Skip to content

Fix bot-caught issues from PR #33 review#39

Open
TechNickAI wants to merge 2 commits intomainfrom
fix/pr33-review-sweep
Open

Fix bot-caught issues from PR #33 review#39
TechNickAI wants to merge 2 commits intomainfrom
fix/pr33-review-sweep

Conversation

@TechNickAI
Copy link
Owner

@TechNickAI TechNickAI commented Mar 24, 2026

Summary

Follow-up fixes for review comments on #33 (Add security hardening and threat intelligence):

  • Fix git secret scanning commandgit log -S only accepts one pattern; multiple -S flags silently use only the last one. Switched to git log -G with regex alternation to match all secret patterns (sk-ant-|AKIA|ghp_|sk-) in a single pass.
  • Fix escalation cadence mismatch — MEDIUM severity row referenced "daily sweep notification" but the security sentinel runs weekly. Changed to "weekly digest".

Also triaged all 7 bot comments on PR #33:

Test plan

  • Verify git log -G 'sk-ant-|AKIA|ghp_|sk-' works as expected (regex alternation)
  • Confirm escalation table reads consistently (weekly digest for both MEDIUM and LOW)

🤖 Generated with Claude Code

Nick Sullivan and others added 2 commits March 24, 2026 00:15
BOOT.md template: add conversation recovery on restart
a4e5d92 
When gateway restarts within 1 minute of an active direct conversation,
read the last transcript entries and send a brief recovery message so
the user can pick up where they left off.
@claude
Fix two bot-caught issues from PR #33 review
1769b93 
- Use `git log -G` (regex) instead of multiple `-S` flags for secret
  scanning — git pickaxe only accepts one `-S` pattern, so the previous
  command silently searched only for `sk-` and missed AKIA/ghp_ patterns
- Change MEDIUM escalation from "daily sweep notification" to "weekly
  digest" — sentinel runs weekly, no daily sweep exists

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@TechNickAI TechNickAI added review-sweep Follow-up fixes from PR review comments Hex Created by Hex labels Mar 24, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

Hex Created by Hex review-sweep Follow-up fixes from PR review comments

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@TechNickAI