Skip to content

chore: add .cve-fix/examples.md guidance for CVE fixer workflow#1560

Open
B-Whitt wants to merge 1 commit into
mainfrom
add-cve-fix-guidance
Open

chore: add .cve-fix/examples.md guidance for CVE fixer workflow#1560
B-Whitt wants to merge 1 commit into
mainfrom
add-cve-fix-guidance

Conversation

@B-Whitt
Copy link
Copy Markdown
Contributor

@B-Whitt B-Whitt commented May 19, 2026
edited by coderabbitai Bot
Loading

Adds .cve-fix/examples.md so the CVE fixer workflow knows how to
create fix PRs matching this repo's conventions (branch naming, files that
change together, co-upgrades, etc.).

Generated by /onboard based on analysis of 5 merged CVE PRs.

🤖 Generated by /onboard

Summary by CodeRabbit

  • Documentation
    • Added comprehensive guidelines and examples for CVE-related dependency-fix pull requests, including naming conventions for branch and title formatting, rules for coordinating related dependency upgrades, expected sections in pull request descriptions (Summary, Changes table, Test Plan, Jira reference), and best practices checklist.

@claude
chore: add CVE fixer guidance file
de4cf58 
Generated by /onboard — teaches the CVE fixer workflow how to create
fix PRs matching this repo's conventions.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@B-Whitt B-Whitt requested a review from a team as a code owner May 19, 2026 16:07
@coderabbitai
Copy link
Copy Markdown

coderabbitai Bot commented May 19, 2026
edited
Loading

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Enterprise

Run ID: ceb6e232-10bf-42fe-bb59-813c727efb72

📥 Commits

Reviewing files that changed from the base of the PR and between 1583b3c and de4cf58.

📒 Files selected for processing (1)
  • .cve-fix/examples.md
📝 Walkthrough

Walkthrough

This PR adds a new documentation file (.cve-fix/examples.md) that establishes conventions for CVE-related dependency-fix pull requests. The guide specifies PR title and branch naming patterns, rules for file co-changes, required PR description sections, and constraints to follow to avoid rejection.

Changes

CVE-fix PR Guidelines

Layer / File(s) Summary
CVE-fix PR documentation guide
.cve-fix/examples.md		 A new guide documenting naming conventions for CVE-fix PR titles and branches, file co-upgrade rules (e.g., pyproject.toml with poetry.lock), required PR description sections (Summary, Changes table, Test Plan, Jira reference), and constraints to avoid rejected PRs.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

🚥 Pre-merge checks | ✅ 5
✅ Passed checks (5 passed)
Check name Status Explanation
Title check ✅ Passed The title clearly describes the main change: adding documentation guidance for CVE fix PRs. It is concise, specific, and directly related to the changeset.
Description check ✅ Passed The description adequately explains what is being changed (adding .cve-fix/examples.md), why it is needed (to guide CVE fixer workflow), and how it was created (generated by /onboard tool). All essential elements from the template are covered.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch add-cve-fix-guidance

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@codecov-commenter
Copy link
Copy Markdown

codecov-commenter commented May 19, 2026
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 92.02%. Comparing base (1583b3c) to head (de4cf58).

@@           Coverage Diff           @@
##             main    #1560   +/-   ##
=======================================
  Coverage   92.02%   92.02%           
=======================================
  Files         241      241           
  Lines       10978    10978           
=======================================
  Hits        10102    10102           
  Misses        876      876
Flag Coverage Δ
unit-int-tests-3.11 92.02% <ø> (ø)
unit-int-tests-3.12 92.02% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@sonarqubecloud
Copy link
Copy Markdown

sonarqubecloud Bot commented May 19, 2026

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@AlexSCorey AlexSCorey AlexSCorey approved these changes

At least 2 approving reviews are required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@B-Whitt @codecov-commenter @AlexSCorey