons with onClick handlers, loading spinners, and state-reversion logic.
  • Added .slice(0, 150) to the filteredFindings.map loops to massively improve rendering performance on large datasets.
  • Imported and applied <SheetDescription> to satisfy Radix UI accessibility requirements and clear the Missing 'Description' and Function components cannot be given refs console errors.

New dependencies

Database / schema changes

• The findings table now utilizes a status column. A safe ALTER TABLE execution block was added to the PATCH route to dynamically migrate older local SQLite databases without crashing.

---

Testing

How did you test this?

Tested locally end-to-end. Uploaded a mock repository to generate a large dataset of findings. Verified that clicking the status buttons correctly triggers the PATCH request without 422 Unprocessable Entity errors, instantly updates the UI state (turning badges green/gray), and handles reverting back to "Open". Verified that the browser no longer lags when updating state, and confirmed the Chrome Developer Console is completely free of Radix UI accessibility warnings.

Checklist

• Tested locally end-to-end (upload ZIP or GitHub URL → scan → findings returned correctly)
• New ML model falls back gracefully when model file is absent
• No new console.error or unhandled Python exceptions introduced
• Added or updated tests where applicable
• requirements.txt / package.json updated if new dependencies added
• New model files (.pkl, .pt, etc.) are gitignored, not committed

---

Anything reviewers should focus on

Pay attention to the .slice(0, 150) addition in findings.tsx. This acts as a lightweight virtualization to prevent the DOM from choking on 1,700+ rows. The search and filter functions still evaluate the entire array in memory, so functionality is untouched, but the DOM payload is significantly reduced.

Screenshots (if UI changed)

(Status buttons now feature dynamic colors, loading spinners, and text toggles when clicked. Console is clean.)

[lakshay122007]

hello @ionfwsrijan Please review it and let me knowif any change required. thanks!