feat(observability): add scanner-level skip and filter messages#44
Open
quanticsoul4772 wants to merge 2 commits intoSolDevelo:mainfrom
Open
feat(observability): add scanner-level skip and filter messages#44quanticsoul4772 wants to merge 2 commits intoSolDevelo:mainfrom
quanticsoul4772 wants to merge 2 commits intoSolDevelo:mainfrom
Conversation
Addresses issue SolDevelo#32 — InfraScan should print more information about what is happening, especially in error and skip scenarios. Changes: - docker_scout_scanner.py: print message when no container files found so users know container scanning was skipped (not silently omitted) - docker_scout_scanner.py: report count of Negligible CVEs filtered so users can distinguish "0 findings" from "findings suppressed" - grype_scanner.py: same negligible CVE filter count message as above - parser.py (scan_directory_level): count and warn on unreadable files so users know when scan results may be incomplete Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
…end_slack_notification All three helper functions were completely undocumented. Docstrings cover return-value semantics, priority-ordered fallback logic (for build_share_url), and silent-failure contract (for send_slack_notification). Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Closes #32
What this changes
Previous attempt (#35) adjusted the global log level — this PR instead adds targeted messages at the scanner level, specifically where scans are skipped, partially executed, or findings are filtered without user visibility.
docker_scout_scanner.py
[i] No Docker Compose or Kubernetes files found — container scan skipped.so users know container scanning was intentionally skipped, not broken or forgotten.[i] Filtered N Negligible-severity CVE(s) from Docker Scout results (use --verbose to include them).so users can distinguish "0 findings" from "findings were suppressed".grype_scanner.py
parser.py (scan_directory_level)
[!] Warning: N file(s) could not be read and were skipped — scan results may be incomplete.This is the inverse-regex scanner path where silent file-read failures mean the "required pattern" check runs on incomplete data.Example output
Container scan skipped (no files):
After container scan with filtered CVEs:
After directory scan with unreadable files:
🤖 Generated with Claude Code