Cursor/review and improve pr gemini 3 pro preview 4d1b#192
Closed
DevOpsMadDog wants to merge 4 commits into
Closed
Cursor/review and improve pr gemini 3 pro preview 4d1b#192DevOpsMadDog wants to merge 4 commits into
DevOpsMadDog wants to merge 4 commits into
Conversation
This commit enhances error handling in the CLI and normalizer, adds comprehensive docstrings, and fixes a documentation reference. Co-authored-by: shivakumaar.umasudan <shivakumaar.umasudan@devopsai.co>
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
Comment on lines
+44
to
+49
| # Enterprise reachability analysis | ||
| try: | ||
| from risk.reachability.api import router as reachability_router | ||
| except ImportError: | ||
| reachability_router = None | ||
| logger.warning("Reachability analysis API not available") |
There was a problem hiding this comment.
The optional import of risk.reachability.api wraps in a try/except, but the except block logs with logger.warning before logger is defined (the logger is created later in the module). If the reachability module or any dependency is absent—as the try/except is meant to tolerate—the except path raises NameError, stopping the API app from starting instead of cleanly disabling reachability. Define the logger before the try/except or use logging.getLogger(__name__) in the except block so the fallback works.
Useful? React with 👍 / 👎.
Comment on lines
+31
to
+33
| @pytest.mark.skipif( | ||
| not pytest.config.getoption("--api-server-running", default=False), | ||
| reason="API server not running", |
There was a problem hiding this comment.
The skip marker for test_cli_scan_command calls pytest.config.getoption(...), but pytest.config was removed in Pytest 8 (the repo’s installed version is 8.4.2). This attribute access is evaluated during test collection and raises AttributeError, preventing the e2e suite from importing. Use the request.config.getoption fixture or another supported way to read CLI options so the tests can be collected.
Useful? React with 👍 / 👎.
This commit enhances error handling and adds comprehensive docstrings to the `cli/fixops_sbom.py` and `lib4sbom/normalizer.py` files. It also includes a new markdown file detailing pre-merge check statuses. Co-authored-by: shivakumaar.umasudan <shivakumaar.umasudan@devopsai.co>
![cubic-dev-ai[bot]](https://avatars.githubusercontent.com/in/1082092?s=60&v=4){kind=small}
Contributor
There was a problem hiding this comment.
40 issues found across 142 files
Note: This PR contains a large number of files. cubic only reviews up to 75 files per PR, so some files may not have been reviewed.
Prompt for AI agents (all 40 issues)
Check if these issues are valid — if so, understand the root cause of each and fix them.
<file name="agents/language/python_agent.py">
<violation number="1" location="agents/language/python_agent.py:10">
P0: `Optional` is used in type annotations but not imported from `typing`. This will cause a `NameError` at module load time.</violation>
</file>
<file name="compliance/templates/pci_dss.py">
<violation number="1" location="compliance/templates/pci_dss.py:3">
P0: Missing import for type hints. `List`, `Dict`, and `Any` are used but not imported from `typing`. This will cause a `NameError` at runtime.</violation>
</file>
<file name="apps/api/app.py">
<violation number="1" location="apps/api/app.py:49">
P0: `logger` is used before it's defined. If this import fails, the application will crash with `NameError: name 'logger' is not defined`. Either move the logger definition before this block or use `logging.warning()` directly.</violation>
</file>
<file name="agents/language/__init__.py">
<violation number="1" location="agents/language/__init__.py:10">
P0: Import from non-existent module `rust_agent` will raise `ModuleNotFoundError`. The file `agents/language/rust_agent.py` does not exist in the repository. Similarly, the following imported modules are also missing: `cpp_agent`, `ruby_agent`, `php_agent`, `dotnet_agent`, `swift_agent`, `kotlin_agent`. Either create these missing agent files or remove the imports for modules that don't exist yet.</violation>
</file>
<file name="automation/__init__.py">
<violation number="1" location="automation/__init__.py:8">
P0: Import from non-existent module `automation.remediation` will cause an `ImportError` at runtime. The file `automation/remediation.py` does not exist in the codebase. Either create the missing module or remove this import and the corresponding entries from `__all__`.</violation>
</file>
<file name="compliance/templates/soc2.py">
<violation number="1" location="compliance/templates/soc2.py:3">
P0: Missing import for type hints `List`, `Dict`, and `Any` from the `typing` module. This will cause a `NameError` at runtime.</violation>
</file>
<file name="compliance/templates/nist.py">
<violation number="1" location="compliance/templates/nist.py:6">
P0: Missing import for `List`, `Dict`, and `Any` from `typing` module. These type hints are used in method signatures but not imported, causing a `NameError` at runtime.</violation>
</file>
<file name="compliance/templates/hipaa.py">
<violation number="1" location="compliance/templates/hipaa.py:3">
P0: Missing import for `List`, `Dict`, and `Any` from the `typing` module. These type hints are used in method signatures but are not imported, causing a `NameError` at runtime.</violation>
</file>
<file name="agents/design_time/code_repo_agent.py">
<violation number="1" location="agents/design_time/code_repo_agent.py:11">
P0: Missing `Optional` import from `typing` module. The code uses `Optional[str]` and `Optional[Dict[str, Any]]` in type annotations but `Optional` is not imported, which will cause a `NameError` at runtime.</violation>
</file>
<file name="agents/__init__.py">
<violation number="1" location="agents/__init__.py:10">
P0: This import will fail with `ModuleNotFoundError` because `agents/design_time/cicd_agent.py` does not exist in the repository. Either create the missing module or remove this import.</violation>
<violation number="2" location="agents/__init__.py:11">
P0: This import will fail with `ModuleNotFoundError` because `agents/design_time/design_tool_agent.py` does not exist in the repository.</violation>
<violation number="3" location="agents/__init__.py:13">
P0: This import will fail with `ModuleNotFoundError` because `agents/runtime/cloud_agent.py` does not exist in the repository.</violation>
<violation number="4" location="agents/__init__.py:14">
P0: This import will fail with `ModuleNotFoundError` because `agents/runtime/api_agent.py` does not exist in the repository.</violation>
<violation number="5" location="agents/__init__.py:19">
P0: This import will fail with `ModuleNotFoundError` because `agents/language/rust_agent.py` does not exist in the repository.</violation>
<violation number="6" location="agents/__init__.py:20">
P0: This import will fail with `ModuleNotFoundError` because `agents/language/cpp_agent.py` does not exist in the repository.</violation>
<violation number="7" location="agents/__init__.py:21">
P0: This import will fail with `ModuleNotFoundError` because `agents/language/ruby_agent.py` does not exist in the repository.</violation>
<violation number="8" location="agents/__init__.py:22">
P0: This import will fail with `ModuleNotFoundError` because `agents/language/php_agent.py` does not exist in the repository.</violation>
<violation number="9" location="agents/__init__.py:23">
P0: This import will fail with `ModuleNotFoundError` because `agents/language/dotnet_agent.py` does not exist in the repository.</violation>
<violation number="10" location="agents/__init__.py:24">
P0: This import will fail with `ModuleNotFoundError` because `agents/language/swift_agent.py` does not exist in the repository.</violation>
<violation number="11" location="agents/__init__.py:25">
P0: This import will fail with `ModuleNotFoundError` because `agents/language/kotlin_agent.py` does not exist in the repository.</violation>
</file>
<file name="automation/dependency_updater.py">
<violation number="1" location="automation/dependency_updater.py:160">
P1: The `npm outdated` command returns exit code 1 when outdated packages are found, and 0 when all packages are up to date. This condition prevents parsing the actual outdated package data since it only proceeds when there are no updates.</violation>
</file>
<file name="core/oss_fallback.py">
<violation number="1" location="core/oss_fallback.py:229">
P1: Return code check incorrectly treats findings as failures. Many static analysis tools (bandit, semgrep, eslint) return non-zero exit codes when issues are found, not just on errors. Consider checking for specific error codes or parsing output regardless of return code.</violation>
</file>
<file name="deployment/docker-compose.enterprise.yml">
<violation number="1" location="deployment/docker-compose.enterprise.yml:74">
P1: Healthcheck always succeeds - `sys.exit(0)` returns success without verifying service health. This defeats the purpose of the healthcheck and could mask service failures. Consider checking an actual health endpoint or process status.</violation>
<violation number="2" location="deployment/docker-compose.enterprise.yml:109">
P1: Insecure default password 'CHANGE_ME' for PostgreSQL. In a production enterprise deployment, this default could be accidentally deployed if the environment variable isn't set. Consider either removing the default entirely to force explicit configuration, or fail-fast with a clear error message.</violation>
<violation number="3" location="deployment/docker-compose.enterprise.yml:246">
P1: Insecure default password 'admin' for Grafana admin user. This is a well-known default credential combination (admin/admin) that attackers commonly try. Consider requiring the password to be explicitly set.</violation>
</file>
<file name="deployment/kubernetes/helm/fixops-enterprise/values.yaml">
<violation number="1" location="deployment/kubernetes/helm/fixops-enterprise/values.yaml:14">
P1: Using 'latest' image tags in production makes deployments non-reproducible and can cause unexpected behavior. Pin to specific version tags (e.g., `v1.2.3`) for production deployments.</violation>
<violation number="2" location="deployment/kubernetes/helm/fixops-enterprise/values.yaml:79">
P1: Hardcoded password placeholder in version control is a security risk. Use a reference to a secret (e.g., via `existingSecret`) or leave it empty with required field validation. Since Vault is configured as the secrets provider, consider referencing a Vault secret instead.</violation>
</file>
<file name="deployment/kubernetes/helm/fixops-enterprise/Chart.yaml">
<violation number="1" location="deployment/kubernetes/helm/fixops-enterprise/Chart.yaml:6">
P1: Using `latest` in `appVersion` undermines reproducibility and enterprise compliance. Production Helm charts should use explicit semantic versions (e.g., `1.0.0`) to ensure deployments are reproducible, auditable, and support reliable rollbacks.</violation>
</file>
<file name="cli/config.py">
<violation number="1" location="cli/config.py:48">
P1: Config file containing API keys is created without restrictive permissions. On Unix systems, this may allow other users to read sensitive credentials. Set file permissions to 0o600 (owner read/write only) when writing the config file.</violation>
</file>
<file name="analysis/ENTERPRISE_DEPLOYMENT_GUIDE.md">
<violation number="1" location="analysis/ENTERPRISE_DEPLOYMENT_GUIDE.md:613">
P1: Shell variable `$(date +%Y%m%d)` will be expanded at cronjob creation time, not execution time. All backups will have the same filename and overwrite each other. Escape the `$` to prevent immediate expansion.</violation>
</file>
<file name="compliance/templates/owasp.py">
<violation number="1" location="compliance/templates/owasp.py:19">
P1: The `cwe_ids` field defaults to `None` but is iterated over in `assess_compliance` without null checking. This will raise `TypeError` if a rule is created without `cwe_ids`. Use `field(default_factory=list)` instead.</violation>
</file>
<file name="agents/core/agent_framework.py">
<violation number="1" location="agents/core/agent_framework.py:124">
P1: HTTP request missing timeout. The `session.post()` call should use a timeout to prevent indefinite hangs. Consider using `aiohttp.ClientTimeout(total=self.config.timeout)` when creating the session.</violation>
</file>
<file name="README_ENTERPRISE.md">
<violation number="1" location="README_ENTERPRISE.md:43">
P1: The Helm deployment command is incorrect - the kubernetes deployment pack uses Kustomize, not Helm. This command will fail with "Error: path './deployment-packs/kubernetes' does not contain a chart". The correct deployment method per deployment-packs/README.md is `kubectl apply -k deployment-packs/kubernetes/`.</violation>
</file>
<file name="agents/runtime/container_agent.py">
<violation number="1" location="agents/runtime/container_agent.py:54">
P1: The `connect` method doesn't handle `containerd` or `cri-o` runtimes (mentioned in the constructor comment). For these runtimes, the method silently returns `True` and logs "Connected to" without actually connecting, which is incorrect behavior.</violation>
<violation number="2" location="agents/runtime/container_agent.py:132">
P1: Accessing `self.k8s_client` here will raise `AttributeError` if `k8s_cluster` was `None` during `connect()`. The `connect` method only initializes `self.k8s_client` when both `container_runtime == "kubernetes"` AND `k8s_cluster` is truthy, but this method only checks the runtime.</violation>
</file>
<file name="apps/api/integrations.py">
<violation number="1" location="apps/api/integrations.py:68">
P1: HTTP requests lack timeout configuration. Without timeouts, requests to external services can hang indefinitely, potentially exhausting resources. Consider using `aiohttp.ClientTimeout` to set appropriate timeouts.</violation>
</file>
<file name="agents/language/javascript_agent.py">
<violation number="1" location="agents/language/javascript_agent.py:120">
P1: ESLint severity is numeric (1=warning, 2=error), but SARIF `level` field expects strings like "warning" or "error". This will produce invalid SARIF output.</violation>
</file>
<file name="agents/language/java_agent.py">
<violation number="1" location="agents/language/java_agent.py:108">
P1: Semgrep output format differs from expected `_findings_to_sarif` input. Semgrep results use `check_id`, `path`, and nested `start.line`/`start.col` fields, but `_findings_to_sarif` expects `rule_id`, `file`, `line`, `column`. This will produce SARIF with empty/incorrect values.</violation>
</file>
<file name="agents/language/go_agent.py">
<violation number="1" location="agents/language/go_agent.py:109">
P1: Semgrep output format uses different field names (`check_id`, `path`, `start.line`, `start.col`) than what `_findings_to_sarif` expects (`rule_id`, `file`, `line`, `column`). This will produce incorrect or empty SARIF results. Consider adding a proper field mapping in `_semgrep_to_sarif` similar to `_gosec_to_sarif`.</violation>
</file>
<file name="config/oss_tools.yml">
<violation number="1" location="config/oss_tools.yml:150">
P1: SQLMap is an offensive SQL injection tool that should not be enabled by default. This tool actively exploits SQL injection vulnerabilities and could cause unintended damage or compliance violations if triggered against production databases. Consider setting `enabled: false` by default and requiring explicit opt-in for security testing environments.</violation>
</file>
Reply to cubic to teach it or ask questions. Re-run a review with @cubic-dev-ai review this PR
|
|
||
| import logging | ||
| from datetime import datetime, timezone | ||
| from typing import Any, Dict, List |
Contributor
There was a problem hiding this comment.
P0: Optional is used in type annotations but not imported from typing. This will cause a NameError at module load time.
Prompt for AI agents
Check if this issue is valid — if so, understand the root cause and fix it. At agents/language/python_agent.py, line 10:
<comment>`Optional` is used in type annotations but not imported from `typing`. This will cause a `NameError` at module load time.</comment>
<file context>
@@ -0,0 +1,186 @@
+
+import logging
+from datetime import datetime, timezone
+from typing import Any, Dict, List
+
+from agents.core.agent_framework import (
</file context>
✅ Addressed in bf7f293
| @@ -0,0 +1,49 @@ | |||
| """PCI DSS Compliance Template.""" | |||
|
|
|||
| from compliance.templates.base import ComplianceTemplate, ComplianceRule | |||
Contributor
There was a problem hiding this comment.
P0: Missing import for type hints. List, Dict, and Any are used but not imported from typing. This will cause a NameError at runtime.
Prompt for AI agents
Check if this issue is valid — if so, understand the root cause and fix it. At compliance/templates/pci_dss.py, line 3:
<comment>Missing import for type hints. `List`, `Dict`, and `Any` are used but not imported from `typing`. This will cause a `NameError` at runtime.</comment>
<file context>
@@ -0,0 +1,49 @@
+"""PCI DSS Compliance Template."""
+
+from compliance.templates.base import ComplianceTemplate, ComplianceRule
+
+
</file context>
✅ Addressed in bf7f293
| from risk.reachability.api import router as reachability_router | ||
| except ImportError: | ||
| reachability_router = None | ||
| logger.warning("Reachability analysis API not available") |
Contributor
There was a problem hiding this comment.
P0: logger is used before it's defined. If this import fails, the application will crash with NameError: name 'logger' is not defined. Either move the logger definition before this block or use logging.warning() directly.
Prompt for AI agents
Check if this issue is valid — if so, understand the root cause and fix it. At apps/api/app.py, line 49:
<comment>`logger` is used before it's defined. If this import fails, the application will crash with `NameError: name 'logger' is not defined`. Either move the logger definition before this block or use `logging.warning()` directly.</comment>
<file context>
@@ -40,6 +40,13 @@
+ from risk.reachability.api import router as reachability_router
+except ImportError:
+ reachability_router = None
+ logger.warning("Reachability analysis API not available")
from core.analytics import AnalyticsStore
from core.configuration import OverlayConfig, load_overlay
</file context>
Suggested change
| logger.warning("Reachability analysis API not available") | |
| logging.warning("Reachability analysis API not available") |
✅ Addressed in bf7f293
| from agents.language.javascript_agent import JavaScriptAgent | ||
| from agents.language.java_agent import JavaAgent | ||
| from agents.language.go_agent import GoAgent | ||
| from agents.language.rust_agent import RustAgent |
Contributor
There was a problem hiding this comment.
P0: Import from non-existent module rust_agent will raise ModuleNotFoundError. The file agents/language/rust_agent.py does not exist in the repository. Similarly, the following imported modules are also missing: cpp_agent, ruby_agent, php_agent, dotnet_agent, swift_agent, kotlin_agent. Either create these missing agent files or remove the imports for modules that don't exist yet.
Prompt for AI agents
Check if this issue is valid — if so, understand the root cause and fix it. At agents/language/__init__.py, line 10:
<comment>Import from non-existent module `rust_agent` will raise `ModuleNotFoundError`. The file `agents/language/rust_agent.py` does not exist in the repository. Similarly, the following imported modules are also missing: `cpp_agent`, `ruby_agent`, `php_agent`, `dotnet_agent`, `swift_agent`, `kotlin_agent`. Either create these missing agent files or remove the imports for modules that don't exist yet.</comment>
<file context>
@@ -0,0 +1,30 @@
+from agents.language.javascript_agent import JavaScriptAgent
+from agents.language.java_agent import JavaAgent
+from agents.language.go_agent import GoAgent
+from agents.language.rust_agent import RustAgent
+from agents.language.cpp_agent import CppAgent
+from agents.language.ruby_agent import RubyAgent
</file context>
✅ Addressed in bf7f293
|
|
||
| from automation.dependency_updater import DependencyUpdater, UpdateResult | ||
| from automation.pr_generator import PRGenerator, PRResult | ||
| from automation.remediation import RemediationEngine, RemediationResult |
Contributor
There was a problem hiding this comment.
P0: Import from non-existent module automation.remediation will cause an ImportError at runtime. The file automation/remediation.py does not exist in the codebase. Either create the missing module or remove this import and the corresponding entries from __all__.
Prompt for AI agents
Check if this issue is valid — if so, understand the root cause and fix it. At automation/__init__.py, line 8:
<comment>Import from non-existent module `automation.remediation` will cause an `ImportError` at runtime. The file `automation/remediation.py` does not exist in the codebase. Either create the missing module or remove this import and the corresponding entries from `__all__`.</comment>
<file context>
@@ -0,0 +1,17 @@
+
+from automation.dependency_updater import DependencyUpdater, UpdateResult
+from automation.pr_generator import PRGenerator, PRResult
+from automation.remediation import RemediationEngine, RemediationResult
+
+__all__ = [
</file context>
| for message in file_data.get("messages", []): | ||
| findings.append({ | ||
| "rule_id": message.get("ruleId", ""), | ||
| "severity": message.get("severity", 2), |
Contributor
There was a problem hiding this comment.
P1: ESLint severity is numeric (1=warning, 2=error), but SARIF level field expects strings like "warning" or "error". This will produce invalid SARIF output.
Prompt for AI agents
Check if this issue is valid — if so, understand the root cause and fix it. At agents/language/javascript_agent.py, line 120:
<comment>ESLint severity is numeric (1=warning, 2=error), but SARIF `level` field expects strings like "warning" or "error". This will produce invalid SARIF output.</comment>
<file context>
@@ -0,0 +1,126 @@
+ for message in file_data.get("messages", []):
+ findings.append({
+ "rule_id": message.get("ruleId", ""),
+ "severity": message.get("severity", 2),
+ "file": file_data.get("filePath", ""),
+ "line": message.get("line", 0),
</file context>
✅ Addressed in 30e21df
| ], | ||
| } | ||
|
|
||
| def _semgrep_to_sarif(self, semgrep_data: Dict[str, Any]) -> Dict[str, Any]: |
Contributor
There was a problem hiding this comment.
P1: Semgrep output format differs from expected _findings_to_sarif input. Semgrep results use check_id, path, and nested start.line/start.col fields, but _findings_to_sarif expects rule_id, file, line, column. This will produce SARIF with empty/incorrect values.
Prompt for AI agents
Check if this issue is valid — if so, understand the root cause and fix it. At agents/language/java_agent.py, line 108:
<comment>Semgrep output format differs from expected `_findings_to_sarif` input. Semgrep results use `check_id`, `path`, and nested `start.line`/`start.col` fields, but `_findings_to_sarif` expects `rule_id`, `file`, `line`, `column`. This will produce SARIF with empty/incorrect values.</comment>
<file context>
@@ -0,0 +1,110 @@
+ ],
+ }
+
+ def _semgrep_to_sarif(self, semgrep_data: Dict[str, Any]) -> Dict[str, Any]:
+ """Convert Semgrep output to SARIF."""
+ return self._findings_to_sarif(semgrep_data.get("results", []), "Semgrep")
</file context>
✅ Addressed in 30e21df
| ], | ||
| } | ||
|
|
||
| def _semgrep_to_sarif(self, semgrep_data: Dict[str, Any]) -> Dict[str, Any]: |
Contributor
There was a problem hiding this comment.
P1: Semgrep output format uses different field names (check_id, path, start.line, start.col) than what _findings_to_sarif expects (rule_id, file, line, column). This will produce incorrect or empty SARIF results. Consider adding a proper field mapping in _semgrep_to_sarif similar to _gosec_to_sarif.
Prompt for AI agents
Check if this issue is valid — if so, understand the root cause and fix it. At agents/language/go_agent.py, line 109:
<comment>Semgrep output format uses different field names (`check_id`, `path`, `start.line`, `start.col`) than what `_findings_to_sarif` expects (`rule_id`, `file`, `line`, `column`). This will produce incorrect or empty SARIF results. Consider adding a proper field mapping in `_semgrep_to_sarif` similar to `_gosec_to_sarif`.</comment>
<file context>
@@ -0,0 +1,125 @@
+ ],
+ }
+
+ def _semgrep_to_sarif(self, semgrep_data: Dict[str, Any]) -> Dict[str, Any]:
+ """Convert Semgrep output to SARIF."""
+ return self._findings_to_sarif(semgrep_data.get("results", []), "Semgrep")
</file context>
| - android | ||
|
|
||
| # SQLMap (Database security) | ||
| sqlmap: |
Contributor
There was a problem hiding this comment.
P1: SQLMap is an offensive SQL injection tool that should not be enabled by default. This tool actively exploits SQL injection vulnerabilities and could cause unintended damage or compliance violations if triggered against production databases. Consider setting enabled: false by default and requiring explicit opt-in for security testing environments.
Prompt for AI agents
Check if this issue is valid — if so, understand the root cause and fix it. At config/oss_tools.yml, line 150:
<comment>SQLMap is an offensive SQL injection tool that should not be enabled by default. This tool actively exploits SQL injection vulnerabilities and could cause unintended damage or compliance violations if triggered against production databases. Consider setting `enabled: false` by default and requiring explicit opt-in for security testing environments.</comment>
<file context>
@@ -0,0 +1,171 @@
+ - android
+
+ # SQLMap (Database security)
+ sqlmap:
+ enabled: true
+ path: /usr/local/bin/sqlmap
</file context>
|
|
||
| elif self.container_runtime == "kubernetes": | ||
| # Get pods | ||
| pods = self.k8s_client.list_pod_for_all_namespaces() |
Contributor
There was a problem hiding this comment.
P1: Accessing self.k8s_client here will raise AttributeError if k8s_cluster was None during connect(). The connect method only initializes self.k8s_client when both container_runtime == "kubernetes" AND k8s_cluster is truthy, but this method only checks the runtime.
Prompt for AI agents
Check if this issue is valid — if so, understand the root cause and fix it. At agents/runtime/container_agent.py, line 132:
<comment>Accessing `self.k8s_client` here will raise `AttributeError` if `k8s_cluster` was `None` during `connect()`. The `connect` method only initializes `self.k8s_client` when both `container_runtime == "kubernetes"` AND `k8s_cluster` is truthy, but this method only checks the runtime.</comment>
<file context>
@@ -0,0 +1,181 @@
+
+ elif self.container_runtime == "kubernetes":
+ # Get pods
+ pods = self.k8s_client.list_pod_for_all_namespaces()
+
+ for pod in pods.items:
</file context>
cursor Bot
pushed a commit
that referenced
this pull request
Dec 8, 2025
… error handling and documentation This PR consolidates changes from PR #191 and #192, which address issues identified in PR #185: ## Changes - Fixed missing module reference to lib4sbom/quality.py in documentation - Enhanced error handling in CLI (fixops_sbom.py) with comprehensive try-except blocks - Improved error handling in normalizer with better error messages - Added comprehensive docstrings to all public functions - Created AI model comparison analysis document - Added pre-merge checks status documentation ## Pre-merge Checks ✅ Black formatting - PASSED ✅ isort imports - PASSED ✅ Flake8 linting - PASSED ✅ Python syntax - PASSED ✅ Tests - All 5 SBOM quality tests PASSED ## Files Modified - cli/fixops_sbom.py: Enhanced error handling and user experience - lib4sbom/normalizer.py: Improved error handling and documentation - analysis/VULNERABILITY_MANAGEMENT_GAPS_ANALYSIS.md: Fixed module reference ## Files Added - analysis/PR185_AI_MODEL_COMPARISON.md: Comprehensive AI model analysis - analysis/PR185_FIXES_SUMMARY.md: Summary of all fixes - analysis/PRE_MERGE_CHECKS_STATUS.md: Pre-merge checks documentation This PR can replace PR #191 and #192 once merged.
cursor Bot
pushed a commit
that referenced
this pull request
Dec 8, 2025
… error handling and documentation This PR consolidates changes from PR #191 and #192, which address issues identified in PR #185: - Fixed missing module reference to lib4sbom/quality.py in documentation - Enhanced error handling in CLI (fixops_sbom.py) with comprehensive try-except blocks - Improved error handling in normalizer with better error messages - Added comprehensive docstrings to all public functions - Created AI model comparison analysis document - Added pre-merge checks status documentation ✅ Black formatting - PASSED ✅ isort imports - PASSED ✅ Flake8 linting - PASSED ✅ Python syntax - PASSED ✅ Tests - All 5 SBOM quality tests PASSED - cli/fixops_sbom.py: Enhanced error handling and user experience - lib4sbom/normalizer.py: Improved error handling and documentation - analysis/VULNERABILITY_MANAGEMENT_GAPS_ANALYSIS.md: Fixed module reference - analysis/PR185_AI_MODEL_COMPARISON.md: Comprehensive AI model analysis - analysis/PR185_FIXES_SUMMARY.md: Summary of all fixes - analysis/PRE_MERGE_CHECKS_STATUS.md: Pre-merge checks documentation This PR can replace PR #191 and #192 once merged.
cursor Bot
pushed a commit
that referenced
this pull request
Dec 8, 2025
… error handling and documentation This PR consolidates changes from PR #191 and #192, which address issues identified in PR #185: - Fixed missing module reference to lib4sbom/quality.py in documentation - Enhanced error handling in CLI (fixops_sbom.py) with comprehensive try-except blocks - Improved error handling in normalizer with better error messages - Added comprehensive docstrings to all public functions - Created AI model comparison analysis document - Added pre-merge checks status documentation ✅ Black formatting - PASSED ✅ isort imports - PASSED ✅ Flake8 linting - PASSED ✅ Python syntax - PASSED ✅ Tests - All 5 SBOM quality tests PASSED - cli/fixops_sbom.py: Enhanced error handling and user experience - lib4sbom/normalizer.py: Improved error handling and documentation - analysis/VULNERABILITY_MANAGEMENT_GAPS_ANALYSIS.md: Fixed module reference - analysis/PR185_AI_MODEL_COMPARISON.md: Comprehensive AI model analysis - analysis/PR185_FIXES_SUMMARY.md: Summary of all fixes - analysis/PRE_MERGE_CHECKS_STATUS.md: Pre-merge checks documentation This PR can replace PR #191 and #192 once merged.
… non-existent agent imports, fix pytest.config issue, remove unused imports Co-Authored-By: shiva kumaar <info@devopsai.co>
devin-ai-integration Bot
added a commit
that referenced
this pull request
Dec 9, 2025
Co-Authored-By: shiva kumaar <info@devopsai.co>
…iew-4d1b and fix flake8 errors Resolved merge conflicts and fixed: - Added missing typing imports in compliance templates (hipaa.py, nist.py, pci_dss.py, soc2.py) - Removed unused imports in agents/language/python_agent.py - Removed unused signal import in tests/e2e/test_cli_functionality.py Co-Authored-By: shiva kumaar <info@devopsai.co>
4 tasks
Contributor
|
Closing as part of PR consolidation. Useful changes have been cherry-picked into PR #240. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.