Surface scanner version on security tab

apps/registry/src/routes/packages.ts

@@ -607,10 +607,15 @@ export const packageRoutes: FastifyPluginAsync = async (fastify) => {
           remediation: (f['remediation'] as string) ?? null,
         }));
 
+      // Extract scanner version from report metadata
+      const scanMeta = report?.['scan'] as Record<string, unknown> | undefined;
+      const scannerVersion = (scanMeta?.['scanner_version'] as string) ?? null;
+
       return {
         status: scan['status'],
         risk_score: scan['riskScore'],
         scanned_at: scan['completedAt'],
+        scanner_version: scannerVersion,
         certification: scan['certificationLevel'] !== null ? {
           level: scan['certificationLevel'],
           level_name: getCertificationLevelName(scan['certificationLevel'] as number | null),

apps/registry/src/schemas/generated/api-responses.ts

@@ -61,6 +61,7 @@ export const SecurityScanSchema = z.object({
   status: z.enum(['pending', 'scanning', 'completed', 'failed']),
   risk_score: z.enum(['CRITICAL', 'HIGH', 'MEDIUM', 'LOW']).nullable(),
   scanned_at: z.union([z.string(), z.date()]).nullable(),
+  scanner_version: z.string().nullable().optional(),
   certification: CertificationSchema.nullable().optional(),
   summary: z.object({
     components: z.number(),

apps/web/src/components/SecurityReportSection.tsx

@@ -44,6 +44,7 @@ interface SecurityScan {
   status: 'pending' | 'scanning' | 'completed' | 'failed';
   risk_score: 'CRITICAL' | 'HIGH' | 'MEDIUM' | 'LOW' | null;
   scanned_at: string | Date | null;
+  scanner_version?: string | null;
   certification?: Certification | null;
   summary?: SecurityScanSummary;
   scans?: Record<string, ScanResult>;
@@ -227,6 +228,12 @@ export default function SecurityReportSection({ securityScan, version }: Props)
               )}
               <span className="text-mpak-gray-300">|</span>
               <span>Scanned {formatDate(securityScan.scanned_at)}</span>
+              {securityScan.scanner_version && (
+                <>
+                  <span className="text-mpak-gray-300">|</span>
+                  <span>Scanner v{securityScan.scanner_version}</span>
+                </>
+              )}
             </div>
           </div>
         </div>

apps/web/src/schemas/generated/api-responses.ts

@@ -96,6 +96,7 @@ export const SecurityScanSchema = z.object({
   status: z.enum(['pending', 'scanning', 'completed', 'failed']),
   risk_score: z.enum(['CRITICAL', 'HIGH', 'MEDIUM', 'LOW']).nullable(),
   scanned_at: z.union([z.string(), z.date()]).nullable(),
+  scanner_version: z.string().nullable().optional(),
   certification: CertificationSchema.nullable().optional(),
   summary: z.object({
     components: z.number(), // Total SBOM components

packages/schemas/src/api-responses.ts

@@ -111,6 +111,7 @@ export const SecurityScanSchema = z.object({
   status: z.enum(["pending", "scanning", "completed", "failed"]),
   risk_score: z.enum(["CRITICAL", "HIGH", "MEDIUM", "LOW"]).nullable(),
   scanned_at: z.union([z.string(), z.date()]).nullable(),
+  scanner_version: z.string().nullable().optional(),
   certification: CertificationSchema.nullable().optional(),
   summary: z
     .object({