Spike/detect other security errors

[baristaGeek]

Description

Detecting security vulnerabilities is giving us early success. We're doubling down on this effort by expanding this function to detect exposed environment secrets as well.

What the prompt returns is also expanded with a third parameter, so that what the bot commenst on the line diff is programmatic according to the type of vulnerability detected. This way, we can easily expand this function to even more types of vulnerabilities.

Type of change

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to not work as expected)
• Documentation update
• Chore: cleanup/renaming, etc
• RFC

Notes

• Exposed env secrets are already detected by GitHub's bot, but it's a very good way to test how expandable this function is into more complex vulnerabilities. It's an easy kind of vulnerability to test
• I'll test this with different commits in a separate PR

Acceptance

• I have read the Contributing guidelines
• I have read the Code of Conduct

[vercel]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated (UTC)
watermelon	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	Nov 10, 2023 9:07pm

[watermelon-copilot-for-code-review]

WatermelonAI Summary

This PR expands our security vulnerability detection function to include the detection of exposed environment secrets. It also upgrades the feature's model to GPT 4. The prompt has been updated to allow commenting on the line diff based on the type of vulnerability detected, making it easier to expand this function further.

GitHub PRs

• #367 - Add the ruby case, and add the [input=email] string as a counter example - By baristaGeek 4 hours ago

• #364 - make a rough draft of identifying if the bot already commented - By baristaGeek 1 weeks ago

• #331 - Feature/comment specific line diffs - By baristaGeek 3 weeks ago

Click here to login to Jira
Click here to login to Confluence
Click here to login to Slack
No results found in Notion Pages :(

No results found in Linear Tickets :(

Click here to login to Asana
watermelon is an open repo and Watermelon will serve it for free.
🍉🫶
Try us on any JetBrains IDE!

[watermelon-copilot-for-code-review]

WatermelonAI Summary

This PR is expanding the function that detects security vulnerabilities to also detect exposed environment secrets. It includes upgrades to the model used and adds the ability to comment on the diff based on the type of vulnerability detected.

GitHub PRs

• #371 - Spike/detect other security errors - By baristaGeek 8 minutes ago

• #369 - Update next.config.js - By EstebanDalelR 3 hours ago

• #370 - Pin Next version to 13 - By EstebanDalelR 2 hours ago

Click here to login to Jira
Click here to login to Confluence
Click here to login to Slack
No results found in Notion Pages :(

No results found in Linear Tickets :(

Click here to login to Asana
watermelon is an open repo and Watermelon will serve it for free.
🍉🫶
Have you starred Watermelon?

[baristaGeek]

RegExes are the way to go