search

oxsecurity / megalinter

🦙 MegaLinter analyzes 50 languages, 22 formats, 21 tooling formats, excessive copy-pastes, spelling mistakes and security issues in your repository sources with a GitHub Action, other CI tools or locally.
https://megalinter.io
GNU Affero General Public License v3.0
1.96k stars 238 forks source link

Don't dump whole Syft initial output file to console at debug log level #4288

Open sanmai-NL opened 3 days ago

sanmai-NL commented 3 days ago

Is your feature request related to a problem? Please describe. When running at log level DEBUG, the Syft checker stands out for its needless verbosity.

At https://github.com/oxsecurity/megalinter/blob/80b486a8e2ef3db1322c66141016ecd61b2ebbd7/megalinter/linters/SyftLinter.py#L27 the whole output file is logged.

Describe the solution you'd like Stop dumping the whole output file to console. It is already available through the SARIF reporter.

Describe alternatives you've considered

Additional context

nvuillam commented 5 hours ago

@sanmai-NL agreed :) Would you like to make a PR ?