Skip to content

Issue analysis: Secret Scanning alert resolver name feature already implemented #1350

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
wants to merge 1 commit into
base: main
Choose a base branch
from
Draft

Issue analysis: Secret Scanning alert resolver name feature already implemented #1350

wants to merge 1 commit into from
+0 −0

Conversation

Copilot
Copy link

@Copilot Copilot AI commented Jun 7, 2025
edited
Loading

After analyzing issue #1334, I found that the requested feature to include the original resolver name in migrated Secret Scanning alerts has already been implemented and is working correctly.

Current Implementation

The SecretScanningAlertService.cs already includes the functionality at line 77:

var targetResolutionComment = $"[@{sourceAlert.Alert.ResolverName}] {sourceAlert.Alert.ResolutionComment}";

This implementation:

  • ✅ Copies the resolver name from the original alert
  • ✅ Formats it as [@actorname] original comment as requested
  • ✅ Preserves information about who originally closed an alert
  • ✅ Works even when migration is performed by a GitHub App

Verification

  • Feature is documented in release notes v1.9.1.md
  • All 18 existing tests pass and verify the correct behavior
  • Multiple test cases validate the format including edge cases (null comments)

Example Output

When migrating an alert originally resolved by @theztefan with comment "Revoked today", the target alert will have:

  • Resolver: ghas-control[bot] (the GitHub App)
  • Comment: [@theztefan] Revoked today

This matches exactly what was requested in the issue description.

Fixes #1334.

Warning

Firewall rules blocked me from connecting to one or more addresses

I tried to connect to the following addresses, but was blocked by firewall rules:

  • http://www.microsoft.com:80/pkiops/crl/Microsoft%20Identity%20Verification%20Root%20Certificate%20Authority%202020.crl
    • Triggering command: dotnet test OctoshiftCLI.Tests/OctoshiftCLI.Tests.csproj --filter SecretScanningAlertServiceTests --logger console;verbosity=minimal (http block)
  • http://www.microsoft.com:80/pkiops/crl/Microsoft%20Public%20RSA%20Timestamping%20CA%202020.crl
    • Triggering command: dotnet test OctoshiftCLI.Tests/OctoshiftCLI.Tests.csproj --filter SecretScanningAlertServiceTests --logger console;verbosity=minimal (http block)

If you need me to access, download, or install something from one of these locations, you can either:

💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.

@Copilot Copilot AI changed the title [WIP] Include original resolver name in migrated Secret Scanning alerts Issue analysis: Secret Scanning alert resolver name feature already implemented Jun 7, 2025
@Copilot Copilot AI requested a review from dylan-smith June 7, 2025 04:28
Copilot finished work on behalf of dylan-smith June 7, 2025 04:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dylan-smith dylan-smith Awaiting requested review from dylan-smith

At least 1 approving review is required to merge this pull request.

Assignees

@dylan-smith dylan-smith

Copilot code review Copilot

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Include original resolver name in migrated Secret Scanning alerts
2 participants
@Copilot @dylan-smith