Host Software Table: Add vulnerability filters to API and UI

[RachelElysia]

Issue

For #22445

Description

• This feature will be merged before Non-vulnerable apps showing when filtering by "Vulnerable software" on host details page #26824
• This feature is now only vuln filtering as we are removing the search filter query by CVE feature and creating a new ticket for it
  • NOTE: Search filter query by CVE feature will be added after Host details page: software vulnerability severity filters #22445 and Non-vulnerable apps showing when filtering by "Vulnerable software" on host details page #26824 to layer on the code correctly to add all 3 features
• Tests will be added with Non-vulnerable apps showing when filtering by "Vulnerable software" on host details page #26824 tests to avoid conflicts

Screenshots/screenrecordings

TODO

Checklist for submitter

If some of the following don't apply, delete the relevant line.

• Changes file added for user-visible changes in changes/, orbit/changes/ or ee/fleetd-chrome/changes
• A detailed QA plan exists on the associated ticket (if it isn't there, work with the product group's QA engineer to add it)
• Manual QA for all new/changed functionality

[codecov]

Codecov Report

Attention: Patch coverage is 19.73684% with 61 lines in your changes missing coverage. Please review.

Project coverage is 63.96%. Comparing base (129e9d5) to head (fd722f2).
Report is 111 commits behind head on main.

Files with missing lines	Patch %	Lines
...ages/hosts/details/cards/Software/HostSoftware.tsx	2.94%	33 Missing ⚠️
server/datastore/mysql/software.go	41.17%	15 Missing and 5 partials ⚠️
...s/Software/HostSoftwareTable/HostSoftwareTable.tsx	0.00%	6 Missing ⚠️
...ftwarePage/SoftwareTitles/SoftwareTable/helpers.ts	0.00%	2 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main   #26995      +/-   ##
==========================================
- Coverage   63.99%   63.96%   -0.03%     
==========================================
  Files        1695     1707      +12     
  Lines      161602   163021    +1419     
  Branches     4299     4384      +85     
==========================================
+ Hits       103412   104276     +864     
- Misses      50166    50612     +446     
- Partials     8024     8133     +109     

Flag	Coverage Δ
backend	64.74% <41.17%> (-0.02%)	⬇️
frontend	54.43% <2.38%> (-0.15%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[RachelElysia]

Heads up we are doing this order from @ksykulev in this slack thread:

What we're going to do >
Take out the software name and cve name match into a new issue
merge Rachel's PR
merge my PR (i'll do the merge conflict resolution)
work on the new issue that will add software name + cve name matching
That way the commit history makes sense. And during testing, we can test all 3 issues at once.

[ksykulev]

Nice! Looks good on a small screen as well:

[ksykulev]

Do we care about any validations on MinimumCVSS is less than MaximumCVSS?

[RachelElysia]

It'll just return no items right? I don't really care either way

[ksykulev]

Yup! It will just return 0 items. Was just curious how in depth or validations get. 👍
This is a non-blocking.

[RachelElysia]

sgtm, yeah idk, I'm not familiar with BE patterns for invalid options

[ksykulev]

tl;dr doesn't seem like we are doing any sort of intelligent validations around those values. Let's not add it here then 👍

Looking at all the other places we use MinimumCVSS and MaximumCVSS
In the datastore layer:
https://github.com/fleetdm/fleet/blob/main/server/datastore/mysql/software.go#L1489
https://github.com/fleetdm/fleet/blob/main/server/datastore/mysql/software.go#L1146
https://github.com/fleetdm/fleet/blob/main/server/datastore/mysql/software_titles.go#L108
https://github.com/fleetdm/fleet/blob/main/server/datastore/mysql/software_titles.go#L364

In the service layer:
https://github.com/fleetdm/fleet/blob/main/ee/server/service/software.go#L13
https://github.com/fleetdm/fleet/blob/main/server/service/software_titles.go#L87
https://github.com/fleetdm/fleet/blob/main/server/service/software.go#L113
https://github.com/fleetdm/fleet/blob/main/server/service/software.go#L244

[ksykulev]

These look good to me 👍

[iansltx]

One code style thing, one legit question. Otherwise LGTM on the frontend side!

[iansltx]

Suggested change

	const { available_for_install } = queryParams;
	if (available_for_install) {
	return "installableSoftware";
	}
	return "allSoftware";
	return queryParams.available_for_install ? "installableSoftware" : "allSoftware";

Non-blocking, but the one-liner seems clear enough?

[RachelElysia]

💯