Skip to content

Customize audit scope to compare branches or commit hashes #131

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
jajanet wants to merge 6 commits into
base: main
Choose a base branch
from
Open

Customize audit scope to compare branches or commit hashes #131

jajanet wants to merge 6 commits into from
+66 −13

Conversation

@jajanet
Copy link
Contributor

@jajanet jajanet commented Jan 28, 2026
edited
Loading

Currently, /analyze only supports comparing the main branch to the current branch. This PR adds flexibility to also compare any given 2 branches or commits -- these changes are backwards-compatible

@github-actions
Copy link

github-actions bot commented Jan 28, 2026

🤖 Hi @jajanet, I've received your request, and I'm working on it now! You can track my progress in the logs for more details.

github-actions[bot]
github-actions bot reviewed Jan 28, 2026
View reviewed changes
Copy link

@github-actions github-actions bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

📋 Review Summary

This Pull Request introduces the ability to customize the audit scope for the /analyze command, allowing users to compare specific branches or commit hashes. The changes are well-implemented, backward-compatible, and enhance the flexibility of the security analysis.

🔍 General Feedback

  • The code changes are clean and adhere to the project's coding style.
  • The addition of optional base and head parameters to getAuditScope and its corresponding tool definition is well-handled.
  • The update to analyze.toml effectively communicates the new functionality to the LLM.

github-actions[bot]
github-actions bot reviewed Jan 28, 2026
View reviewed changes
Copy link

@github-actions github-actions bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

📋 Security Analysis Summary

No security vulnerabilities were found in this pull request. The changes were reviewed and appear to be safe.

🔍 General Feedback

  • The changes in this pull request are well-structured and easy to understand.
  • The use of spawnSync with an array of arguments is a good security practice to prevent command injection.

QuanZhang-William
QuanZhang-William reviewed Jan 28, 2026
View reviewed changes
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@github-actions github-actions[bot] github-actions[bot] left review comments

@shrishabh shrishabh shrishabh approved these changes

@QuanZhang-William QuanZhang-William QuanZhang-William approved these changes

@capachino capachino Awaiting requested review from capachino capachino is a code owner

@evanotero evanotero Awaiting requested review from evanotero evanotero is a code owner

@heltonduarte heltonduarte Awaiting requested review from heltonduarte heltonduarte is a code owner

@QuinnDACollins QuinnDACollins Awaiting requested review from QuinnDACollins QuinnDACollins is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@jajanet @shrishabh @QuanZhang-William