Skip to content

feat(amazonq): enable displayFindings tool #7799

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 5 commits into from
Aug 4, 2025
Merged

feat(amazonq): enable displayFindings tool #7799

merged 5 commits into from
Aug 4, 2025

Conversation

@BlakeLazarine
Copy link
Contributor

@BlakeLazarine BlakeLazarine commented Aug 1, 2025
edited
Loading

Problem

Need to enable and support findings coming in from the displayFindings tool

Also - Agentic scans are supposed to use the CodeAnalysisScope of AGENTIC, which needed to be added

Solution

Set feature flag for displayFindings to be true

Listen for displayFindings messageId from FLARE similarly to how is being done for CodeReview tool.

Treat displayFindings findings and CodeReview findings separately, so they do not overwrite one another.

image
  • Treat all work as PUBLIC. Private feature/x branches will not be squash-merged at release time.
  • Your code changes must meet the guidelines in CONTRIBUTING.md.
  • License: I confirm that my contribution is made under the terms of the Apache 2.0 license.

@BlakeLazarine BlakeLazarine requested a review from a team as a code owner August 1, 2025 19:12
@amazon-inspector-ohio
Copy link

amazon-inspector-ohio bot commented Aug 1, 2025

⏳ I'm reviewing this pull request for security vulnerabilities and code quality issues. I'll provide an update when I'm done

@github-actions
Copy link

github-actions bot commented Aug 1, 2025

  • This pull request modifies code in src/* but no tests were added/updated.
    • Confirm whether tests should be added or ensure the PR description explains why tests are not required.
  • This pull request implements a feat or fix, so it must include a changelog entry (unless the fix is for an unreleased feature). Review the changelog guidelines.
    • Note: beta or "experiment" features that have active users should announce fixes in the changelog.
    • If this is not a feature or fix, use an appropriate type from the title guidelines. For example, telemetry-only changes should use the telemetry type.

laileni-aws
laileni-aws reviewed Aug 1, 2025
View reviewed changes
laileni-aws
laileni-aws previously approved these changes Aug 1, 2025
View reviewed changes
laileni-aws
laileni-aws previously approved these changes Aug 1, 2025
View reviewed changes
tsmithsz
tsmithsz reviewed Aug 1, 2025
View reviewed changes
packages/core/src/codewhisperer/service/securityIssueProvider.ts
)
}

public mergeIssuesDisplayFindings(newIssues: AggregatedCodeScanIssue, fromQCA: boolean) {
Copy link
Contributor

@tsmithsz tsmithsz Aug 1, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could we add tests for this?

@tsmithsz tsmithsz merged commit d40d74a into aws:master Aug 4, 2025
28 of 31 checks passed
@BlakeLazarine BlakeLazarine deleted the display-findings-tool branch August 4, 2025 16:58
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@laileni-aws laileni-aws laileni-aws approved these changes

+1 more reviewer

@tsmithsz tsmithsz tsmithsz approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@BlakeLazarine @tsmithsz @laileni-aws @blakelaz-amazon @singhAws