Kodiak does not recognise security warnings as resolved

[Alex-Stagg]

Hi, We have GitHub security warnings set up on our repos at my company. We're currently trying out Kodiak and finding it very useful, but there seems to be one issue. When a PR gets a warning on it, Kodiak does not seem to recognise when the warning is dismissed, which is stopping us from merging as we have the "Require resolved converations" setting enabled.

If it's of any difference, we're self-hosting Kodiak. Unfortunately I can't any screenshots due to company policy, but I'll try to provide any more information needed

Thanks

[chdsbd]

Are the warnings dismissed by users or by GitHub?

I think maybe Kodiak doesn't get a webhook if GitHub dismisses the comment.

Can you link to a public example security comment or documentation?

[Alex-Stagg]

We've noticed this issue in both case of users and GH dismissing reviews.

Additionally, as far as I am aware, removing the automerge label and adding it back again (something we've tried) should make Kodiak see that all the conversations are resolved and allow merging to continue. This leads me to believe that Kodiak is having trouble detecting whether these comments are resolved are not.

I can't link to any public example right now, but I'll find something and report back.

[chdsbd]

@Alex-Stagg Since you're using the self hosted version, maybe your GitHub App isn't configured to send web hooks for pull request comments