Multi format output - Githubissues

sonatype-nexus-community / nancy

A tool to check for vulnerabilities in your Golang dependencies, powered by Sonatype OSS Index

Apache License 2.0

564 stars 74 forks source link

Multi format output #57

Closed zendern closed 4 years ago

zendern commented 4 years ago

Adds the ability to output in different formats. Currently available are as follows:

text - same as it is today
csv - a human readable csv output. Could be parsed by a machine but probably less likely. Does support the quiet option
json - thats it a json representation of the output. Does not respect quiet and will look the same whether its passed or not.
json-pretty - same as above but formatted so that a human could actually read it.

^^^ Examples of all the output can be found in the README.md

Used logrus to do the outputting and defined a formatter for each output type. If we ever find we want to add a new output type it should make it pretty easy to do.

It relates to the following issue #s:

Fixes #45

cc @bhamail / @DarthHater

DarthHater commented 4 years ago

@zendern quick question, how do I test this?

DarthHater commented 4 years ago

NEVERMIND I'M A BAD READER.

zendern commented 4 years ago

NEVERMIND I'M A BAD READER.

It happens but still let me know if you have questions and we can get the docs in better shape if need be.

DarthHater commented 4 years ago

Just did a quick test of this, and it's awesome. Dunno how much value someone will get from csv personally! XML would be a nice one to do as a follow up, but in the junit test case style (so we'd want a pretty custom reporter).

zendern commented 4 years ago

Just did a quick test of this, and it's awesome. Dunno how much value someone will get from csv personally! XML would be a nice one to do as a follow up, but in the junit test case style (so we'd want a pretty custom reporter).

re: XML - Yeah that would be cool to do as a followup. re: CSV - Yeah I kind of agree.....again thought was maybe it would be something you could easily ship to a security team member or something for easy "user-friendly" review. The content/format is 100% up for debate.

DarthHater commented 4 years ago

I love what you did with outputting the exclusions, invalid, etc..., that's really great!

I'm going to need to sit down a tiny bit more with this tonight but I'm loving it so far.

Nerzal commented 4 years ago

This feature would be awesome, can we have this as fast as possible please? :D

DarthHater commented 4 years ago

@Nerzal working on it!

@zendern you got a tiny conflict to fix up, if you want to clean that up I'll get this merged ASAP.

zendern commented 4 years ago

@DarthHater all fixed up....should be good to go in a minute.