feat(trigger): add org tags to all trigger job runs#2476
Merged
Conversation
Add `await tags.add([`org:${organizationId}`])` to all 25 trigger tasks
that receive an organizationId, making it easy to filter and identify
which organization a job was run for in the trigger.dev dashboard.
Scheduled/bulk tasks that iterate over all orgs are excluded since they
don't have a single organizationId.
Also updates the vendor extraction prompt to prefer company names over
product names (e.g. "Anthropic" not "Claude", "OpenAI" not "ChatGPT").
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
PR SummaryMedium Risk Overview Refines onboarding vendor extraction. The vendor extraction AI schema/prompt now captures both a canonical parent-company Reviewed by Cursor Bugbot for commit 33d726b. Bugbot is set up for automated code reviews on this repo. Configure here. |
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 2 potential issues.
Bugbot Autofix prepared fixes for both issues found in the latest run.
- ✅ Fixed: Tag addition outside documented "never throw" try-catch
- Moved the tag addition inside the task try-catch so tag errors return a graceful failure.
- ✅ Fixed: Prompt change causes duplicate vendors via name mismatch
- Added product alias capture and used it to merge custom URLs and dedupe fallback vendor creation.
Or push these changes by commenting:
@cursor push 2404e9b756
Preview (2404e9b756)
diff --git a/apps/api/src/trigger/cloud-security/run-cloud-security-scan.ts b/apps/api/src/trigger/cloud-security/run-cloud-security-scan.ts
--- a/apps/api/src/trigger/cloud-security/run-cloud-security-scan.ts
+++ b/apps/api/src/trigger/cloud-security/run-cloud-security-scan.ts
@@ -20,18 +20,17 @@
const { connectionId, organizationId, providerSlug, connectionName } =
payload;
- await tags.add([`org:${organizationId}`]);
+ try {
+ await tags.add([`org:${organizationId}`]);
- logger.info(
- `Starting cloud security scan for connection: ${connectionName}`,
- {
- connectionId,
- provider: providerSlug,
- organizationId,
- },
- );
-
- try {
+ logger.info(
+ `Starting cloud security scan for connection: ${connectionName}`,
+ {
+ connectionId,
+ provider: providerSlug,
+ organizationId,
+ },
+ );
// Verify connection is still active
const connection = await db.integrationConnection.findUnique({
where: { id: connectionId },
diff --git a/apps/app/src/trigger/tasks/onboarding/onboard-organization-helpers.ts b/apps/app/src/trigger/tasks/onboarding/onboard-organization-helpers.ts
--- a/apps/app/src/trigger/tasks/onboarding/onboard-organization-helpers.ts
+++ b/apps/app/src/trigger/tasks/onboarding/onboard-organization-helpers.ts
@@ -40,6 +40,7 @@
export type VendorData = {
vendor_name: string;
+ source_vendor_names?: string[];
vendor_website: string;
vendor_description: string;
category: VendorCategory;
@@ -266,6 +267,7 @@
type: 'object',
properties: {
vendor_name: { type: 'string' },
+ source_vendor_names: { type: 'array', items: { type: 'string' } },
vendor_website: { type: 'string' },
vendor_description: { type: 'string' },
category: { type: 'string', enum: Object.values(VendorCategory) },
@@ -292,7 +294,7 @@
additionalProperties: false,
}),
system:
- 'Extract vendor names from the following questions and answers. Return their name (grammar-correct), website, description, category, inherent probability, inherent impact, residual probability, and residual impact. IMPORTANT: Always use the parent company name, not the product name (e.g. "Anthropic" not "Claude", "OpenAI" not "ChatGPT", "Alphabet" is acceptable as "Google", "Meta" is acceptable as "Meta").',
+ 'Extract vendor names from the following questions and answers. Return their name (grammar-correct), website, description, category, inherent probability, inherent impact, residual probability, and residual impact. IMPORTANT: Always use the parent company name, not the product name (e.g. "Anthropic" not "Claude", "OpenAI" not "ChatGPT", "Alphabet" is acceptable as "Google", "Meta" is acceptable as "Meta"). If the answers mention product names, include them in source_vendor_names for that vendor.',
prompt: questionsAndAnswers.map((q) => `${q.question}\n${q.answer}`).join('\n'),
});
@@ -300,15 +302,31 @@
// Merge custom vendor URLs - user-provided URLs take precedence
for (const vendor of vendors) {
- const customUrl = customVendorUrls.get(vendor.vendor_name.toLowerCase());
+ let customUrl = customVendorUrls.get(vendor.vendor_name.toLowerCase());
+ if (!customUrl && vendor.source_vendor_names) {
+ for (const sourceName of vendor.source_vendor_names) {
+ customUrl = customVendorUrls.get(sourceName.toLowerCase());
+ if (customUrl) {
+ break;
+ }
+ }
+ }
if (customUrl) {
logger.info(`Using custom URL for vendor ${vendor.vendor_name}: ${customUrl}`);
vendor.vendor_website = customUrl;
}
}
- // Track which vendors were extracted by AI
- const extractedVendorNames = new Set(vendors.map((v) => v.vendor_name.toLowerCase()));
+ // Track which vendors were extracted by AI (including product aliases)
+ const extractedVendorNames = new Set<string>();
+ for (const vendor of vendors) {
+ extractedVendorNames.add(vendor.vendor_name.toLowerCase());
+ if (vendor.source_vendor_names) {
+ for (const sourceName of vendor.source_vendor_names) {
+ extractedVendorNames.add(sourceName.toLowerCase());
+ }
+ }
+ }
// Ensure ALL vendors from the software field are added (not just custom ones)
// This catches any vendors the AI failed to extractThis Bugbot Autofix run was free. To enable autofix for future PRs, go to the Cursor dashboard.
Reviewed by Cursor Bugbot for commit 1d77761. Configure here.
apps/app/src/trigger/tasks/onboarding/onboard-organization-helpers.ts
Outdated
Show resolved
Hide resolved
… company The AI now returns an original_name field alongside vendor_name so we can track both "Claude" (user input) and "Anthropic" (canonical name) in the dedup set. Without this, the fallback loop would re-add the product name as a separate vendor. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
claudfuen
pushed a commit
that referenced
this pull request
Apr 7, 2026
# [3.17.0](v3.16.2...v3.17.0) (2026-04-07) ### Bug Fixes * **ci:** pin bun version in trigger workflows and regenerate lockfile ([4650bd9](4650bd9)) * **ci:** pin bun version in trigger workflows and regenerate lockfile ([#2478](#2478)) ([3574357](3574357)) * **documents:** allow CSV and Excel file uploads for evidence forms ([52bb3f6](52bb3f6)) * **documents:** fix RBAC schema, matrix validation, and step 3 MIME mapper ([c440317](c440317)) * **documents:** fix TS strict index access on matrix row ([77d71bd](77d71bd)) * **documents:** use lenient row schema so file upload bypasses row validation ([f06febb](f06febb)) * **documents:** use original row index for validation error paths ([7ded778](7ded778)) * **google-workspace:** clarify that email filter variables apply to checks too, not just sync ([cb0e6af](cb0e6af)) * **notifications:** dont send task reminders to employees ([5a90324](5a90324)) * **portal:** sync activeOrganizationId when navigating between orgs ([#2468](#2468)) ([e1b29a5](e1b29a5)) ### Features * **trigger:** add org tags to all trigger job runs ([#2476](#2476)) ([b3d26e7](b3d26e7))
Contributor
|
🎉 This PR is included in version 3.17.0 🎉 The release is available on GitHub release Your semantic-release bot 📦🚀 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Add
await tags.add([org:${organizationId}])to all 25 trigger tasks that receive an organizationId, making it easy to filter and identify which organization a job was run for in the trigger.dev dashboard.Scheduled/bulk tasks that iterate over all orgs are excluded since they don't have a single organizationId.
Also updates the vendor extraction prompt to prefer company names over product names (e.g. "Anthropic" not "Claude", "OpenAI" not "ChatGPT").
What does this PR do?
Visual Demo (For contributors especially)
A visual demonstration is strongly recommended, for both the original and new change (video / image - any one).
Video Demo (if applicable):
Image Demo (if applicable):
Mandatory Tasks (DO NOT REMOVE)
How should this be tested?
Checklist