Skip to content

Backlog/fix/socai#2094

Closed
AlexSanchez-bit wants to merge 7 commits into
v11from
backlog/fix/socai
Closed

Backlog/fix/socai#2094
AlexSanchez-bit wants to merge 7 commits into
v11from
backlog/fix/socai

Conversation

@AlexSanchez-bit
Copy link
Copy Markdown
Contributor

@AlexSanchez-bit AlexSanchez-bit commented May 21, 2026

Main chages

previously an already defined configuratio was needed for getting config kays, data types, now a default template for newly created data is setted up so updates can work even if there's no module group on database

Kbayero and others added 7 commits May 19, 2026 11:50
@Kbayero
update actions workflow
0301ad2
@Kbayero
fix(workflows): unblock PR checks on large diffs + private go modules
b11df8a
@Kbayero
fix(approver): use english in sticky PR comments
b0c5b52
@JocLRojas
Feature/cleanup rules and filters (#2091)
bd2c9d2 
* refactor(filters): update macOS filter configuration

* chore(rules): remove Office365 brute force detection rule

* chore(rules): remove PowerShell Empire detection rule

* chore(rules): remove RDP brute force attacks rule
@AlexSanchez-bit
fix[frontend](soar/create-rule): added fixed create/edit rule undefin… (
9682d0d 
#2087)

* fix[frontend](soar/create-rule): added fixed create/edit rule undefined id error

* chore[](): updated go packages

* fix[frontend](environment):environments on gitignore and removed the actual local dev environment

* chore[](): updated go packages
@AlexSanchez-bit
feat[backed](elasticSearchService): added batch processing of request… (
81165da 
#2090)

* feat[backed](elasticSearchService): added batch processing of requests and auto rebuild on IO errors

* chore[backend](): updated go dependencies

* fix[backend](elastic-service): sanitized csv before exportation and changed error messages
@AlexSanchez-bit
fix[frontend](socai): added default template for empty previous socai…
03c163d 
… configuration
@AlexSanchez-bit AlexSanchez-bit requested a review from a team May 21, 2026 21:49
@github-actions
Copy link
Copy Markdown

github-actions Bot commented May 21, 2026

❌ Go dependencies check failed

There are outdated Go dependencies, or modules that could not be inspected.
Run bash .github/scripts/go-deps.sh --update --discover locally and
commit the updated go.mod / go.sum files.

Script output 
🔍 Discovered 25 Go projects

📦 Dependencies with updates available:

  📁 ./agent:
     - golang.org/x/sys: v0.44.0 → v0.45.0

�[0;31m❌ Please update dependencies before merging.�[0m

@github-actions
Copy link
Copy Markdown

github-actions Bot commented May 21, 2026

🛑 AI review — Engineer review required

This PR touches critical paths or introduces changes the model cannot judge with sufficient confidence. @Kbayero @osmontero please review.

🛑 architecture (gemini-3-flash-lite) — Tier 3 — engineer review required

Summary: PR includes significant CI/CD infrastructure changes, removal of Dependabot, and critical backend/plugin dependency updates.

  • high .github/dependabot.yml:1 — Dependabot configuration deleted. This removes automated security patching for all Go and Java modules. If this is intentional, ensure an alternative vulnerability management process is in place.
  • high .github/workflows/pr-checks.yml:1 — Introduction of a new custom CI/CD orchestration layer (approver, ai-review, go-deps). This is a critical path change that replaces standard GitHub Actions patterns and requires manual verification of the new workflow logic.
  • medium backend/src/main/java/com/park/utmstack/service/elasticsearch/OpensearchClientBuilder.java:20 — Introduction of a mutable singleton client with a rebuild mechanism. Ensure that concurrent requests during a rebuild event are handled safely without causing race conditions or resource leaks.
  • medium backend/src/main/java/com/park/utmstack/web/rest/elasticsearch/ElasticsearchResource.java:200 — Refactoring of CSV export to use streaming pagination. While this prevents OOM, ensure that the searchStream implementation correctly handles index pattern timeouts and potential partial data exports.

⚠️ bugs (gemini-3-flash-lite) — Tier 2 — changes requested

Summary: Found a typo in documentation and a potential bug in CSV export logic.

  • medium .github/workflows/README.md:45 — Typo: 'Table of contents' should be 'Table of Contents' to match standard documentation style, or consistent casing should be used.
  • high backend/src/main/java/com/park/utmstack/util/UtilCsv.java:62 — Potential bug: JsonPath.parse(d) is called inside a loop over data (which is a List of objects). If d is already a Map or POJO, JsonPath.parse might fail or behave unexpectedly depending on the input type. It should be parsed once or handled based on the actual type of d.

security (gemini-3-flash-lite) — Tier 1 — looks clean

Summary: The PR introduces CI/CD infrastructure for automated PR checks, including AI-based security and bug reviews, and updates dependency versions.

No findings.

utmstackprapprover[bot]
utmstackprapprover Bot suggested changes May 21, 2026
View reviewed changes
Copy link
Copy Markdown

@utmstackprapprover utmstackprapprover Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Changes requested — see approver comments above.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@utmstackprapprover utmstackprapprover[bot] utmstackprapprover[bot] requested changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@AlexSanchez-bit @Kbayero @JocLRojas