sharang/compliance-scanner-agent

feat: per-repo issue tracker, Gitea support, PR review pipeline #10

Merged

sharang merged 7 commits from feat/per-repo-tracker-config into main

2026-03-11 12:14:00 +00:00

Author	SHA1	Message	Date
Sharang Parnerkar	71d8f0fd17	fix: resolve clippy too_many_arguments errors and upgrade CI to Rust 1.94 All checks were successful CI / Format (push) Successful in 2m22s Details CI / Clippy (push) Successful in 4m28s Details CI / Security Audit (push) Has been skipped Details CI / Tests (push) Has been skipped Details CI / Format (pull_request) Successful in 4s Details CI / Clippy (pull_request) Successful in 4m39s Details CI / Security Audit (pull_request) Has been skipped Details CI / Tests (pull_request) Has been skipped Details CI / Detect Changes (push) Has been skipped Details CI / Detect Changes (pull_request) Has been skipped Details CI / Deploy Dashboard (push) Has been skipped Details CI / Deploy MCP (push) Has been skipped Details CI / Deploy MCP (pull_request) Has been skipped Details CI / Deploy Agent (push) Has been skipped Details CI / Deploy Docs (push) Has been skipped Details CI / Deploy Agent (pull_request) Has been skipped Details CI / Deploy Dashboard (pull_request) Has been skipped Details CI / Deploy Docs (pull_request) Has been skipped Details Move #[allow(clippy::too_many_arguments)] to module level so it propagates through Dioxus #[server] macro expansion. Upgrade CI container from rust:1.89 to rust:1.94 to match local toolchain. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-11 12:51:15 +01:00
Sharang Parnerkar	f11e6d44cc	fix: resolve clippy errors (expect_used, manual strip_prefix) Some checks failed CI / Format (push) Successful in 4s Details CI / Clippy (pull_request) Failing after 3m10s Details CI / Detect Changes (push) Has been skipped Details CI / Detect Changes (pull_request) Has been skipped Details CI / Deploy Agent (push) Has been skipped Details CI / Clippy (push) Failing after 2m58s Details CI / Security Audit (push) Has been skipped Details CI / Tests (push) Has been skipped Details CI / Format (pull_request) Successful in 3s Details CI / Security Audit (pull_request) Has been skipped Details CI / Tests (pull_request) Has been skipped Details CI / Deploy Dashboard (push) Has been skipped Details CI / Deploy Docs (push) Has been skipped Details CI / Deploy MCP (push) Has been skipped Details CI / Deploy Agent (pull_request) Has been skipped Details CI / Deploy Dashboard (pull_request) Has been skipped Details CI / Deploy Docs (pull_request) Has been skipped Details CI / Deploy MCP (pull_request) Has been skipped Details Replace expect() calls with let-else returns in SBOM download, use strip_prefix() instead of manual slicing in extract_base_url, and suppress too_many_arguments on server function. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-11 12:06:49 +01:00
Sharang Parnerkar	0cb208408e	feat: auto-generated per-repo webhook secrets with dashboard proxy Some checks failed CI / Format (push) Successful in 5s Details CI / Clippy (push) Failing after 1m57s Details CI / Detect Changes (pull_request) Has been skipped Details CI / Deploy Agent (pull_request) Has been skipped Details CI / Deploy Dashboard (pull_request) Has been skipped Details CI / Deploy Docs (pull_request) Has been skipped Details CI / Deploy MCP (pull_request) Has been skipped Details CI / Security Audit (push) Has been skipped Details CI / Tests (push) Has been skipped Details CI / Detect Changes (push) Has been skipped Details CI / Deploy Agent (push) Has been skipped Details CI / Deploy Dashboard (push) Has been skipped Details CI / Deploy Docs (push) Has been skipped Details CI / Deploy MCP (push) Has been skipped Details CI / Format (pull_request) Successful in 8s Details CI / Clippy (pull_request) Failing after 1m53s Details CI / Security Audit (pull_request) Has been skipped Details CI / Tests (pull_request) Has been skipped Details - Auto-generate webhook_secret on repository creation (UUID-based) - Webhook routes use per-repo URLs: /webhook/{platform}/{repo_id} - Verify signatures using per-repo secret (not global env var) - Dashboard proxies webhooks to agent (agent not exposed publicly) - Edit modal shows webhook URL + secret for user to copy into Gitea - Add webhook-config API endpoint to retrieve per-repo secret - Add Gitea option to edit dialog tracker type dropdown Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-11 11:25:05 +01:00
Sharang Parnerkar	7a0a53d399	feat: implement PR review pipeline with Gitea/GitHub/GitLab webhooks Some checks failed CI / Format (push) Successful in 3s Details CI / Clippy (push) Failing after 1m50s Details CI / Security Audit (push) Has been skipped Details CI / Tests (push) Has been skipped Details CI / Detect Changes (push) Has been skipped Details CI / Deploy Agent (push) Has been skipped Details CI / Deploy Dashboard (push) Has been skipped Details CI / Deploy Docs (push) Has been skipped Details CI / Deploy MCP (push) Has been skipped Details On PR open/sync, webhook triggers incremental scan: runs semgrep on changed files + LLM code review on the diff, then posts review comments via the configured tracker. Adds Gitea webhook handler with HMAC-SHA256 verification, and wires up the previously stubbed GitHub/GitLab PR handlers. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-11 11:02:25 +01:00
Sharang Parnerkar	9e5342bfd6	fix: Gitea labels as body text, demote parse log to debug Some checks failed CI / Format (push) Successful in 4s Details CI / Clippy (push) Failing after 1m46s Details CI / Security Audit (push) Has been skipped Details CI / Tests (push) Has been skipped Details CI / Detect Changes (push) Has been skipped Details CI / Deploy Agent (push) Has been skipped Details CI / Deploy Dashboard (push) Has been skipped Details CI / Deploy Docs (push) Has been skipped Details CI / Deploy MCP (push) Has been skipped Details Gitea API expects label IDs (integers), not names. Append label names to the issue body instead. Also lower "Parsing file" log from info to debug to reduce noise. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-11 10:53:43 +01:00
Sharang Parnerkar	570e3c5c9e	feat: implement Stage 6 issue creation in scan pipeline Some checks failed CI / Format (push) Successful in 4s Details CI / Clippy (push) Failing after 1m52s Details CI / Security Audit (push) Has been skipped Details CI / Tests (push) Has been skipped Details CI / Detect Changes (push) Has been skipped Details CI / Deploy Agent (push) Has been skipped Details CI / Deploy Dashboard (push) Has been skipped Details CI / Deploy Docs (push) Has been skipped Details CI / Deploy MCP (push) Has been skipped Details After scan findings are persisted, Stage 6 now creates issues in the configured tracker (GitHub/GitLab/Gitea/Jira) for new findings with severity >= Medium. Includes fingerprint-based dedup, per-repo token fallback to global config, and formatted markdown issue bodies. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-11 10:41:28 +01:00
Sharang Parnerkar	a4415dd94c	feat: add per-repository issue tracker config with Gitea support Some checks failed CI / Clippy (push) Failing after 3m12s Details CI / Security Audit (push) Has been skipped Details CI / Tests (push) Has been skipped Details CI / Detect Changes (push) Has been skipped Details CI / Deploy Agent (push) Has been skipped Details CI / Deploy Dashboard (push) Has been skipped Details CI / Deploy Docs (push) Has been skipped Details CI / Deploy MCP (push) Has been skipped Details CI / Format (push) Successful in 5s Details Add ability to configure issue tracker (GitHub, GitLab, Gitea, Jira) per repository at creation time and edit later via PATCH endpoint. Includes new Gitea tracker implementation, edit modal in dashboard, and tracker_token field on the repository model. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-11 10:26:54 +01:00