refactor(#234): extract FormatFinding helper for security findings#268
refactor(#234): extract FormatFinding helper for security findings#268fullsend-ai-coder[bot] wants to merge 1 commit into
Conversation
Add FormatFinding to internal/security/ as the canonical format for printing finding details: [severity] name: detail. This resolves the Scanner vs Name field inconsistency in scan.go (line 125 used f.Scanner while line 258 used f.Name) and gives future callers a single function to use instead of copying a format string. Changes: - Add FormatFinding(f Finding) string to scanner.go - Update scan.go input scan to use FormatFinding (fixes Scanner to Name) - Update scan.go context scan to use FormatFinding - Add TestFormatFinding Closes #234
E2E tests did not runE2E tests run automatically for org/repo members and collaborators on pull requests. For other contributors, a maintainer must add the See E2E testing guide for details. |
|
🤖 Finished Review · ❌ Failure · Started 12:58 PM UTC · Completed 12:58 PM UTC |
|
/fs-review |
|
🤖 Finished Review · ✅ Success · Started 3:57 PM UTC · Completed 4:04 PM UTC |
Review — approveClean, well-scoped refactor that extracts a canonical Findings[low] behavior-change — [low] style — Notes
Labels: PR modifies internal/security/ scanning infrastructure |
| // Print findings | ||
| for _, f := range allFindings { | ||
| printer.StepWarn(fmt.Sprintf("[%s] %s: %s", f.Severity, f.Scanner, f.Detail)) | ||
| printer.StepWarn(security.FormatFinding(f)) |
There was a problem hiding this comment.
[low] behavior-change
The input scan switches from f.Scanner to f.Name via FormatFinding, changing operator-visible output. Authorized by issue #234 and documented in godoc. Log consumers keyed on the old format will stop matching.
| ) | ||
| } | ||
|
|
||
| // FormatFinding returns a human-readable summary of a single finding. |
There was a problem hiding this comment.
[low] style
FormatFinding godoc is multi-line while comparable HasCriticalFindings uses single-line. The extra context explaining Name-over-Scanner is useful, so this is a reasonable tradeoff.
|
/fs-fix |
|
🤖 Finished Fix · ✅ Success · Started 5:43 PM UTC · Completed 5:47 PM UTC |
🔧 Fix agent — iteration 1 (human-triggered)Review already approved PR with no actionable findings. Both [low] findings were informational ('No action required'). Human /fs-fix had no specific instruction. Verified code matches review assessment — no changes needed. Disagreed (2):
Tests: passed Updated by fullsend fix agent |
Add FormatFinding to internal/security/ as the canonical format for printing finding details: [severity] name: detail. This resolves the Scanner vs Name field inconsistency in scan.go (line 125 used f.Scanner while line 258 used f.Name) and gives future callers a single function to use instead of copying a format string.
Changes:
to Name)
Closes #234
Post-script verification
agent/234-extract-format-finding-helper)c776c248ac9a91f10998ca7107e974a6c9d76514..HEAD)