Skip to content

OSV delta generation fix#42697

Merged
ksykulev merged 2 commits intomainfrom
41571-osv-cron-fix-2
Mar 31, 2026
Merged

OSV delta generation fix#42697
ksykulev merged 2 commits intomainfrom
41571-osv-cron-fix-2

Conversation

@ksykulev
Copy link
Copy Markdown
Contributor

@ksykulev ksykulev commented Mar 30, 2026
edited by coderabbitai Bot
Loading

Related issue: Resolves #41571

Changing the way delta artifacts are generated.
changed_files_today.txt and changed_files_yesterday.txt will always look back into git history for any commits added yesterday and today.

  • QA'd all new/changed functionality manually

Summary by CodeRabbit

Release Notes

  • Bug Fixes
    • Improved repository synchronization to ensure local state accurately reflects the remote main branch.
    • Enhanced file change detection logic for more reliable identification of modified files.
    • Refined output file handling to maintain consistency across synchronization cycles.

@ksykulev ksykulev requested a review from a team as a code owner March 30, 2026 21:16
Copilot AI review requested due to automatic review settings March 30, 2026 21:16
claude[bot]
claude Bot reviewed Mar 30, 2026
View reviewed changes
Copy link
Copy Markdown

@claude claude Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Claude Code Review

This repository is configured for manual code reviews. Comment @claude review to trigger a review and subscribe this PR to future pushes, or @claude review once for a one-time review.

Tip: disable this comment in your organization's Code Review settings.

@ksykulev
Copy link
Copy Markdown
Contributor Author

ksykulev commented Mar 30, 2026

@coderabbitai full review

@coderabbitai
Copy link
Copy Markdown
Contributor

coderabbitai Bot commented Mar 30, 2026

✅ Actions performed

Full review triggered.

Copilot AI reviewed Mar 30, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Updates the OSV processor sync script to generate “today” and “yesterday” delta artifacts based on commit timestamps (UTC) rather than only comparing the latest fetched SHA, to better support OSV delta generation.

Changes:

  • Resets the local ubuntu-security-notices checkout to origin/main during sync.
  • Generates changed_files_today.txt and changed_files_yesterday.txt by querying git history for commits within UTC day windows.
  • Adds cross-platform handling for “yesterday” date calculation (BSD date -v vs GNU date -d).

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread cmd/osv-processor/sync-and-detect-changes.sh Outdated
Comment thread cmd/osv-processor/sync-and-detect-changes.sh Outdated
Comment thread cmd/osv-processor/sync-and-detect-changes.sh
@coderabbitai
Copy link
Copy Markdown
Contributor

coderabbitai Bot commented Mar 30, 2026

Walkthrough

The script cmd/osv-processor/sync-and-detect-changes.sh was updated to improve repository synchronization and file change detection logic. The changes include adding a hard reset to origin/main after fetching to ensure the local repository matches the remote state, implementing time-based file change detection using git log with --since and --until flags, and ensuring output files for changed files are properly initialized even when no new commits are detected.

Possibly related PRs

  • PR #42203: Modifies the same script to handle git reset logic, changed-files generation, and YESTERDAY_UTC computation
  • PR #42662: Updates repository sync logic in the same script, including fetch behavior and reset to origin/main
🚥 Pre-merge checks | ✅ 5
✅ Passed checks (5 passed)
Check name Status Explanation
Title check ✅ Passed The title 'OSV delta generation fix' directly and clearly summarizes the main change, which involves fixing how delta artifacts are generated for OSV processing.
Description check ✅ Passed The description adequately explains the change (delta artifact generation method) and includes the related issue number, though it omits most template checklist items appropriate for a script-only change.
Linked Issues check ✅ Passed The PR changes implement the delta generation mechanism for the OSV cron sync workflow defined in #41571, with the script now properly generating changed_files_today.txt and changed_files_yesterday.txt based on git history.
Out of Scope Changes check ✅ Passed All changes are confined to cmd/osv-processor/sync-and-detect-changes.sh and directly implement the required delta generation logic; no unrelated modifications are present.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
📝 Generate docstrings
  • Create stacked PR
  • Commit on current branch
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch 41571-osv-cron-fix-2

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

coderabbitai[bot]
coderabbitai Bot reviewed Mar 30, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@coderabbitai coderabbitai Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents 
Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@cmd/osv-processor/sync-and-detect-changes.sh`:
- Around line 41-57: The script currently uses bare redirections to create empty
files and then later unconditionally regenerates those same files, causing
redundancy and triggering ShellCheck SC2188; replace the bare redirects with a
POSIX-safe no-op redirect (use ": > \"../changed_files_today.txt\"" and ": >
\"../changed_files_yesterday.txt\"" or equivalent) if you truly need to create
empty placeholders, otherwise remove the entire if/else block that sets/creates
changed_files_today.txt and changed_files_yesterday.txt (and associated
TODAY_UTC/YESTERDAY_UTC logic) so the later unconditional git log generation is
the single source of truth; alternatively, if you want to short-circuit when no
new commits exist, exit the script from the branch before the later
unconditional git log block so the files are not overwritten.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: bb83d8b5-0059-4a0c-a00c-af9b56e79fd1

📥 Commits

Reviewing files that changed from the base of the PR and between e794906 and 9d069e8.

📒 Files selected for processing (1)
  • cmd/osv-processor/sync-and-detect-changes.sh

Comment thread cmd/osv-processor/sync-and-detect-changes.sh Outdated
@ksykulev ksykulev requested a review from Copilot March 31, 2026 01:33
Copilot AI reviewed Mar 31, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 1 out of 1 changed files in this pull request and generated no new comments.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@ksykulev ksykulev requested a review from Copilot March 31, 2026 01:36
Copilot AI reviewed Mar 31, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 1 out of 1 changed files in this pull request and generated no new comments.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@ksykulev ksykulev requested a review from Copilot March 31, 2026 02:01
Copilot AI reviewed Mar 31, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 1 out of 1 changed files in this pull request and generated no new comments.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@getvictor getvictor self-assigned this Mar 31, 2026
@ksykulev ksykulev merged commit e5877cc into main Mar 31, 2026
16 checks passed
@ksykulev ksykulev deleted the 41571-osv-cron-fix-2 branch March 31, 2026 18:21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

Copilot code review Copilot Copilot left review comments

@claude claude[bot] claude[bot] left review comments

@getvictor getvictor getvictor approved these changes

Assignees

@getvictor getvictor

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

OSV feed Ubuntu create vulnerabilities repo cron sync

3 participants

@ksykulev @getvictor