[fix]: 修复快速扫描git仓库时rule_set_id、prompt_template_id参数遗漏

[H4lo]

User description

在对git项目进行“快速审计”时，实际rule_set_id、prompt_template_id这两个参数是没有传入的，导致快速审计时始终无法使用自定义的规则集和提示词模版，需要在前后端加上对应的接口参数。

PR Type

Bug fix

Description

• index.ts中完善对CreateAuditTaskForm结构的定义
• database.ts中添加对createAuditTask函数参数的解析
• projects.py中重新构建user_config['scan_config']

[vercel]

@H4lo is attempting to deploy a commit to the tsinghuaiiilove-2257's projects Team on Vercel.

A member of the Team first needs to authorize it.

[qodo-free-for-open-source-projects]

Review Summary by Qodo

Fix missing rule_set_id and prompt_template_id in quick scan

🐞 Bug fix

Walkthroughs

Description

• Fix missing rule_set_id and prompt_template_id parameters in quick git repository scan
• Restructure CreateAuditTaskForm to nest rule/template IDs under scan_config
• Update backend to properly extract and pass scan configuration parameters
• Ensure custom rule sets and prompt templates work in fast audit mode

Diagram

flowchart LR
  A["CreateAuditTaskForm"] -->|restructure| B["scan_config nested IDs"]
  B -->|pass to backend| C["createAuditTask API"]
  C -->|extract params| D["scan_repo_task"]
  D -->|use custom| E["Rule Set & Template"]

Loading

File Changes

1. frontend/src/shared/types/index.ts ✨ Enhancement +3/-7

Restructure CreateAuditTaskForm scan config nesting

• Moved rule_set_id and prompt_template_id from top-level to nested under scan_config object
• Removed unused fields (include_tests, include_docs, max_file_size, analysis_depth)
• Simplified scan_config structure to only include file_paths and ID parameters

frontend/src/shared/types/index.ts

---

2. frontend/src/shared/api/database.ts 🐞 Bug fix +3/-1

Pass rule and template IDs to backend scan API

• Added rule_set_id and prompt_template_id extraction from task.scan_config in
 createAuditTask
• Pass these parameters to the backend scan request payload
• Ensure custom rule sets and templates are transmitted to the API

frontend/src/shared/api/database.ts

---

3. backend/app/api/v1/endpoints/projects.py 🐞 Bug fix +6/-0

Inject complete scan config with rule and template IDs

• Reconstruct user_config['scan_config'] to include exclude_patterns, rule_set_id, and
 prompt_template_id
• Replace conditional file_paths-only logic with comprehensive scan configuration
• Ensure all scan parameters are properly injected for the background task

backend/app/api/v1/endpoints/projects.py

---

[qodo-free-for-open-source-projects]

Code Review by Qodo

🐞 Bugs (3) 📘 Rule violations (0) 📎 Requirement gaps (0)

1. ScanRequest字段缺失 ☑ 🐞 Bug ✓ Correctness

Description

scan_project() 读取 scan_request.rule_set_id / scan_request.prompt_template_id，但 ScanRequest
模型未定义这两个字段，导致任意带请求体的扫描请求触发 AttributeError 并返回 500。该问题会让快速审计/自定义规则集入口不可用。

Code

backend/app/api/v1/endpoints/projects.py[R568-573]

+    if scan_request:
+        user_config['scan_config'] = {
+            'exclude_patterns': scan_request.exclude_patterns or [],
+            'rule_set_id': scan_request.rule_set_id,
+            'prompt_template_id': scan_request.prompt_template_id,
+    }

Evidence

projects.py 中 ScanRequest 仅包含 file_paths/full_scan/exclude_patterns/branch_name，但后续注入 scan_config
时直接访问未定义的 rule_set_id/prompt_template_id 属性；该代码路径在 scan_request 不为空时必然执行，从而触发 AttributeError。

backend/app/api/v1/endpoints/projects.py[489-494]
backend/app/api/v1/endpoints/projects.py[568-573]

Agent prompt

The issue below was found during a code review. Follow the provided context and guidance below and implement a solution

## Issue description
`scan_project()` uses `scan_request.rule_set_id` / `scan_request.prompt_template_id`, but the `ScanRequest` Pydantic model does not define these fields, so scans with a JSON body will raise `AttributeError`.
### Issue Context
This breaks the intended feature: passing custom rule set and prompt template IDs to the background scan.
### Fix Focus Areas
- backend/app/api/v1/endpoints/projects.py[489-573]

ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools

---

2. file_paths被覆盖 ☑ 🐞 Bug ✓ Correctness

Description

scan_project() 先在 user_config['scan_config'] 注入 file_paths，但随后又用不包含 file_paths 的字典覆盖整个
scan_config，导致扫描流程无法按选中文件过滤，快速扫描会变成全量扫描。该行为是静默错误，会显著增加扫描耗时且与用户选择不一致。

Code

backend/app/api/v1/endpoints/projects.py[R565-573]

  if scan_request and scan_request.file_paths:
      user_config['scan_config'] = {'file_paths': scan_request.file_paths}
+    if scan_request:
+        user_config['scan_config'] = {
+            'exclude_patterns': scan_request.exclude_patterns or [],
+            'rule_set_id': scan_request.rule_set_id,
+            'prompt_template_id': scan_request.prompt_template_id,
+    }

Evidence

projects.py 中对 scan_config 进行了两次赋值，第二次赋值会覆盖第一次的 file_paths；scanner.py 实际使用
user_config['scan_config']['file_paths'] 来过滤文件，因此覆盖会直接导致过滤失效。

backend/app/api/v1/endpoints/projects.py[565-573]
backend/app/services/scanner.py[444-450]

Agent prompt

The issue below was found during a code review. Follow the provided context and guidance below and implement a solution

## Issue description
`user_config['scan_config']` is assigned twice; the second assignment omits `file_paths` and overwrites the first, breaking fast-scan file filtering.
### Issue Context
`scanner.py` filters repository files based on `user_config['scan_config']['file_paths']`.
### Fix Focus Areas
- backend/app/api/v1/endpoints/projects.py[564-573]
- backend/app/services/scanner.py[444-450]

ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools

---

3. 前端类型收窄破编译 ☑ 🐞 Bug ✓ Correctness

Description

CreateAuditTaskForm.scan_config 被收窄为仅包含 file_paths/rule_set_id/prompt_template_id，但现有 UI 仍在读写
scan_config.include_tests/include_docs/max_file_size/analysis_depth，导致 TypeScript
类型检查无法通过。该问题会阻断前端构建/发布。

Code

frontend/src/shared/types/index.ts[R167-174]

task_type: 'repository' | 'instant';
branch_name?: string;
exclude_patterns: string[];
-  rule_set_id?: string;
-  prompt_template_id?: string;
scan_config: {
-    include_tests?: boolean;
-    include_docs?: boolean;
-    max_file_size?: number;
-    analysis_depth?: 'basic' | 'standard' | 'deep';
  file_paths?: string[];
-  };
+    rule_set_id?: string;
+    prompt_template_id?: string;
+};

Evidence

类型定义移除了 include_tests/include_docs/max_file_size/analysis_depth，但 useTaskForm
初始化仍提供这些字段，AdvancedOptions 也持续读取/更新它们，因此在严格类型检查下会产生编译错误。

frontend/src/shared/types/index.ts[165-175]
frontend/src/components/audit/hooks/useTaskForm.ts[14-25]
frontend/src/components/audit/components/AdvancedOptions.tsx[41-82]

Agent prompt

The issue below was found during a code review. Follow the provided context and guidance below and implement a solution

## Issue description
`CreateAuditTaskForm.scan_config` was narrowed, but UI code still reads/writes removed fields (`include_tests`, `include_docs`, `max_file_size`, `analysis_depth`), causing TypeScript compilation failures.
### Issue Context
The audit task creation dialog/hook uses these fields for advanced options UI.
### Fix Focus Areas
- frontend/src/shared/types/index.ts[165-175]
- frontend/src/components/audit/hooks/useTaskForm.ts[14-25]
- frontend/src/components/audit/components/AdvancedOptions.tsx[41-82]

ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools

---

ⓘ The new review experience is currently in Beta. Learn more