Conversation
* `CompAi.Trust Portal.TrustPortalController_listComplianceResources_v1()`: `response.[]` **Changed** (Breaking⚠️ ) * `CompAi.Policies.PoliciesController_createPolicyVersion_v1()`: * `request.body` **Changed** (Breaking⚠️ ) * `CompAi.Trust Portal.TrustPortalController_uploadComplianceResource_v1()`: * `request` **Changed** * `response` **Changed** (Breaking⚠️ ) * `CompAi.Evidence Export (Auditor).AuditorEvidenceExportController_exportAllEvidence_v1()`: `response` **Changed** (Breaking⚠️ ) * `CompAi.Security Penetration Tests.PentestFindingContextsController_list_v1()`: **Added** * `CompAi.Trust Portal.TrustPortalController_getComplianceResourceUrl_v1()`: `request` **Changed** * `CompAi.Security Penetration Tests.PentestFindingContextsController_upsert_v1()`: **Added** * `CompAi.Security Penetration Tests.PentestFindingContextsController_remove_v1()`: **Added** * `CompAi.Trust Portal.TrustPortalController_listCustomFrameworks_v1()`: **Added** * `CompAi.Trust Portal.TrustPortalController_updateCustomFramework_v1()`: **Added** * `CompAi.Trust Access.TrustAccessController_getPublicCustomFrameworks_v1()`: **Added** * `CompAi.CloudSecurity.CloudSecurityController_resolveSession_v1()`: **Added** * `CompAi.Trust Portal.TrustPortalController_updateAllowedEmails_v1()`: **Added** * `CompAi.Findings.FindingsController_listFindings_v1()`: * `request.evidenceFormType` **Changed** * `CompAi.Findings.FindingsController_createFinding_v1()`: * `request.evidenceFormType.enum(account-types)` **Added** * `CompAi.Controls.ControlsController_create_v1()`: * `request.documentTypes[].enum(account_types)` **Added** * `CompAi.Controls.ControlsController_linkDocumentTypes_v1()`: * `request.body.formTypes[].enum(account_types)` **Added** * `CompAi.Controls.ControlsController_unlinkDocumentType_v1()`: * `request.formType` **Changed** * `CompAi.Security Penetration Tests.SecurityPenetrationTestsController_create_v1()`: * `request.body.additionalContext` **Added**
…e excepted
AWS integration-platform check findings never carried evidence.findingKey,
which the exception API requires as a stable identity. Every finding from that
pipeline failed with "lacks a stable check/resource identity" when marked as an
exception (customer report: PRIMER, AWS account 619126148487).
- Expose the running check id on CheckContext (set by the runner before run()).
- Stamp findingKey = `${checkId}-${resourceId}` in AWS emitOutcomes so all six
AWS services get it at one chokepoint, including key-auth connections.
- Add resolveCheckKey() helper; the exception resolver and the findings query
both fall back to the run's checkId for older rows that predate stamping,
rejecting the 'all' auto-run sentinel.
- Scope stamping to AWS only — GCP/Azure manifest runs share scanMode:null and
would otherwise produce false reconciliation "resolved" events.
Tests: +4 emitOutcomes (bun), +4 exception.service (jest).
Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
…gkey fix(cloud-security): stamp findingKey on AWS checks so findings can be marked as exceptions
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
chore: 🐝 Update SDK - Generate 0.2.0
|
|
Contributor
|
🎉 This PR is included in version 3.79.1 🎉 The release is available on GitHub release Your semantic-release bot 📦🚀 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This is an automated pull request to release the candidate branch into production, which will trigger a deployment.
It was created by the [Production PR] action.
Summary by cubic
Fixes AWS findings that couldn’t be excepted by stamping a stable per-check/resource key and suppressing them correctly. Also regenerates the
@trycompai/mcp-serverSDK to v0.2.0 with new trust portal and pentest context tools and small API changes.Bug Fixes
findingKey = ${checkId}-${resourceId}in AWS emitters; exposectx.checkIdand useresolveCheckKeyin exception resolution and findings list (falls back to runcheckId, rejects'all').New Features
@trycompai/mcp-serverSDK to v0.2.0: add tools for resolve-session, pentest finding contexts (list/set/delete), and trust portal (list/update custom frameworks, update allowed emails, public frameworks).versionandscriptKey; addaccount-typesenum across findings/controls.Written for commit bfc8897. Summary will update on new commits.