Update Locky ransomware event level to High (#758)

[octoaide]

Summary

Update the Locky ransomware event level in review-web from Medium to High to match the definition in review-database.

What I changed

• Added a High variant to the ThreatLevel enum (src/graphql/event.rs).
• Updated LockyRansomware::level() to return ThreatLevel::High (src/graphql/event/dns.rs).
• Added an entry to CHANGELOG.md documenting the change.

Files modified

• src/graphql/event.rs
• src/graphql/event/dns.rs
• CHANGELOG.md

Why

The Locky ransomware event was defined as High in review-database but remained Medium in review-web. This PR brings review-web into alignment so event levels are consistent across the system.

Verification

• Project builds successfully (cargo build).
• All tests pass (cargo test --all-features).
• Clippy and markdown lint checks passed.

Closes #758

Issue: #758

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 75.91%. Comparing base (f2d6adc) to head (4253846).
⚠️ Report is 2 commits behind head on main.

Additional details and impacted files

@@           Coverage Diff           @@
##             main     #759   +/-   ##
=======================================
  Coverage   75.91%   75.91%           
=======================================
  Files          72       72           
  Lines       19935    19935           
=======================================
  Hits        15134    15134           
  Misses       4801     4801           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[Goder-0]

@octoaide In addition to the locky ransomware event, could you also update the LdapPlainText event level to Medium?

[octoaide]

I reviewed your comment and made the requested change.

I updated the LdapPlainText event threat level from ThreatLevel::Low to ThreatLevel::Medium in src/graphql/event/ldap.rs (around line 311). I also added a CHANGELOG entry noting the update.

I committed and pushed these changes. Verification checks: markdownlint passed, cargo build succeeded, and all 140 tests passed. I iterated on this twice to ensure everything was correct.

Thanks for the note — the LdapPlainText level is now set to Medium and documented.

[sehkone]

@Goder-0 @sophie-cluml,

I’d like to ask you to reconsider whether this approach is the best one. It doesn’t look ideal to me, since it requires manual updates whenever review-database changes its level values. If you’re planning to revise the structure, we could treat this approach as a temporary measure.

[Goder-0]

@Goder-0 @sophie-cluml,

I’d like to ask you to reconsider whether this approach is the best one. It doesn’t look ideal to me, since it requires manual updates whenever review-database changes its level values. If you’re planning to revise the structure, we could treat this approach as a temporary measure.

I agree with your concern, and this change is intended as a temporary workaround.
Since aicers/review-database#489 is currently open, this PR temporarily addresses the value inconsistency during the transition period.
After the underlying structure is revised, this logic can be cleaned up.

[sophie-cluml]

This PR is only a temporary measure for the upcoming release.

[sophie-cluml]

@Goder-0 Could you rebase please?

[Goder-0]

Rebase completed.