Skip to content

Commit 7a6ac0d

Browse files
committed
docs: describe new low severity label option
Signed-off-by: lelia <2418071+lelia@users.noreply.github.com>
1 parent 73fa3e6 commit 7a6ac0d

2 files changed

Lines changed: 10 additions & 1 deletion

File tree

action.yml

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -98,6 +98,7 @@ runs:
9898
INPUT_PR_LABEL_CRITICAL: ${{ inputs.pr_label_critical }}
9999
INPUT_PR_LABEL_HIGH: ${{ inputs.pr_label_high }}
100100
INPUT_PR_LABEL_MEDIUM: ${{ inputs.pr_label_medium }}
101+
INPUT_PR_LABEL_LOW: ${{ inputs.pr_label_low }}
101102

102103
inputs:
103104
workspace:
@@ -456,6 +457,10 @@ inputs:
456457
description: "Label name for medium severity findings"
457458
required: false
458459
default: "security: medium"
460+
pr_label_low:
461+
description: "Label name for low severity findings"
462+
required: false
463+
default: "security: low"
459464

460465
branding:
461466
icon: "shield"

docs/github-pr-comment-guide.md

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -236,6 +236,7 @@ Automatically tag PRs with severity-based labels **and matching colors**.
236236
- `security: critical` 🔴 - Red (`#D73A4A`)
237237
- `security: high` 🟠 - Orange (`#D93F0B`)
238238
- `security: medium` 🟡 - Yellow (`#FBCA04`)
239+
- `security: low` ⚪ - Light gray (`#E4E4E4`)
239240
240241
**Smart color detection:**
241242
Labels are automatically created with colors matching the severity emojis. If you customize label names, the system intelligently detects severity keywords and applies appropriate colors:
@@ -246,7 +247,8 @@ pr_label_high: 'security-high' # Gets orange color automatically
246247
```
247248
248249
**How it works:**
249-
- First scan checks for critical → high → medium (highest severity wins)
250+
- Each run keeps only the current highest-severity managed PR label: critical → high → medium → low
251+
- Stale managed severity labels from earlier runs are removed automatically
250252
- Labels are created automatically if they don't exist
251253
- Existing labels are not modified (preserves your customizations)
252254
- Requires a token with `repo` scope to create new labels; without it, label creation may fail (comments still post)
@@ -257,6 +259,7 @@ pr_labels_enabled: 'true'
257259
pr_label_critical: 'vulnerability: critical'
258260
pr_label_high: 'vulnerability: high'
259261
pr_label_medium: 'vulnerability: medium'
262+
pr_label_low: 'vulnerability: low'
260263
```
261264
262265
**Disable:**
@@ -295,6 +298,7 @@ The logo is a 32px PNG rendered at 24x24 for retina-crisp display, with a transp
295298
| `pr_label_critical` | `"security: critical"` | string | Label name for critical findings |
296299
| `pr_label_high` | `"security: high"` | string | Label name for high findings |
297300
| `pr_label_medium` | `"security: medium"` | string | Label name for medium findings |
301+
| `pr_label_low` | `"security: low"` | string | Label name for low findings |
298302
299303
### Configuration Methods
300304

0 commit comments

Comments
 (0)