Skip to content

Implement post-fix rescan and finding diffing for verify outcomes#29

Merged
ionfwsrijan merged 1 commit into
ionfwsrijan:mainfrom
sasidaran-99:implement-verify-rescan
Jun 4, 2026
Merged

Implement post-fix rescan and finding diffing for verify outcomes#29
ionfwsrijan merged 1 commit into
ionfwsrijan:mainfrom
sasidaran-99:implement-verify-rescan

Conversation

@sasidaran-99
Copy link
Copy Markdown
Contributor

@sasidaran-99 sasidaran-99 commented Jun 3, 2026
edited
Loading

Linked issue

Closes #27

What this PR does

Implements post-fix rescanning and finding diffing for verify outcomes. The /verify endpoint now re-runs security scanners, compares the results against the baseline findings stored during the initial scan, calculates newly introduced findings, and updates the verification outcome accordingly.

Type of change

  • Bug fix
  • New feature
  • ML model / training pipeline
  • Refactor (no behaviour change)
  • Documentation
  • Tests only

ML tier (if applicable)

  • Tier 1 — Triage
  • Tier 2 — Predictive
  • Tier 3 — Autonomous
  • Not ML-related

Changes

Backend

  • Added baseline finding retrieval from the database.
  • Re-ran scanners during /verify.
  • Implemented finding diffing using rule_id, file_path, and line_number.
  • Calculated actual new_issues_introduced values.
  • Updated passed status to require both successful verification and zero newly introduced findings.
  • Added logging for verification outcomes.

Database / schema changes

  • No schema changes required.

Testing

How did you test this?

  • Tested locally using the FastAPI Swagger UI.
  • Uploaded a sample ZIP project using /scan.
  • Verified findings were stored and a valid job_id was generated.
  • Executed /verify using the generated job_id.
  • Confirmed verification outcomes were persisted correctly and the endpoint returned expected results.
  • Ran Ruff checks and formatting successfully.

Checklist

  • Tested locally end-to-end (upload ZIP or GitHub URL → scan → findings returned correctly)
  • No new console.error or unhandled Python exceptions introduced
  • Added or updated tests where applicable
  • requirements.txt / package.json updated if new dependencies added
  • New model files (.pkl, .pt, etc.) are gitignored, not committed

Anything reviewers should focus on

Please review the finding comparison logic used to identify newly introduced findings and the updated verification outcome calculation.

@sasidaran-99
Copy link
Copy Markdown
Contributor Author

sasidaran-99 commented Jun 3, 2026

@ionfwsrijan,
Done with the issue. Kindly do check it and merge it.

@ionfwsrijan ionfwsrijan added tier-1 TIER 1 Upgrade issues backend Backend issues easy Easy difficulty SSoC26 labels Jun 4, 2026
@ionfwsrijan ionfwsrijan merged commit 83e0997 into ionfwsrijan:main Jun 4, 2026
6 checks passed
@ionfwsrijan
Copy link
Copy Markdown
Owner

ionfwsrijan commented Jun 4, 2026

@sasidaran-99 LGTM merging it

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@sasidaran-99 sasidaran-99

Labels

backend Backend issues easy Easy difficulty SSoC26 tier-1 TIER 1 Upgrade issues

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Implement post-fix rescan and finding diffing for verify outcomes

2 participants

@sasidaran-99 @ionfwsrijan