Add security-review v1.1.1 to community extensions catalog#2073
Add security-review v1.1.1 to community extensions catalog#2073mnriem merged 12 commits intogithub:mainfrom
Conversation
There was a problem hiding this comment.
Pull request overview
Adds the “Security Review” community extension (v1.1.0) to Spec Kit’s community extension catalog and lists it in the root README, along with markdown/table formatting normalization in the README and JSON formatting normalization in the community catalog.
Changes:
- Added the Security Review extension entry (v1.1.0) to
extensions/catalog.community.json. - Added Security Review to the Community Extensions table in
README.md. - Normalized formatting of markdown tables/emphasis in
README.mdand compacted some JSON arrays/spacing inextensions/catalog.community.json.
Reviewed changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated 1 comment.
| File | Description |
|---|---|
| README.md | Adds Security Review to the community extensions list and reformats multiple markdown tables/emphasis for consistency. |
| extensions/catalog.community.json | Adds the Security Review v1.1.0 catalog entry and applies formatting/compactness tweaks to various entries. |
Comments suppressed due to low confidence (1)
extensions/catalog.community.json:874
- Typo in the Repository Index description: "architecuture" should be "architecture".
"id": "repoindex",
"description": "Generate index of your repo for overview, architecuture and module",
"author": "Yiyu Liu",
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 2 out of 2 changed files in this pull request and generated 1 comment.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 2 out of 2 changed files in this pull request and generated no new comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
DyanGalih
changed the title
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 2 out of 2 changed files in this pull request and generated 1 comment.
Comments suppressed due to low confidence (1)
extensions/catalog.community.json:874
- Typo in the
repoindexdescription: "architecuture" should be "architecture".
"name": "Repository Index",
"id": "repoindex",
"description": "Generate index of your repo for overview, architecuture and module",
"author": "Yiyu Liu",
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 2 out of 2 changed files in this pull request and generated 5 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 2 out of 2 changed files in this pull request and generated 1 comment.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 2 out of 2 changed files in this pull request and generated 1 comment.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
This reverts commit 32e7471.
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 2 out of 2 changed files in this pull request and generated no new comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
mnriem
left a comment
mnriem
left a comment
There was a problem hiding this comment.
For the table please do not reformat as it makes it unclear what changed
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 2 out of 2 changed files in this pull request and generated no new comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
done |
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 2 out of 2 changed files in this pull request and generated 1 comment.
Comments suppressed due to low confidence (1)
README.md:225
- The Community Extensions table should remain alphabetical per the Extension Publishing Guide (extensions/EXTENSION-PUBLISHING-GUIDE.md:228). In the S-section, the rows after “Security Review” are currently out of order (e.g., “Ship Release Extension” / “Spec …” entries appear after “Staff Review Extension” / “Superpowers Bridge”). Please reorder these rows to restore alphabetical ordering by extension name.
| Security Review | Comprehensive security audit of codebases using AI-powered DevSecOps analysis | `code` | Read-only | [spec-kit-security-review](https://github.com/DyanGalih/spec-kit-security-review) |
| Staff Review Extension | Staff-engineer-level code review that validates implementation against spec, checks security, performance, and test coverage | `code` | Read-only | [spec-kit-staff-review](https://github.com/arunt14/spec-kit-staff-review) |
| Superpowers Bridge | Orchestrates obra/superpowers skills within the spec-kit SDD workflow across the full lifecycle (clarification, TDD, review, verification, critique, debugging, branch completion) | `process` | Read+Write | [superpowers-bridge](https://github.com/RbBtSn0w/spec-kit-extensions/tree/main/superpowers-bridge) |
| Ship Release Extension | Automates release pipeline: pre-flight checks, branch sync, changelog generation, CI verification, and PR creation | `process` | Read+Write | [spec-kit-ship](https://github.com/arunt14/spec-kit-ship) |
| Spec Critique Extension | Dual-lens critical review of spec and plan from product strategy and engineering risk perspectives | `docs` | Read-only | [spec-kit-critique](https://github.com/arunt14/spec-kit-critique) |
| Spec Sync | Detect and resolve drift between specs and implementation. AI-assisted resolution with human approval | `docs` | Read+Write | [spec-kit-sync](https://github.com/bgervin/spec-kit-sync) |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
|
Thank you! |
There was a problem hiding this comment.
Pull request overview
Adds the Security Review v1.1.1 community extension to the repository’s community extension catalog and links it from the root README so users can discover and install it.
Changes:
- Add
security-reviewv1.1.1 metadata entry toextensions/catalog.community.json. - Add “Security Review” row to the Community Extensions table in
README.md. - Fix a typo in the
repoindexdescription (“architecture”).
Show a summary per file
| File | Description |
|---|---|
| README.md | Adds “Security Review” to the Community Extensions table (ordering needs adjustment). |
| extensions/catalog.community.json | Adds security-review v1.1.1 catalog entry; fixes typo in repoindex description. |
Copilot's findings
Tip
Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Comments suppressed due to low confidence (1)
README.md:225
- The Community Extensions table is required to be kept in alphabetical order (see extensions/EXTENSION-PUBLISHING-GUIDE.md:228). In the S-section, "Ship Release Extension" is currently listed after "Staff Review Extension" and "Superpowers Bridge", and the "Spec ..." entries come after it, so the table is out of order. Please reorder the affected rows (Security Review, Ship Release Extension, Spec Critique Extension, Spec Sync, Staff Review Extension, Superpowers Bridge) to restore alphabetical sorting by extension name.
| Security Review | Comprehensive security audit of codebases using AI-powered DevSecOps analysis | `code` | Read-only | [spec-kit-security-review](https://github.com/DyanGalih/spec-kit-security-review) |
| Staff Review Extension | Staff-engineer-level code review that validates implementation against spec, checks security, performance, and test coverage | `code` | Read-only | [spec-kit-staff-review](https://github.com/arunt14/spec-kit-staff-review) |
| Superpowers Bridge | Orchestrates obra/superpowers skills within the spec-kit SDD workflow across the full lifecycle (clarification, TDD, review, verification, critique, debugging, branch completion) | `process` | Read+Write | [superpowers-bridge](https://github.com/RbBtSn0w/spec-kit-extensions/tree/main/superpowers-bridge) |
| Ship Release Extension | Automates release pipeline: pre-flight checks, branch sync, changelog generation, CI verification, and PR creation | `process` | Read+Write | [spec-kit-ship](https://github.com/arunt14/spec-kit-ship) |
| Spec Critique Extension | Dual-lens critical review of spec and plan from product strategy and engineering risk perspectives | `docs` | Read-only | [spec-kit-critique](https://github.com/arunt14/spec-kit-critique) |
| Spec Sync | Detect and resolve drift between specs and implementation. AI-assisted resolution with human approval | `docs` | Read+Write | [spec-kit-sync](https://github.com/bgervin/spec-kit-sync) |
- Files reviewed: 2/2 changed files
- Comments generated: 0 new
This PR adds Security Review v1.1.1 to the community extensions catalog and the root README community extensions table.
The branch includes follow-up metadata and formatting adjustments made during review.
For Security Review metadata, author is set to DyanGalih to match the repository maintainer.
This is a community extension and is independently maintained; this PR does not imply endorsement.
Ready for review.