You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Description: The PR scanning workflow relies entirely on Groq's Llama 3.1 model generating the security report. If the Groq API experiences downtime, rate-limiting, or a timeout on an exceptionally large PR diff, the GitHub Check Run could hang indefinitely in a "Pending" state, blocking developers from merging their code.
Proposed Solution:
Implement a strict timeout wrapper around the LLM invocation in ArmorIQScanner.
If the scan times out or the API fails, gracefully catch the error and update the GitHub Check Run status to Neutral or Skipped.
Log the failure comprehensively in the AuditLog with the error details in the metadata JSON field.
Post a fallback PR comment notifying the developer that the automated security scan could not be completed.
ArmorIQScanner.NeutralorSkipped.AuditLogwith the error details in themetadataJSON field.