releases.shpreview

Security findings show reachability tier and CWE class

3 featuresThis release3 featuresNew capabilitiesAI-tallied from the release notes
From the original release noteView original ↗

Security finding reachability and CWE

Security Agent findings can include a vulnerability class, the CWE weakness title when known, and a reachability tier that helps reviewers understand whether the risky code path is directly reachable, conditionally reachable, or unlikely to be reached.

Security findings can also include a collapsed Reachability section with a plain-text path from the entry point to the sink, so reviewers can inspect the evidence without expanding the main comment by default. When the regular review and the dedicated security review find the same underlying issue, CodeRabbit may now post a single enriched comment instead of duplicate findings.

Dart pull request changes can now receive CodeGraph-based review context as well, including security reachability when applicable.

Fetched July 17, 2026

Security findings show reachability tier and CWE class —… — releases.sh