Skip to content

Test PR 2: Add phishing link detection rule #3

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
aidenmitchell wants to merge 8 commits into
base: main
Choose a base branch
from
Open

Test PR 2: Add phishing link detection rule #3

aidenmitchell wants to merge 8 commits into from

Conversation

@aidenmitchell
Copy link
Owner

@aidenmitchell aidenmitchell commented Jan 16, 2026

Testing the sync workflow with a phishing detection rule.

aidenmitchell and others added 8 commits January 16, 2026 10:56
@aidenmitchell @claude
Refactor sync scripts into modular architecture
28765e3 
- Extract monolithic sync_detection_rules.py into shared library modules
- Create separate sync_test_rules.py and sync_shared_samples.py scripts
- Move helper scripts to .github/scripts/
- Add PR commenting for exclusions (membership, bulk, link_analysis)
- Add do-not-merge label check to skip PRs from syncing
- Update rule-validate.yml to use local scripts
- Rename update-test-rules.yml to sync-test-rules.yml
- Add new sync-shared-samples.yml workflow

New directory structure:
.github/scripts/
  lib/           - Shared library modules
  sync_test_rules.py
  sync_shared_samples.py
  mql_format.py
  check_invisible_chars.py
  generate_rule_ids/

Co-Authored-By: Claude Opus 4.5 <[email protected]>
@aidenmitchell
Merge pull request #1 from aidenmitchell/refactor-sync-scripts
187144e
@aidenmitchell @claude
Set DELETE_RULES_FROM_CLOSED_PRS_DELAY to 0 for immediate cleanup
8ef1324 
Co-Authored-By: Claude Opus 4.5 <[email protected]>
@aidenmitchell @claude
Add PRCache to reduce redundant API calls
118de09 
Introduces a caching layer that reduces API calls by 50-70%:
- Labels: fetched once per PR instead of 8-16 times
- Comments: fetched once per PR instead of twice
- Org membership: cached per user across all PRs

Co-Authored-By: Claude Opus 4.5 <[email protected]>
@aidenmitchell @claude
Add parallel prefetching for 8x faster sync scripts
de9bb17 
- Add prefetch_labels(), prefetch_pr_files(), prefetch_file_contents()
  methods to PRCache using ThreadPoolExecutor
- Update sync_shared_samples.py to prefetch all data in parallel before
  processing (93s -> 11s, ~88% faster)
- Update sync_test_rules.py with same parallel prefetching pattern

Co-Authored-By: Claude Opus 4.5 <[email protected]>
@aidenmitchell
Set REPO_OWNER to fork for workflow testing
625e884
@aidenmitchell
Add test phishing link rule
73fa23d
Auto-format MQL and add rule IDs
5d3e65c
github-actions bot added a commit that referenced this pull request Jan 16, 2026
@github-actions
[PR #3] added rule: PR# 3 - Test Rule - Phishing Link Detection
4b6b3c3
github-actions bot added a commit that referenced this pull request Jan 16, 2026
@github-actions
[PR #3] added rule: Test Rule - Phishing Link Detection
dd1ae86
github-actions bot added a commit that referenced this pull request Jan 16, 2026
@github-actions
[PR #3] Delete detection rule
7d92b78
github-actions bot added a commit that referenced this pull request Jan 16, 2026
@github-actions
[PR #3] Delete detection rule
b305cfd
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

in-test-rules

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@aidenmitchell