SPP - Scan diffs for WebIDE changes

Proposal

We want to distinguish between user-to-remote pushes (which we want to scan) vs. other workflows including merge trains, mirroring, reverting, etc (which we don't want to scan). Currently, we are distinguishing based on the gitaly protocol field of the change; during user pushes, the protocol is either http or ssh, while the other workflows' protocol is web. Inconveniently, WebIDE pushes (which we do want to scan) use the web protocol, so we would not be able to limit SPP scanning to http and ssh alone.

Ideally, we would be able to use the action field to filter user pushes, but action is currently hardcoded so it cannot provide us with useful information. We've asked gitaly and source code to prioritize gitaly#4581 (closed) and #423992 (closed), but they are not on the 17.5 planning issue for now.

This issue tracks bringing diff scanning to the WebIDE, and should be implemented whenever we are able to use the action/context field to determine that the push check was triggered by a WebIDE change (and keep diff scanning for CLI-based http/ssh pushes)

Edited Sep 18, 2024 by Serena Fang