The current guided remediation terminal output was mostly just thrown together as the easiest way to output the bare minimum information needed for the sample scripted usage.
We should put more thought into how and what information it outputs. Some initial thoughts:
A better, machine-readable format, probably JSON
Option for other formats to match osv-scanner scan (i.e. a table format)?
What information is useful / possible to output? e.g.
Something along the lines of what osv-scanner scan outputs
The possible patches & what vulns they fix
The impossible to fix vulns and what constraints are limiting it - #925
Anything else
Multiple output verbosity levels.
Better logging of the internals (with verbosity).
Separate logs & output on stdout/stderr like the scan action does
The current guided remediation terminal output was mostly just thrown together as the easiest way to output the bare minimum information needed for the sample scripted usage.
We should put more thought into how and what information it outputs. Some initial thoughts:
osv-scanner scan
(i.e. a table format)?osv-scanner scan
outputsOpen to suggestions