JGC-473 - Add AI-agent help text to security commands#760
Open
ehl-jf wants to merge 1 commit into
Open
Conversation
Populate components.Command.AIDescription on commands. The new field (added in jfrog-cli-core JGC-473) makes the conversion layer render agent-oriented text when JFROG_CLI_AI_HELP is truthy or an AI agent is auto-detected. Empty AIDescription falls back to Description, so command output is unchanged in human mode. Scope: 15 help.go files + 26 components.Command literals across cli/scancommands.go, cli/gitcommands.go, cli/xraycommands.go. Hidden commands intentionally included (see PR description). Targets the dev branch. TEMPORARY go.mod pin: the require for github.com/jfrog/jfrog-cli-core/v2 points at JGC-473-devbase (commit d507b5c6) - a coordination branch that cherry-picks JGC-473 onto core's pinned commit 908527b4 (the last commit before core master removed yarn.IsVersionSupported and IsInstalledYarnVersionSupported, which downstream callers in jfrog-cli-artifactory still depend on). This require MUST be updated to the merged master commit's pseudo-version after the jfrog-cli-core JGC-473 PR merges. Do not merge this PR until the require is re-pinned.
4 tasks
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Adds
AIDescriptionto security's commands so they render agent-oriented help whenJFROG_CLI_AI_HELPis truthy or an AI agent is auto-detected. EmptyAIDescriptionfalls back toDescription; human-mode output is unchanged.Scope: 15 help.go files (
cli/docs/*/help.go) + 26components.Commandliterals acrosscli/scancommands.go,cli/gitcommands.go,cli/xraycommands.go.Hidden-command coverage exception
This PR also adds
AIDescriptionto Hidden commands (docker scan,source-mcp,sast-server,upload-cdx, deprecatedaudit-mvn/gradle/npm/go/pip/pipenv,git audit,git count-contributors, deprecatedxr scan/audit-*). Other JGC-473 plugin PRs strictly skipped Hidden commands per the JGC-473 plan; security included them because:jf --helplistings, butjf <hidden-cmd> --helpstill worksRemoving the Hidden-command wirings would throw away valid content for paperwork consistency. We chose to keep them. Flagged here so reviewers know this is intentional.
TEMPORARY go.mod pin — DO NOT MERGE UNTIL RE-PINNED
go.modrequire forgithub.com/jfrog/jfrog-cli-core/v2points at `JGC-473-devbase` (commit `d507b5c6`). See linked core PR. Re-pin to merged jfrog-cli-core master pseudo-version before merge.Linked
Test plan
go build ./...cleango test ./...1186 passed, 34 pre-existing environmental failures (require local pnpm/dotnet/yarn/etc. toolchains)