Skip to content

feat(sdk): Assign nanoid to findings for cross-referencing in reports#110

Merged
dcramer merged 4 commits intomainfrom
feat/finding-nanoid
Feb 5, 2026
Merged

feat(sdk): Assign nanoid to findings for cross-referencing in reports#110
dcramer merged 4 commits intomainfrom
feat/finding-nanoid

Conversation

@dcramer
Copy link
Member

@dcramer dcramer commented Feb 5, 2026

Replace LLM-provided finding IDs with short, stable 8-char nanoids
generated by Warden during validation. The LLM-provided IDs were
arbitrary strings ("example-1", "sql-injection") that couldn't be
relied on for cross-referencing across reports, cost summaries, or
judge reporting.

Now each finding gets a unique nanoid assigned in validateFindings(),
and the ID is displayed in all output surfaces: PR review comments,
summary comments, GitHub issue bodies, and CLI terminal output.

Fixes #107

dcramer and others added 2 commits February 5, 2026 10:30
@dcramer @claude
feat(sdk): Assign nanoid to findings for cross-referencing in reports
dbb3a65 
Replace LLM-provided finding IDs with short, stable nanoids generated
by Warden. These IDs appear in PR review comments, summary comments,
issue bodies, and CLI output for cross-referencing across reports.

Closes #107

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@dcramer @claude
chore: Rebuild dist for nanoid finding IDs
da922da 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@vercel
Copy link

vercel bot commented Feb 5, 2026
edited
Loading

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
warden Ready Ready Preview, Comment Feb 5, 2026 8:49pm

Request Review

@dcramer @claude
fix(sdk): Use human-readable XXX-XXX format for finding IDs
b34158e 
Use uppercase alphanumeric alphabet without ambiguous characters
(O/0, I/1) and format as XXX-XXX (e.g., K7M-X9P) for readability.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
cursor[bot]
cursor bot reviewed Feb 5, 2026
View reviewed changes
Copy link

@cursor cursor bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Cursor Bugbot has reviewed your changes and found 1 potential issue.

Bugbot Autofix is OFF. To automatically fix reported issues with Cloud Agents, enable Autofix in the Cursor dashboard.

@dcramer @claude
fix(sdk): Use title instead of id for within-run deduplication
1225a78 
The dedup key used f.id, but since IDs are now unique nanoids, two
identical findings would never match. Use f.title instead since
title + location is what identifies a duplicate finding.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@dcramer dcramer marked this pull request as ready for review February 5, 2026 20:56
@dcramer dcramer merged commit 2a6a676 into main Feb 5, 2026
13 checks passed
@dcramer dcramer deleted the feat/finding-nanoid branch February 5, 2026 20:57
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@cursor cursor[bot] cursor[bot] left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Add short human-readable IDs (nanoid) to findings for cross-referencing in reports

1 participant

@dcramer