Add management command to detect non-compliant project levels and apply score penalty

[anurag2787]

Proposed change

This PR adds a management command that periodically compares local project levels with the official project_levels.json if a mismatch is found, the project is marked as non-compliant and a penalty is applied to its health score.

Resolves #2039

Checklist

• Required: I followed the contributing workflow
• Required: I verified that my code works as intended and resolves the issue as described
• Required: I ran make check-test locally: all warnings addressed, tests passed
• I used AI for code, documentation, tests, or communication related to this PR

[coderabbitai]

Summary by CodeRabbit

• New Features
  • Added ability to track OWASP level compliance status for projects.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

Walkthrough

This PR introduces a database schema change to support project-level compliance tracking by adding a new boolean field (is_level_compliant) to the Project model via Django migration. A trivial test file formatting change is also included.

Changes

Cohort / File(s)	Summary
Database Schema backend/apps/owasp/migrations/0071_project_is_level_compliant.py	Adds is_level_compliant BooleanField to Project model with default value True and descriptive label.
Test File backend/tests/apps/owasp/management/commands/owasp_update_project_health_scores_test.py	Trivial formatting change with no functional impact; no observable behavior modification.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~5 minutes

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Linked Issues check	⚠️ Warning	The PR partially addresses the requirements but the changeset is insufficient. It adds only a migration file and a minor test file change, lacking the actual management command implementation, score calculation updates, and comprehensive test coverage needed to fully resolve issue #2039.	Implement the management command to fetch project_levels.json, add the comparison logic, update score calculation with penalty weights, and add thorough tests for detection and scoring adjustments.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title 'Add management command to detect non-compliant project levels and apply score penalty' directly aligns with the main objective of the PR, which is to add a management command for detecting and flagging non-compliant projects.
Description check	✅ Passed	The PR description clearly describes the proposed change: a management command that compares local project levels with official project_levels.json and marks non-compliant projects while applying a penalty to health scores.
Out of Scope Changes check	✅ Passed	The changes are limited to a migration file adding the is_level_compliant field and a test file modification. Both are directly related to the PR objectives and issue requirements, with no out-of-scope alterations detected.
Docstring Coverage	✅ Passed	Docstring coverage is 95.00% which is sufficient. The required threshold is 80.00%.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Fix all issues with AI agents

In
`@backend/tests/apps/owasp/management/commands/owasp_update_project_health_scores_test.py`:
- Line 84: Add a trailing newline at the end of the test file
owasp_update_project_health_scores_test.py (the file containing the assertion
"assert 'Updating score for project: Test Project' in self.stdout.getvalue()")
so the file ends with a newline character to satisfy Ruff W292; simply ensure
the final line is terminated with '\n' and commit the change.

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

Add trailing newline to satisfy Ruff W292.

Static analysis flags a missing newline at end of file.

🔧 Proposed fix

-        assert "Updating score for project: Test Project" in self.stdout.getvalue()
+        assert "Updating score for project: Test Project" in self.stdout.getvalue()
+

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	assert "Updating score for project: Test Project" in self.stdout.getvalue()
	assert "Updating score for project: Test Project" in self.stdout.getvalue()

🧰 Tools

🪛 Ruff (0.14.11)

84-84: No newline at end of file

Add trailing newline

(W292)

🤖 Prompt for AI Agents

In
`@backend/tests/apps/owasp/management/commands/owasp_update_project_health_scores_test.py`
at line 84, Add a trailing newline at the end of the test file
owasp_update_project_health_scores_test.py (the file containing the assertion
"assert 'Updating score for project: Test Project' in self.stdout.getvalue()")
so the file ends with a newline character to satisfy Ruff W292; simply ensure
the final line is terminated with '\n' and commit the change.

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud