search

snyk-tech-services / snyk-delta

Other
19 stars 21 forks source link

feat: provide a --json flag #118

Open Aghassi opened 2 years ago

Aghassi commented 2 years ago

The intended use case for this tool is for users implementing the CLI tool on their own CI without convenience hooks. This means we need the ability to manipulate the output of this tool so that we can format it and display it to the user. I'd like to request a --json flag be added so that developers can take in json and manipulate it to their liking on their ci pipelines instead of using the pre-formatted output this tool provides.

Aghassi commented 2 years ago

I also just noticed this in the README

JSON output will be added soon.

So glad to know this is on the roadmap

lili2311 commented 2 years ago

Hi @Aghassi could you provide an example of what sort of information / data shape you are looking for in this output?

Aghassi commented 2 years ago

At the very least I'd expect something like

{
  "added": [],
  "removed": [],
  "vulnerabilities": [],
  "fixable": []
}

Where fixable contains an object like

{
  "name": "",
  "command": ""
}

This way I could do something do something like this:

  1. Run snyk script
  2. If the script fails, parse the stderr (which is json)
  3. Have a script that reads the json and sees if there are vulnerabilities and fixes

I think an API surface you may want to consider mirroring is https://eslint.org/ as they have this concept and I think it is very well executed on.

My response is a bit off the cuff, but basically I want to know

  1. why it failed
  2. what dep is offending (if any)
  3. how can I fix?