Add vpatch-CVE-2026-1207 rule and test (#1691) #708

	name: Vpatch collection lint
	on:
	push:
	paths:
	- "appsec-rules/**.yaml"
	- "appsec-rules/**.yml"
	- ".github/workflows/appsec_vpatch_lint.yaml"
	- "./collections/crowdsecurity/appsec-virtual-patching.yaml"
	- "src/cshub/appsec_vpatch_lint.py"
	- "pyproject.toml"
	- "uv.lock"

	jobs:
	update-taxonomy:
	runs-on: ubuntu-latest
	steps:

	- name: checkout repo
	uses: actions/checkout@v4
	with:
	fetch-depth: 0

	- name: Install uv
	uses: astral-sh/setup-uv@v5
	with:
	version: 0.5.24
	enable-cache: true
	cache-dependency-glob: "uv.lock"

	- name: set up python
	uses: actions/setup-python@v5
	with:
	python-version-file: ".python-version"

	- name: Get changed files
	run: \|
	changed_files=$(git diff-tree --no-commit-id --name-only -r $GITHUB_SHA \| tr '\n' ',' \| sed 's/,$/\n/')
	echo "changed_files=${changed_files}" >> $GITHUB_ENV
	- name: Create local changes
	env:
	AUTHOR: ${{ github.actor }}
	run: \|
	uv sync --all-extras --dev --locked
	uv run appsec-vpatch-lint -e appsec_vpatch_cve_error.md --hub ./
	[ -f "appsec_vpatch_cve_error.md" ] && echo "taxonomy_errors=1" >> $GITHUB_ENV \|\| echo "taxonomy_errors=0" >> $GITHUB_ENV
	- uses: jwalton/gh-find-current-pr@v1
	id: findPr
	with:
	state: open
	- name: Comment PR if errors
	if: ${{ (env.taxonomy_errors == '1') && (github.event_name == 'push') && (github.ref != 'refs/heads/master') }}
	uses: thollander/actions-comment-pull-request@v2
	with:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	filePath: appsec_vpatch_cve_error.md
	pr_number: ${{ steps.findPr.outputs.pr }}

Provide feedback