()
| 274 | } |
| 275 | |
| 276 | function createMockScanResponse(): ScanResponse { |
| 277 | core.info('🧪 Running in ACT mode - using mock scan data for testing'); |
| 278 | core.info('📊 Mock scan simulates finding 2 security issues'); |
| 279 | |
| 280 | const scanResponse: ScanResponse = { |
| 281 | success: true, |
| 282 | comments: [ |
| 283 | { |
| 284 | file: 'src/example.ts', |
| 285 | line: 42, |
| 286 | finding: 'Potential security issue: API key hardcoded in source code', |
| 287 | severity: CodeScanSeverity.HIGH, |
| 288 | fix: 'Move API key to environment variable and use process.env.API_KEY instead', |
| 289 | aiAgentPrompt: 'Review the API key storage and suggest secure alternatives', |
| 290 | }, |
| 291 | { |
| 292 | file: 'src/auth.ts', |
| 293 | line: 15, |
| 294 | startLine: 10, |
| 295 | finding: 'SQL injection vulnerability: User input not sanitized before query', |
| 296 | severity: CodeScanSeverity.CRITICAL, |
| 297 | fix: 'Use parameterized queries or an ORM to prevent SQL injection', |
| 298 | }, |
| 299 | ], |
| 300 | commentsPosted: false, |
| 301 | review: |
| 302 | '🔍 **Security Scan Results**\n\nFound 2 potential security issues. Please review the inline comments for details.', |
| 303 | }; |
| 304 | |
| 305 | core.info('✅ Mock scan completed successfully'); |
| 306 | return scanResponse; |
| 307 | } |
| 308 | |
| 309 | function parseScanOutput(scanOutput: string): ScanResponse { |
| 310 | try { |
no outgoing calls
no test coverage detected
searching dependent graphs…