Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

fix: add category to Snyk SARIF upload for consistent PR checks#612

Merged
breaking-brake merged 1 commit intomainbreaking-brake/cc-wf-studio:mainfrom
fix/snyk-sarif-categorybreaking-brake/cc-wf-studio:fix/snyk-sarif-categoryCopy head branch name to clipboard
Feb 28, 2026
Merged

fix: add category to Snyk SARIF upload for consistent PR checks#612
breaking-brake merged 1 commit intomainbreaking-brake/cc-wf-studio:mainfrom
fix/snyk-sarif-categorybreaking-brake/cc-wf-studio:fix/snyk-sarif-categoryCopy head branch name to clipboard

Conversation

@breaking-brake
Copy link
Copy Markdown
Owner

@breaking-brake breaking-brake commented Feb 28, 2026
edited by coderabbitai Bot
Loading

Summary

  • Fix "2 configurations not found" warning on PR code scanning checks

What Changed

  • Split --all-projects single SARIF generation into per-project SARIF files (snyk-root.sarif, snyk-webview.sarif)
  • Upload each with explicit category matching main branch configuration names:
    • Snyk/Open Source/cc-wf-studio
    • Snyk/Open Source/cc-wf-studio-webview

Root Cause

The --all-projects flag generates a single SARIF with multiple runs, and GitHub auto-generates category names from the SARIF content. When PR and main branch runs produce slightly different SARIF structures, categories don't match, causing the "configurations not found" warning.

Testing

  • CI will validate on this PR itself

🤖 Generated with Claude Code

Summary by CodeRabbit

  • Chores
    • Updated security scanning workflow configuration to improve categorization of security scan results.

@coderabbitai
Copy link
Copy Markdown

coderabbitai Bot commented Feb 28, 2026
edited
Loading

Caution

Review failed

The pull request is closed.

ℹ️ Recent review info

Configuration used: defaults

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 4a10a3b and 445afc7.

📒 Files selected for processing (1)
  • .github/workflows/security-scan.yml
📝 Walkthrough

Walkthrough

A GitHub Actions workflow was updated to add a category field to the Snyk SARIF upload step, setting category: snyk-open-source for the "Upload Snyk results to GitHub Code Scanning" action.

Changes

Cohort / File(s) Summary
Workflow Configuration
.github/workflows/security-scan.yml		 Added category: snyk-open-source to the "Upload Snyk results to GitHub Code Scanning" step to classify SARIF uploads.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

Poem

🐰 A tiny tweak, a labeled prize,
Snyk results now wear clear ties,
snyk-open-source in gentle light,
Scans march on through day and night.

🚥 Pre-merge checks | ✅ 3
✅ Passed checks (3 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title clearly and specifically describes the main change: adding a category field to the Snyk SARIF upload step to ensure consistent PR checks.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment
  • Commit unit tests in branch fix/snyk-sarif-category

Comment @coderabbitai help to get the list of available commands and usage tips.

@breaking-brake breaking-brake force-pushed the fix/snyk-sarif-category branch from 4a10a3b to 4e28878 Compare February 28, 2026 05:15
@github-advanced-security
Copy link
Copy Markdown

github-advanced-security AI commented Feb 28, 2026

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.

@breaking-brake @claude
fix: add category to Snyk SARIF upload for consistent PR checks
445afc7 
- Added category: snyk-open-source to upload-sarif step
- Fixes "configurations not found" warning on PR checks after merge

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@breaking-brake breaking-brake force-pushed the fix/snyk-sarif-category branch from 4e28878 to 445afc7 Compare February 28, 2026 05:16
@breaking-brake breaking-brake merged commit 5224e1c into main Feb 28, 2026
3 of 4 checks passed
@breaking-brake breaking-brake deleted the fix/snyk-sarif-category branch February 28, 2026 05:19
@breaking-brake breaking-brake mentioned this pull request Feb 28, 2026
Merged
braking-brake-semantic-release Bot pushed a commit that referenced this pull request Feb 28, 2026
@github-actions
chore(release): 3.26.1 [skip ci]
746c56d 
## [3.26.1](v3.26.0...v3.26.1) (2026-02-28)

### Bug Fixes

* add category to Snyk SARIF upload for consistent PR checks ([#612](#612)) ([5224e1c](5224e1c))

### Improvements

* change MCP node default mode to aiToolSelection in schema ([#611](#611)) ([1bc81e2](1bc81e2))
* clarify MCP node schema definitions ([#615](#615)) ([36f5998](36f5998))
* simplify MCP node creation wizard from 7 to 4 steps ([#613](#613)) ([e17ad5f](e17ad5f))
@braking-brake-semantic-release
Copy link
Copy Markdown

braking-brake-semantic-release Bot commented Feb 28, 2026

🎉 This PR is included in version 3.26.1 🎉

The release is available on GitHub release

Your semantic-release bot 📦🚀

@coderabbitai coderabbitai Bot mentioned this pull request Apr 11, 2026
Merged
2 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

released

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@breaking-brake @github-advanced-security
Morty Proxy This is a proxified and sanitized view of the page, visit original site.