Skip to content

Enhance GitHub PR comment experience#26

Open
lelia wants to merge 34 commits intomainfrom
lelia/pr-comment-enhancements
Open

Enhance GitHub PR comment experience#26
lelia wants to merge 34 commits intomainfrom
lelia/pr-comment-enhancements

Conversation

@lelia
Copy link
Collaborator

@lelia lelia commented Feb 5, 2026
edited
Loading

Summary

Overhauls the GitHub PR comment experience across all 4 scanner types with a shared, centralized helper architecture. All features are enabled by default and fully configurable via GHA inputs, CLI flags, or environment variables.

Adds

  • Branded logo headers — Socket shield logo inline with each section title
  • Clickable file/line links — File paths link directly to the exact LoC on GitHub (see screenshots)
  • Collapsible sections — Findings grouped under expandable <details> with severity badges; critical auto-expands, non-critical auto-collapses
  • Syntax highlighting — Language-aware code fencing (25+ languages)
  • CVE links & CVSS scores — Vulnerability IDs auto-link to NVD with inline CVSS scores for CVE-based scanners (Socket Tier 1, Trivy).
    • NOTE: SAST and secrets findings surface rule IDs and code context; richer contextual linking for these scanner types is planned as a follow-up.
  • Auto PR labels — Severity-based labels with auto-creation and color-coded badges, customizable names
  • Centralized helper module (github_pr_helpers.py) — Shared utilities + wrap_pr_comment_section() wrapper for plug-and-play integration of future OSS tools
  • 9 new action.yml inputs for feature toggles and label customization
  • docs/github-pr-comment-guide.md — Feature guide with configuration reference, common configs, and extensibility docs
  • Unit tests for the helper module

Changes

  • All 4 formatter files refactored to use shared helpers, eliminating wrapper boilerplate
  • github_pr_notifier.py extended with label management and idempotent section updates
  • README.md streamlined to single canonical Quick Start; duplicate GHA snippets replaced with links to docs
  • docs/github-action.md updated to @1.0.28 / checkout v6.0.2; PR section consolidated into dedicated guide
  • Local install docs now cross-reference GitHub Actions as first-class CI/CD option
  • .gitignore reorganized: fixed *.md negation order, removed duplicates, added section headers

Removes

  • Redundant GHA workflow snippets duplicated across README and docs
  • All stale @1.0.26 version references
  • ~30 duplicate .gitignore entries

Screenshots

Before

pr-before

After

pr-after

Clickable links

pr-comment-jump-1

Jump to LoC

pr-comment-jump-2

refs: ASK-191

@lelia lelia changed the title GitHub PR comment enhancements ✨ Enhance GitHub PR comment experience Feb 18, 2026
@lelia lelia marked this pull request as ready for review February 18, 2026 19:04
lelia added 28 commits February 18, 2026 15:06
@lelia
Add support for PR labels and linking to full report
e959aa2
@lelia
Add support for rule name, collapsible fields
11713af
@lelia
Add helper functions for GitHub PR comments
cc7e1f9
@lelia
Pass config for repository metadata and feature flags
98557c3
@lelia
Expand notification configuration params
ccecc4c
@lelia
Augment existing GHA docs to explain configuration options
a57c421
@lelia
Add unit tests for new GH helper functionality
39b9006
@lelia
Update GHA manifest to include new params
584a450
@lelia
Update git ignore to handle new docs
4d5b429
@lelia
Update README with new PR comment functionality
b199b8d
@lelia
Update helper tests import
4bd0b8a
@lelia
Update all connectors to have PR comment feature parity
2d4d99c
@lelia
Centralize all GitHub PR helper logic
4e1ba6c
@lelia
Update README with new enhancements
e6c4d0b
@lelia
Fix clickable links and auto-collapse logic
19b5bbb
@lelia
Prune GHA workspace path prefixes
ce56199
@lelia
Update connector formatting
da03a27 
Signed-off-by: lelia <lelia@socket.dev>
@lelia
Colorize GitHub PR label options
73385e5 
Signed-off-by: lelia <lelia@socket.dev>
@lelia
Better filepath formatting, CVE links, CVSS scores
9c0be3a 
Signed-off-by: lelia <lelia@socket.dev>
@lelia
Update helper tests to cover new functionality
5e0f32f 
Signed-off-by: lelia <lelia@socket.dev>
@lelia
Wrap standard connector logic
f40dcc5 
Signed-off-by: lelia <lelia@socket.dev>
@lelia
Wrap connector logic, add support for 32px logo
502153d
@lelia
Add 32x32px Socket logo asset
1741c49 
Signed-off-by: lelia <lelia@socket.dev>
@lelia
Overhaul git ignore with better structure and categories
ddd0fd8 
Signed-off-by: lelia <lelia@socket.dev>
@lelia
Update README to reflect new GHA functionality, dedupe usage examples
501e42e 
Signed-off-by: lelia <lelia@socket.dev>
@lelia
Add README to cover unit/integration testing with pytest
fdce42f 
Signed-off-by: lelia <lelia@socket.dev>
@lelia
Clean up and deduplicate GHA docs
7ebc1fa 
Signed-off-by: lelia <lelia@socket.dev>
@lelia
Update CI/CD install refs to defer to GHA docs
7fd8d1a 
Signed-off-by: lelia <lelia@socket.dev>
lelia added 6 commits February 18, 2026 15:06
@lelia
Add docs to cover new GitHub PR comment functionality and config
b9a470d 
Signed-off-by: lelia <lelia@socket.dev>
@lelia
Apply filepath cleaning logic to text formatting
bdada9c 
Signed-off-by: lelia <lelia@socket.dev>
@lelia
Fix formatting logic to enable jumping to specific LoC
2644c58 
Signed-off-by: lelia <lelia@socket.dev>
@lelia
Whitespace change to test commit signing
4089894 
Signed-off-by: lelia <lelia@socket.dev>
@lelia
Second whitespace commit for signing test
e52cd79 
Signed-off-by: lelia <lelia@socket.dev>
@lelia
Testing new signing key with verified email
b6b39ea 
Signed-off-by: lelia <lelia@socket.dev>
@lelia lelia force-pushed the lelia/pr-comment-enhancements branch from 342529c to b6b39ea Compare February 18, 2026 20:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@lelia

Comments