sharang/compliance-scanner-agent
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: findings refinement, new scanners, and deployment tooling #6

Merged
sharang merged 6 commits from feat/findings-refinement into main 2026-03-09 12:53:13 +00:00
Conversation 0 Commits 6 Files Changed 40 +2048 -118
sharang commented 2026-03-09 10:06:03 +00:00
Owner
Copy Link

Summary

  • Add gitleaks secret detection, lint scanning (clippy/eslint/ruff), and LLM code review scanners to the scan pipeline
  • Enhance LLM triage with multi-action support (confirm/downgrade/upgrade/dismiss), surrounding code context, and file-path classification confidence adjustment
  • Add text search, column sorting, bulk status update, and developer feedback to findings dashboard
  • Fix BSON DateTime deserialization across all models with shared serde helpers
  • Add scan progress spinner with polling to repositories page
  • Batch OSV.dev queries to avoid rate limit errors
  • Add gitleaks, semgrep, and ruff to Dockerfile.agent for deployment

Test plan

  • Trigger a scan and verify all new stages run (secret detection, lint, code review)
  • Verify findings list search, sort, and bulk status update work
  • Verify finding detail page status refresh and developer feedback save
  • Verify scan button shows spinner and disables during scan
  • Build Dockerfile.agent and confirm gitleaks, semgrep, ruff are available

🤖 Generated with Claude Code

## Summary - Add gitleaks secret detection, lint scanning (clippy/eslint/ruff), and LLM code review scanners to the scan pipeline - Enhance LLM triage with multi-action support (confirm/downgrade/upgrade/dismiss), surrounding code context, and file-path classification confidence adjustment - Add text search, column sorting, bulk status update, and developer feedback to findings dashboard - Fix BSON DateTime deserialization across all models with shared serde helpers - Add scan progress spinner with polling to repositories page - Batch OSV.dev queries to avoid rate limit errors - Add gitleaks, semgrep, and ruff to Dockerfile.agent for deployment ## Test plan - [x] Trigger a scan and verify all new stages run (secret detection, lint, code review) - [x] Verify findings list search, sort, and bulk status update work - [x] Verify finding detail page status refresh and developer feedback save - [x] Verify scan button shows spinner and disables during scan - [x] Build Dockerfile.agent and confirm gitleaks, semgrep, ruff are available 🤖 Generated with [Claude Code](https://claude.com/claude-code)
sharang added 1 commit 2026-03-09 10:06:03 +00:00
feat: add new scanners, enhanced triage, findings refinement, and deployment tooling
Some checks failed
CI / Deploy Agent (push) Has been skipped
Details
CI / Deploy Dashboard (push) Has been skipped
Details
CI / Deploy Docs (push) Has been skipped
Details
CI / Deploy MCP (push) Has been skipped
Details
CI / Deploy Agent (pull_request) Has been skipped
Details
CI / Deploy Dashboard (pull_request) Has been skipped
Details
CI / Deploy Docs (pull_request) Has been skipped
Details
CI / Format (push) Failing after 3s
Details
CI / Clippy (push) Failing after 2m44s
Details
CI / Security Audit (push) Has been skipped
Details
CI / Tests (push) Has been skipped
Details
CI / Format (pull_request) Failing after 3s
Details
CI / Clippy (pull_request) Failing after 2m51s
Details
CI / Security Audit (pull_request) Has been skipped
Details
CI / Tests (pull_request) Has been skipped
Details
CI / Detect Changes (push) Has been skipped
Details
CI / Detect Changes (pull_request) Has been skipped
Details
CI / Deploy MCP (pull_request) Has been skipped
Details
23ba52276b 
- Add gitleaks secret detection, lint scanning (clippy/eslint/ruff), and LLM code review scanners
- Enhance LLM triage with multi-action support (confirm/downgrade/upgrade/dismiss),
  surrounding code context, and file-path classification confidence adjustment
- Add text search, column sorting, and bulk status update to findings dashboard
- Fix finding detail page status refresh and add developer feedback field
- Fix BSON DateTime deserialization across all models with shared serde helpers
- Add scan progress spinner with polling to repositories page
- Batch OSV.dev queries to avoid "Too many queries" errors
- Add gitleaks, semgrep, and ruff to Dockerfile.agent for deployment

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
sharang added 1 commit 2026-03-09 10:53:45 +00:00
feat: add private repository support with SSH key and HTTPS token auth
Some checks failed
CI / Clippy (push) Failing after 2m39s
Details
CI / Security Audit (push) Has been skipped
Details
CI / Tests (push) Has been skipped
Details
CI / Format (pull_request) Failing after 3s
Details
CI / Clippy (pull_request) Failing after 2m33s
Details
CI / Security Audit (pull_request) Has been skipped
Details
CI / Tests (pull_request) Has been skipped
Details
CI / Detect Changes (push) Has been skipped
Details
CI / Detect Changes (pull_request) Has been skipped
Details
CI / Deploy Agent (push) Has been skipped
Details
CI / Deploy Dashboard (push) Has been skipped
Details
CI / Deploy Docs (push) Has been skipped
Details
CI / Format (push) Failing after 4s
Details
CI / Deploy MCP (pull_request) Has been skipped
Details
CI / Deploy MCP (push) Has been skipped
Details
CI / Deploy Agent (pull_request) Has been skipped
Details
CI / Deploy Dashboard (pull_request) Has been skipped
Details
CI / Deploy Docs (pull_request) Has been skipped
Details
492a93a83e 
- Generate SSH ed25519 key pair on agent startup for cloning private repos via SSH
- Add GET /api/v1/settings/ssh-public-key endpoint to expose deploy key
- Add auth_token and auth_username fields to TrackedRepository model
- Wire git2 credential callbacks for both SSH and HTTPS authentication
- Validate repository access before saving (test-connect on add)
- Update dashboard add form with optional auth section showing deploy key and token fields
- Show error toast if private repo cannot be accessed

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
sharang added 1 commit 2026-03-09 11:02:34 +00:00
feat: seed default MCP servers (Findings, SBOM, DAST) on dashboard startup
Some checks failed
CI / Format (push) Failing after 3s
Details
CI / Clippy (push) Failing after 2m35s
Details
CI / Security Audit (push) Has been skipped
Details
CI / Tests (push) Has been skipped
Details
CI / Format (pull_request) Failing after 3s
Details
CI / Deploy MCP (push) Has been cancelled
Details
CI / Deploy Docs (push) Has been cancelled
Details
CI / Deploy Agent (push) Has been cancelled
Details
CI / Deploy Dashboard (push) Has been cancelled
Details
CI / Detect Changes (push) Has been cancelled
Details
CI / Clippy (pull_request) Failing after 2m40s
Details
CI / Security Audit (pull_request) Has been skipped
Details
CI / Tests (pull_request) Has been skipped
Details
CI / Detect Changes (pull_request) Has been skipped
Details
CI / Deploy Agent (pull_request) Has been skipped
Details
CI / Deploy Dashboard (pull_request) Has been skipped
Details
CI / Deploy Docs (pull_request) Has been skipped
Details
CI / Deploy MCP (pull_request) Has been skipped
Details
b973887754 
- Add MCP_ENDPOINT_URL env var to configure MCP server base URL
- Seed three default MCP server configs on dashboard startup if not present
- Each server has its own tool subset: findings (3 tools), SBOM (2 tools), DAST (2 tools)
- Uses upsert-by-name to avoid duplicates on restart

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
sharang added 1 commit 2026-03-09 11:06:05 +00:00
fix: refresh findings list after bulk status update
Some checks failed
CI / Deploy Docs (push) Has been cancelled
Details
CI / Clippy (push) Has been cancelled
Details
CI / Deploy Agent (push) Has been cancelled
Details
CI / Deploy Dashboard (push) Has been cancelled
Details
CI / Format (pull_request) Failing after 3s
Details
CI / Format (push) Has been cancelled
Details
CI / Deploy MCP (push) Has been cancelled
Details
CI / Security Audit (push) Has been cancelled
Details
CI / Tests (push) Has been cancelled
Details
CI / Detect Changes (push) Has been cancelled
Details
CI / Security Audit (pull_request) Has been cancelled
Details
CI / Tests (pull_request) Has been cancelled
Details
CI / Detect Changes (pull_request) Has been cancelled
Details
CI / Deploy Agent (pull_request) Has been cancelled
Details
CI / Deploy Dashboard (pull_request) Has been cancelled
Details
CI / Deploy Docs (pull_request) Has been cancelled
Details
CI / Deploy MCP (pull_request) Has been cancelled
Details
CI / Clippy (pull_request) Has been cancelled
Details
d9b21d3410 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
sharang added 1 commit 2026-03-09 11:08:57 +00:00
style: fix cargo fmt formatting
Some checks failed
CI / Format (pull_request) Successful in 4s
Details
CI / Clippy (push) Failing after 2m48s
Details
CI / Detect Changes (pull_request) Has been skipped
Details
CI / Detect Changes (push) Has been skipped
Details
CI / Deploy Agent (pull_request) Has been skipped
Details
CI / Deploy Dashboard (pull_request) Has been skipped
Details
CI / Deploy Agent (push) Has been skipped
Details
CI / Deploy Dashboard (push) Has been skipped
Details
CI / Deploy Docs (push) Has been skipped
Details
CI / Deploy MCP (push) Has been skipped
Details
CI / Clippy (pull_request) Failing after 2m34s
Details
CI / Security Audit (pull_request) Has been skipped
Details
CI / Tests (pull_request) Has been skipped
Details
CI / Format (push) Successful in 3s
Details
CI / Security Audit (push) Has been skipped
Details
CI / Tests (push) Has been skipped
Details
CI / Deploy Docs (pull_request) Has been skipped
Details
CI / Deploy MCP (pull_request) Has been skipped
Details
3958c1a036 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
sharang added 1 commit 2026-03-09 12:37:34 +00:00
fix: refactor fetch_findings to use FindingsQuery struct to fix clippy too_many_arguments
All checks were successful
CI / Format (push) Successful in 3s
Details
CI / Clippy (push) Successful in 5m10s
Details
CI / Security Audit (push) Has been skipped
Details
CI / Tests (push) Has been skipped
Details
CI / Format (pull_request) Successful in 3s
Details
CI / Security Audit (pull_request) Has been skipped
Details
CI / Tests (pull_request) Has been skipped
Details
CI / Detect Changes (push) Has been skipped
Details
CI / Detect Changes (pull_request) Has been skipped
Details
CI / Deploy Agent (push) Has been skipped
Details
CI / Deploy Dashboard (push) Has been skipped
Details
CI / Deploy Docs (push) Has been skipped
Details
CI / Clippy (pull_request) Successful in 3m58s
Details
CI / Deploy MCP (push) Has been skipped
Details
CI / Deploy Agent (pull_request) Has been skipped
Details
CI / Deploy Dashboard (pull_request) Has been skipped
Details
CI / Deploy Docs (pull_request) Has been skipped
Details
CI / Deploy MCP (pull_request) Has been skipped
Details
b3a284dadd 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
sharang merged commit 46bf9de549 into main 2026-03-09 12:53:13 +00:00
sharang deleted branch feat/findings-refinement 2026-03-09 12:53:31 +00:00
Sign in to join this conversation.
Reviewers
No Reviewers
Labels
No items
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
sharang
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: sharang/compliance-scanner-agent#6
Delete Branch "feat/findings-refinement"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?