Skip to content

Add report generation for bug sweep #5273

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
wants to merge 25 commits into
base: main
Choose a base branch
from
Draft

Add report generation for bug sweep #5273

wants to merge 25 commits into from

Conversation

khai-oai
Copy link
Contributor

Summary

  • generate findings-only report for bug sweep runs
  • ensure html artifact matches bug sweep findings

Testing

  • not run (awaiting approval for lint/tests)

khai-oai added 25 commits October 16, 2025 20:25
@khai-oai
Add report generation for bug sweep
3b7f4d2
@khai-oai
Restore /secreview command and security review UI
88ccfb4
@khai-oai
Provide default scope prompts for auto scope confirmation
c2a6347
@khai-oai
Restrict security review autoscope to scoped options
226ef2e
@khai-oai
Default scoped review prompts when no paths provided
b6bdc72
@khai-oai
Allow cancelling in-progress security review with Ctrl-C
9f091e7
@khai-oai
Improve default autoscope prompts for scoped reviews
23169b8
@khai-oai
Auto-scope confirmation now displays LLM-chosen directories directly
e4cbd96
@khai-oai
Inline security report viewer JS deps
33e1730
@khai-oai
Restore auto-scope confirmation dialog
1cf5334
@khai-oai
Provide default auto-scope prompt and confirmation dialog
ad88013
@khai-oai
Detect abbreviations in auto-scope prompts
3a90a11
@khai-oai
Fix inline report markdown encoding
b567e56
@khai-oai
Cap auto-scope suggestions to up to 20 directories
a915190
@khai-oai
Reword bug-sweep autoscope prompt to focus on critical code paths
0b8a3ec
@khai-oai
Add security review follow-up flow
62cedda
@khai-oai
Improve security review markdown outputs
6040759
@khai-oai
Enhance auto scope keyword expansion
c0ccfee
@khai-oai
wip
eb5b793
@khai-oai
Add security review follow-up prompts
633be44
@khai-oai
Sync bug markdown with reranked severity
2b25771
@khai-oai
Improve security review markdown polishing retries
ea22460
@khai-oai
tui: dedupe/group bugs before risk rerank; normalize+filter pre and p…
32eb5ad 
…ost rerank

- Move dedup step ahead of risk rerank to avoid redundant rerank and improve grouping
- Normalize severities before dedup; filter to High/Medium/Low
- After rerank, re-normalize, rewrite severity in markdown, and filter again if needed
- Minor fix in triage_chunk log initialization

Tests: cargo test -p codex-tui (passed)
@khai-oai
tui: disable auto-scope for /secreview options 1 & 2; remove default …
f294813 
…auto-scope prompt and auto-accept for Quick bug sweep; rebuild
@khai-oai
tui(security_review):
bde8a63 
- Add aggregated token usage to Security Review results and show in summary
- Remove/restore report sections per requests: drop Configuration and Extensibility; remove Risks and Gaps; restore Security Findings header
- Simplify findings table by removing Recommendation column
- Inline GitHub links for File & Lines using single commit tree hash per run
- Keep headings and content aligned with appsec review expectations

Also ran fmt/clippy and updated tests to pass.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@khai-oai