Module: Update Holoscan Sensor Bridge pin and accompanying website rendering

[tbirdso]

Background

Holoscan Sensor Bridge latest top-of-tree development adds descriptive module.json at the project root.

Changes

• Update the Holoscan Sensor Bridge pin to the latest "2.6.0" top-of-tree revision. This picks up latest development along with the "metadata.json" descriptor.
• Update Holoscan Ecosystem Modules page modules card rendering for Sensor Bridge details presentation. Fixes checkout from recent SHA, and moves full operator list presentation from module card to module details page to avoid overflowing the visual element. Fix quality score to "5".

Summary by CodeRabbit

• New Features

  • Module pages now display operator information with decorated metadata headers
  • Module index cards show operator badges with overflow indicators for multiple operators

• Updates

  • holoscan-sensor-bridge module reference and quality score updated

[greptile-apps]

Greptile Summary

This PR updates the holoscan-sensor-bridge module pin from the named tag 2.6.0-EA2 to a specific commit SHA and bumps its quality score to 5, while also improving the website rendering of module cards and detail pages.

• clone_module.py: Replaces the init+fetch+checkout flow with a blobless partial clone (--filter=blob:none --no-checkout) to work around GitHub's rejection of bare-SHA shallow fetches; the clone step gets a 300 s timeout but the subsequent git checkout step — where blobs are actually lazy-fetched — has no timeout.
• generate_module_pages.py: Adds operator list to the module detail metadata header and caps card view at 2 operator badges with a "+N more" overflow pill, preventing card overflow for operator-heavy modules like holoscan-sensor-bridge.
• modules/module-sites.json: Bumps the sensor-bridge ref to c34f9fe876... and quality score from 1 → 5.

Confidence Score: 4/5

Safe to merge for the JSON and rendering changes; the clone script has one unguarded network call that can stall a website build indefinitely on a slow connection.

The git checkout ref step in the new blobless-clone path downloads all required blobs but carries no timeout, while every other subprocess call in the file is guarded. On a slow network or large repo this step can block a CI build indefinitely with no way to surface or recover from the hang.

doc/website/scripts/clone_module.py — the git checkout ref call at line 62 needs a timeout to match the rest of the file.

Important Files Changed

Filename	Overview
doc/website/scripts/clone_module.py	Switches SHA checkout from init+fetch to blobless partial clone; the clone step gains a 300 s timeout but the git checkout ref step (where blobs are actually downloaded) has no timeout, leaving the build potentially hanging.
doc/website/scripts/generate_module_pages.py	Adds operator list to module detail metadata header and limits card view to 2 operators with a "+N more" overflow badge; logic is correct (negative overflow correctly suppressed by > 0 guard).
modules/module-sites.json	Updates holoscan-sensor-bridge ref from named tag 2.6.0-EA2 to full commit SHA and bumps quality score from 1 to 5 to match the new module.json descriptor.

Sequence Diagram

%%{init: {'theme': 'neutral'}}%%
sequenceDiagram
    participant WB as Website Build
    participant CM as clone_module.py
    participant GH as GitHub

    WB->>CM: clone_external_module(url, sha_ref)
    CM->>GH: "git clone --filter=blob:none --no-checkout (timeout 300s)"
    GH-->>CM: commit graph, no blobs
    CM->>GH: git checkout sha (no timeout)
    GH-->>CM: lazily fetch required blobs
    CM-->>WB: clone_path, tmp_dir

    Note over WB,GH: Named-tag or branch path
    WB->>CM: clone_external_module(url, tag_ref)
    CM->>GH: "git clone --depth=1 --branch tag (timeout 120s)"
    GH-->>CM: shallow clone with blobs
    CM-->>WB: clone_path, tmp_dir

Loading

%%{init: {'theme': 'base', 'themeVariables': {"darkMode": true, "background": "#0d1117", "primaryColor": "#21262d", "primaryTextColor": "#e6edf3", "primaryBorderColor": "#8b949e", "lineColor": "#8b949e", "textColor": "#e6edf3", "edgeLabelBackground": "#161b22", "actorBkg": "#21262d", "actorBorder": "#8b949e", "actorTextColor": "#e6edf3", "actorLineColor": "#8b949e", "signalColor": "#8b949e", "signalTextColor": "#e6edf3", "noteBkgColor": "#373320", "noteBorderColor": "#d4a72c", "noteTextColor": "#f0e6c0", "labelBoxBkgColor": "#21262d", "labelBoxBorderColor": "#8b949e", "labelTextColor": "#e6edf3", "loopTextColor": "#e6edf3", "activationBkgColor": "#30363d", "activationBorderColor": "#8b949e"}}}%%
sequenceDiagram
    participant WB as Website Build
    participant CM as clone_module.py
    participant GH as GitHub

    WB->>CM: clone_external_module(url, sha_ref)
    CM->>GH: "git clone --filter=blob:none --no-checkout (timeout 300s)"
    GH-->>CM: commit graph, no blobs
    CM->>GH: git checkout sha (no timeout)
    GH-->>CM: lazily fetch required blobs
    CM-->>WB: clone_path, tmp_dir

    Note over WB,GH: Named-tag or branch path
    WB->>CM: clone_external_module(url, tag_ref)
    CM->>GH: "git clone --depth=1 --branch tag (timeout 120s)"
    GH-->>CM: shallow clone with blobs
    CM-->>WB: clone_path, tmp_dir

Loading

Comments Outside Diff (1)

1. doc/website/scripts/clone_module.py, line 61-66 (link)

   The git checkout step is where blobless partial-clone lazy blob fetching actually happens — every file referenced by the target commit is downloaded here. This is the most network-intensive operation in the path, yet it is the only subprocess call without a timeout. On a slow network or for a large repo (like holoscan-sensor-bridge with its 20+ operators), this can hang a website build indefinitely. The preceding clone step has a 300 s guard; the checkout step should have at least the same.

_{Reviews (3): Last reviewed commit: "Merge branch 'main' into update-sensor-b..." | Re-trigger Greptile}

[coderabbitai]

Walkthrough

The PR improves module tooling and display infrastructure by addressing shallow fetch issues in the module cloning function, adding operator metadata to module pages with smart badge truncation in index cards, and updating the holoscan-sensor-bridge module configuration with a new commit ref and quality score.

Changes

Module documentation and tooling enhancements

Layer / File(s)	Summary
Git clone strategy improvement for shallow fetch issues doc/website/scripts/clone_module.py	The clone_external_module() function replaces shallow fetching (git init + git fetch --depth=1 + checkout FETCH_HEAD) with a blobless partial clone strategy (git clone --filter=blob:none --no-checkout + explicit checkout ref) and extends the clone timeout to 300s to accommodate the new approach.
Operator metadata extraction and header display doc/website/scripts/generate_module_pages.py	Module metadata header now includes an "Operators" entry derived from operator_names in module metadata, formatted as a comma-separated string and rendered as a new octicons-decorated metadata row.
Operator badge limiting in module index cards doc/website/scripts/generate_module_pages.py	Module card rendering limits operator badge display to the first two operators; additional operators are summarized with a +{overflow} more badge instead of rendering all badges.
holoscan-sensor-bridge module configuration update modules/module-sites.json	The holoscan-sensor-bridge module entry is updated with a new commit SHA ref (replacing the 2.6.0-EA2 tag) and its nvidia_quality_score increased from 1 to 5.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~12 minutes

Possibly related PRs

• nvidia-holoscan/holohub#1594: Both PRs update modules/module-sites.json for the holoscan-sensor-bridge entry by pinning its Git ref and adjusting its nvidia_quality_score.
• nvidia-holoscan/holohub#1585: Both PRs modify doc/website/scripts/clone_module.py's clone_external_module() to change how git refs/commit-SHAs are fetched/checked out (the main PR switches to blobless partial clones, while the retrieved PR adds explicit full-SHA detection with git init + fetch + checkout FETCH_HEAD).

Suggested reviewers

• jjomier
• wyli
• bhashemian

🚥 Pre-merge checks | ✅ 4

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title clearly summarizes the main changes: updating the Holoscan Sensor Bridge pin/version and fixing related website rendering for operator display.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (2)

doc/website/scripts/generate_module_pages.py (1)

363-363: ⚠️ Potential issue | 🟡 Minor | ⚡ Quick win

Handle potential None value for operator_names.

If the module metadata contains "operator_names": null (explicitly null rather than missing), this list comprehension will raise a TypeError when attempting to iterate over None. Lines 272-273 handle this case safely by checking if operator_names, but this code does not.

🛡️ Defensive fix

-    operators = [html.escape(str(op)) for op in metadata_module.get("operator_names", [])]
+    operators = [html.escape(str(op)) for op in (metadata_module.get("operator_names") or [])]

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@doc/website/scripts/generate_module_pages.py` at line 363,
metadata_module.get("operator_names") can be None which causes the list
comprehension building operators to fail; change the code to safely handle a
None by coercing operator_names to an empty list before iterating (e.g.,
operator_names = metadata_module.get("operator_names") or []), then compute
operators = [html.escape(str(op)) for op in operator_names]; this keeps the
existing html.escape/str usage and the operators variable name intact.

doc/website/scripts/clone_module.py (1)

44-45: 🛠️ Refactor suggestion | 🟠 Major | ⚡ Quick win

Update docstring to reflect the new blobless clone strategy.

The docstring still describes the old init+fetch+checkout approach, but the implementation now uses a blobless partial clone (--filter=blob:none --no-checkout) followed by an explicit checkout.

📝 Proposed docstring fix

     Accepts branch names, annotated tags, or full 40-character commit SHAs.
-    Commit SHAs are fetched via init+fetch+checkout rather than --branch, which
-    only accepts named refs.
+    Commit SHAs are fetched via blobless partial clone (--filter=blob:none) to avoid
+    GitHub's shallow-fetch restrictions, then checked out explicitly. Named refs use
+    shallow clone (--depth=1 --branch).

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@doc/website/scripts/clone_module.py` around lines 44 - 45, Update the
docstring to describe the current blobless partial clone strategy: replace the
old "init+fetch+checkout" wording with a clear description that the
implementation performs a partial clone using git clone --filter=blob:none
--no-checkout (to avoid blobs), then explicitly fetch and checkout the desired
commit SHA(s) or refs; mention the use of commit SHAs and that checkout is
performed after the partial clone. Locate and edit the top-level module or the
clone function docstring (e.g., the clone_repo/clone_module function) to include
the exact flags (--filter=blob:none --no-checkout) and the sequence: partial
clone → fetch specific commits/refs → explicit checkout.

🧹 Nitpick comments (3)

doc/website/scripts/generate_module_pages.py (1)

380-393: 💤 Low value

Consider adding a comment to explain the 2-operator limit.

The badge limiting logic is correct but would benefit from a brief inline comment explaining why the first two operators are shown and overflow is calculated.

📝 Suggested comment

+    # Limit operator badges to first 2 operators; show "+N more" for overflow
     preview_ops = operators[:2]
     overflow = len(operators) - 2

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@doc/website/scripts/generate_module_pages.py` around lines 380 - 393, The
code builds operator badges showing only the first two operators using
preview_ops = operators[:2] and computes overflow = len(operators) - 2; add a
brief inline comment above that block explaining the reason for the 2-operator
limit (e.g., to keep the UI compact and show a "+N more" indicator), referencing
preview_ops, overflow, and operator_badges so future readers understand why only
two operators are displayed and why overflow is calculated.

doc/website/scripts/clone_module.py (2)

68-74: 💤 Low value

Consider aligning the timeout for named-ref clones.

The SHA-based clone uses a 300s timeout (line 59), while the named-ref clone uses 120s. If the timeout increase was motivated by larger repository sizes, named refs might benefit from the same extension. If the difference is intentional (blobless clones are expected to take longer), consider adding a comment explaining the rationale.

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@doc/website/scripts/clone_module.py` around lines 68 - 74, The named-ref git
clone call using subprocess.run([... "--branch", ref, ...], timeout=120) should
use the same 300s timeout as the SHA-based clone (or document why they differ);
update the timeout argument from 120 to 300 in the subprocess.run invocation
(the call that references _GIT, "clone", "--branch", ref, url, str(clone_path))
or add a brief comment explaining the intentional difference.

---

51-53: 💤 Low value

Minor: Consider refining the comment about GitHub's shallow fetch behavior.

The comment mentions "empty repos," but the underlying issue is that GitHub's shallow fetch protocol requires local ref tips to prove commit reachability. This fails when fetching a bare SHA with no existing local refs, regardless of whether the remote repo is empty.

🔍 Suggested refinement

-        # GitHub rejects bare-SHA shallow fetches from empty repos (no local tips to prove
-        # reachability). Use a blobless partial clone instead: downloads the full commit graph
+        # GitHub rejects bare-SHA shallow fetches when there are no local refs to prove
+        # reachability. Use a blobless partial clone instead: downloads the full commit graph
         # without file content, then lazily fetches only the blobs needed for the target commit.

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@doc/website/scripts/clone_module.py` around lines 51 - 53, Update the inline
comment that currently reads "GitHub rejects bare-SHA shallow fetches from empty
repos..." to say that GitHub's shallow-fetch protocol requires local ref tips to
prove commit reachability, so attempting to fetch a bare SHA fails when there
are no local refs (not only when the remote is empty); locate the comment
starting "GitHub rejects bare-SHA shallow fetches..." in the blobless partial
clone explanatory block and replace it with this refined phrasing to accurately
describe the reachability requirement.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@modules/module-sites.json`:
- Around line 15-18: Update the holoscan-sensor-bridge entry to document why
nvidia_quality_score was raised from 1 to 5: in the modules/module-sites.json
entry for "holoscan-sensor-bridge" (ref
c34f9fe876462e2fa83877527f86fe0427346cc0) add a brief rationale comment or
metadata field explaining the change (e.g., tests passed, security review, API
stability, or upstream verification that the pinned SHA matches main/HEAD and
fixes prior issues) and reference any verification artifacts (CI run IDs, test
results, or review ticket) used to justify the higher score so reviewers can
validate the rationale.

---

Outside diff comments:
In `@doc/website/scripts/clone_module.py`:
- Around line 44-45: Update the docstring to describe the current blobless
partial clone strategy: replace the old "init+fetch+checkout" wording with a
clear description that the implementation performs a partial clone using git
clone --filter=blob:none --no-checkout (to avoid blobs), then explicitly fetch
and checkout the desired commit SHA(s) or refs; mention the use of commit SHAs
and that checkout is performed after the partial clone. Locate and edit the
top-level module or the clone function docstring (e.g., the
clone_repo/clone_module function) to include the exact flags (--filter=blob:none
--no-checkout) and the sequence: partial clone → fetch specific commits/refs →
explicit checkout.

In `@doc/website/scripts/generate_module_pages.py`:
- Line 363: metadata_module.get("operator_names") can be None which causes the
list comprehension building operators to fail; change the code to safely handle
a None by coercing operator_names to an empty list before iterating (e.g.,
operator_names = metadata_module.get("operator_names") or []), then compute
operators = [html.escape(str(op)) for op in operator_names]; this keeps the
existing html.escape/str usage and the operators variable name intact.

---

Nitpick comments:
In `@doc/website/scripts/clone_module.py`:
- Around line 68-74: The named-ref git clone call using subprocess.run([...
"--branch", ref, ...], timeout=120) should use the same 300s timeout as the
SHA-based clone (or document why they differ); update the timeout argument from
120 to 300 in the subprocess.run invocation (the call that references _GIT,
"clone", "--branch", ref, url, str(clone_path)) or add a brief comment
explaining the intentional difference.
- Around line 51-53: Update the inline comment that currently reads "GitHub
rejects bare-SHA shallow fetches from empty repos..." to say that GitHub's
shallow-fetch protocol requires local ref tips to prove commit reachability, so
attempting to fetch a bare SHA fails when there are no local refs (not only when
the remote is empty); locate the comment starting "GitHub rejects bare-SHA
shallow fetches..." in the blobless partial clone explanatory block and replace
it with this refined phrasing to accurately describe the reachability
requirement.

In `@doc/website/scripts/generate_module_pages.py`:
- Around line 380-393: The code builds operator badges showing only the first
two operators using preview_ops = operators[:2] and computes overflow =
len(operators) - 2; add a brief inline comment above that block explaining the
reason for the 2-operator limit (e.g., to keep the UI compact and show a "+N
more" indicator), referencing preview_ops, overflow, and operator_badges so
future readers understand why only two operators are displayed and why overflow
is calculated.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 58b252ee-a9a4-45f6-aa24-f303ca79fdd6

📥 Commits

Reviewing files that changed from the base of the PR and between c45f225 and 1141191.

📒 Files selected for processing (3)

• doc/website/scripts/clone_module.py
• doc/website/scripts/generate_module_pages.py
• modules/module-sites.json