Malware Reports - recording actions taken

[miketheman]

As we proceed in evolving our own Admin interface to review and act on inbound reports, here's some things that should happen.

• [x] Extend Observations to allow for additional JSONB data, such as a Help Scout conversation URL, so that we can continue to use the service as our main communications tool while we change the underlying behaviors
  • https://github.com/pypi/warehouse/pull/15759
• [x] Extend Observations to allow for actions JSONB data, such as "removed from index", "responded to reporter", etc - https://github.com/pypi/warehouse/pull/15768
• [x] Update Admin Dashboard widget to show only malware observations that have no actions (i.e. have not been acted upon) - https://github.com/pypi/warehouse/pull/15768
• [x] Update Observations model to record more than the related_id, - related_name (e.g. scamalwarespam) - https://github.com/pypi/warehouse/pull/15800
• [x] Remove the ondelete='cascade' behavior for observations, so we preserve them despite the related model being removed. - https://github.com/pypi/warehouse/pull/15816
  • This has an interesting side quest - in the event of the name being repurposed/released to another user, should observations made with the previous ID resurface? I think not, since they are no longer related, but I wanted to say that out loud.

Once these are in place, I will likely enumerate more actions for the Admin UI to take advantage of these updates.

[ewdurbin]

• [ ] Remove the ondelete='cascade' behavior for observations, so we preserve them despite the related model being removed.

  • This has an interesting side quest - in the event of the name being repurposed/released to another user, should observations made with the previous ID resurface? I think not, since they are no longer related, but I wanted to say that out loud.

Yes, you're correct here in my opinion.

[miketheman]

Closing, as all are complete, and admin UI has included many changes since.