Skip to content

feat: auto-scanner with 6-phase automation pipeline#194

Open
om952 wants to merge 14 commits into
OpenScanAI:masterfrom
om952:issue-5
Open

feat: auto-scanner with 6-phase automation pipeline#194
om952 wants to merge 14 commits into
OpenScanAI:masterfrom
om952:issue-5

Conversation

@om952

@om952 om952 commented Jun 17, 2026

Copy link
Copy Markdown

Automated bug detection and fix pipeline:

Phase 1: Auto-Detection

  • Scans workspaces every 15 minutes for: TypeScript errors, Python lint, build failures, security vulnerabilities, outdated dependencies

Phase 2: Auto-Issue Creation

  • Creates Levi issues with severity-based priority (critical→urgent, high→high, medium→medium)

Phase 3: Auto-Execution

  • Wakes up assigned agent via queueIssueAssignmentWakeup

Phase 4: Auto-Testing

  • verifyFix() runs npm test/pytest after agent fixes code
  • Issue description includes test instructions for agent

Phase 5: Auto-PR Creation

  • createPRFromIssue() creates branch/commit/push
  • GitHub plugin enablePrOnDone as fallback

Phase 6: Auto-Notification

  • sendNotification() posts to configurable webhook

Endpoints:

  • POST /api/code-scanner/run - manual scan
  • GET /api/code-scanner/status - scanner state
  • POST /api/code-scanner/configure - update config
  • POST /api/code-scanner/verify/:issueId - verify fix
  • POST /api/code-scanner/pr/:issueId - create PR branch

Files:

  • server/src/services/code-scanner.ts (748 lines)
  • server/src/routes/code-scanner.ts (124 lines)
  • server/src/tests/code-scanner-service.test.ts (65 lines)
  • server/src/app.ts (integration)

closes #5

om kandpal and others added 14 commits May 27, 2026 17:16
- Added section 9: Error Handling Standards
- Rules: try/catch wrapper, logError call, exact error response shape,
  HTTP status codes (500/400/404), logError location
- Renumbered subsequent sections (10-13)
## Problem
Agent creation fails with adapter errors when agents try to create issues.
CTO agent specifically gets: adapter_failed, tool_call_id errors, max iterations reached.

## Root Causes
1. Missing Permissions - Only CEO had canCreateAgents permission
2. Process Adapter Missing JWT - No supportsLocalAgentJwt flag
3. Missing API Keys - Agents created without API keys
4. Missing tool_call_id - ACPX adapter events lacked toolCallId

## Fixes
- Extended defaultPermissionsForRole() to include leadership roles (CEO, CTO, CFO, COO, VP, Director)
- Added applyDefaultAgentCreateGrant() to auto-grant agents:create permission in DB
- Added auto-generation of API keys on agent creation
- Added supportsLocalAgentJwt: true to process adapter with PAPERCLIP_API_KEY injection
- Added toolCallId validation and fallback ID generation in ACPX adapter

## Tests
- 75 tests passing across modified areas
- New e2e tests: agent-issue-creation-e2e.test.ts (4 tests)
- New full e2e tests: agent-issue-creation-full-e2e.test.ts (4 tests with real DB)

Closes OpenScanAI#4
… API endpoints

- Add ioredis dependency for Redis-backed rate limiting
- Create rate-limiter middleware with 5 tiers: public, authenticated, heartbeat, write, admin
- Implement LRU fallback store when Redis is unavailable
- Add config schema changes for redis and rateLimiting settings
- Wire rate limiter into app.ts and index.ts startup
- Health routes bypass rate limiting for load balancer checks
- Standard rate limit headers: X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset, X-RateLimit-Tier
- Fail-open behavior when Redis is unavailable (configurable)
- Path normalization for parameterized routes to prevent per-endpoint gaming

Closes OpenScanAI#132
- Tier detection tests: public, authenticated, write, admin, heartbeat
- Rate limiting behavior: under limit, over limit, window reset
- Middleware tests: headers, 429 response, fail-open, fail-closed
- Path normalization tests: UUID and numeric ID grouping
- Fix health endpoint tier detection (returns public for unauthenticated)

All 15 tests passing
Phase 1: Auto-Detection - scans workspaces for TypeScript errors, Python lint,
build failures, security vulnerabilities, and outdated dependencies

Phase 2: Auto-Issue Creation - creates Levi issues with severity-based priority

Phase 3: Auto-Execution - wakes up assigned agent via queueIssueAssignmentWakeup

Phase 4: Auto-Testing - verifyFix() runs tests after agent fixes code

Phase 5: Auto-PR Creation - createPRFromIssue() creates branch/commit/push
(GitHub plugin also has enablePrOnDone fallback)

Phase 6: Auto-Notification - sendNotification() posts to webhook

Endpoints:
- POST /api/code-scanner/run - manual scan
- GET /api/code-scanner/status - scanner state
- POST /api/code-scanner/configure - update config
- POST /api/code-scanner/verify/:issueId - verify fix
- POST /api/code-scanner/pr/:issueId - create PR branch

Scanner runs every 15 minutes via cron, starts/stops with app lifecycle.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Reduce Task Completion Time from 10 Hours to 10 Minutes

1 participant