From 950b1506c43bf08ff9db22f21defa41f825df599 Mon Sep 17 00:00:00 2001 From: shivasurya Date: Mon, 19 Jan 2026 22:10:32 -0500 Subject: [PATCH] feat: Clean up verbose logging for better CLI output (PR-03) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Implements Phase 1 - Step 3 (Final) of CLI Output Enhancement by moving granular logging to debug level, allowing progress bars to provide visual feedback instead. Modified files: - graph/callgraph/builder/builder.go: Move 5 function-level Progress() calls to Debug() - Extracting return types from modules - Extracting variable assignments - Extracting class attributes - Resolving call sites - Generating taint summaries - cmd/scan.go: Update --verbose and --debug flag descriptions - cmd/ci.go: Update --verbose and --debug flag descriptions Flag description changes: - --verbose: "Show progress and statistics" → "Show statistics and timing information" - --debug: "Show debug diagnostics with timestamps" → "Show detailed debug diagnostics with file-level progress and timestamps" Rationale: - With progress bars from PR-02, function-level logging is too granular for verbose mode - Progress bars now show visual feedback: "Building callgraph", "Executing rules" - Debug mode still shows all detailed function-by-function progress - Users get cleaner output in default and verbose modes - Debug mode provides comprehensive troubleshooting information This completes the 3-phase CLI Output Enhancement: - PR-01: Banner system and TTY detection - PR-02: Progress bars for major operations - PR-03: Logging level cleanup (this PR) Co-Authored-By: Claude Sonnet 4.5 --- sast-engine/cmd/ci.go | 4 ++-- sast-engine/cmd/scan.go | 4 ++-- sast-engine/graph/callgraph/builder/builder.go | 10 +++++----- 3 files changed, 9 insertions(+), 9 deletions(-) diff --git a/sast-engine/cmd/ci.go b/sast-engine/cmd/ci.go index a026e987..ed1f4e20 100644 --- a/sast-engine/cmd/ci.go +++ b/sast-engine/cmd/ci.go @@ -210,8 +210,8 @@ func init() { ciCmd.Flags().StringP("rules", "r", "", "Path to Python DSL rules file or directory (required)") ciCmd.Flags().StringP("project", "p", "", "Path to project directory to scan (required)") ciCmd.Flags().StringP("output", "o", "sarif", "Output format: sarif or json (default: sarif)") - ciCmd.Flags().BoolP("verbose", "v", false, "Show progress and statistics") - ciCmd.Flags().Bool("debug", false, "Show debug diagnostics with timestamps") + ciCmd.Flags().BoolP("verbose", "v", false, "Show statistics and timing information") + ciCmd.Flags().Bool("debug", false, "Show detailed debug diagnostics with file-level progress and timestamps") ciCmd.Flags().String("fail-on", "", "Fail with exit code 1 if findings match severities (e.g., critical,high)") ciCmd.Flags().Bool("skip-tests", true, "Skip test files (test_*.py, *_test.py, conftest.py, etc.)") ciCmd.MarkFlagRequired("rules") diff --git a/sast-engine/cmd/scan.go b/sast-engine/cmd/scan.go index 37a12cc5..5f0780aa 100644 --- a/sast-engine/cmd/scan.go +++ b/sast-engine/cmd/scan.go @@ -848,8 +848,8 @@ func init() { scanCmd.Flags().StringP("project", "p", "", "Path to project directory to scan (required)") scanCmd.Flags().StringP("output", "o", "text", "Output format: text, json, sarif, or csv (default: text)") scanCmd.Flags().StringP("output-file", "f", "", "Write output to file instead of stdout") - scanCmd.Flags().BoolP("verbose", "v", false, "Show progress and statistics") - scanCmd.Flags().Bool("debug", false, "Show debug diagnostics with timestamps") + scanCmd.Flags().BoolP("verbose", "v", false, "Show statistics and timing information") + scanCmd.Flags().Bool("debug", false, "Show detailed debug diagnostics with file-level progress and timestamps") scanCmd.Flags().String("fail-on", "", "Fail with exit code 1 if findings match severities (e.g., critical,high)") scanCmd.Flags().Bool("skip-tests", true, "Skip test files (test_*.py, *_test.py, conftest.py, etc.)") scanCmd.MarkFlagRequired("project") diff --git a/sast-engine/graph/callgraph/builder/builder.go b/sast-engine/graph/callgraph/builder/builder.go index 53fff409..b3ac54e6 100644 --- a/sast-engine/graph/callgraph/builder/builder.go +++ b/sast-engine/graph/callgraph/builder/builder.go @@ -143,7 +143,7 @@ func BuildCallGraph(codeGraph *graph.CodeGraph, registry *core.ModuleRegistry, p indexFunctions(codeGraph, callGraph, registry) // Phase 2 Task 9: Extract return types from all functions (first pass - PARALLELIZED) - logger.Progress("Extracting return types from %d modules (parallel)...", len(registry.Modules)) + logger.Debug("Extracting return types from %d modules (parallel)...", len(registry.Modules)) type returnJob struct { modulePath string @@ -207,7 +207,7 @@ func BuildCallGraph(codeGraph *graph.CodeGraph, registry *core.ModuleRegistry, p typeEngine.AddReturnTypesToEngine(mergedReturns) // Phase 2 Task 8: Extract ALL variable assignments BEFORE resolving calls (second pass - PARALLELIZED) - logger.Progress("Extracting variable assignments (parallel)...") + logger.Debug("Extracting variable assignments (parallel)...") varJobs := make(chan string, 100) var varProcessed atomic.Int64 @@ -253,7 +253,7 @@ func BuildCallGraph(codeGraph *graph.CodeGraph, registry *core.ModuleRegistry, p typeEngine.UpdateVariableBindingsWithFunctionReturns() // Phase 3 Task 12: Extract class attributes (third pass - PARALLELIZED) - logger.Progress("Extracting class attributes (parallel)...") + logger.Debug("Extracting class attributes (parallel)...") attrJobs := make(chan returnJob, 100) // Reuse returnJob struct var attrProcessed atomic.Int64 @@ -298,7 +298,7 @@ func BuildCallGraph(codeGraph *graph.CodeGraph, registry *core.ModuleRegistry, p resolution.ResolveAttributePlaceholders(typeEngine.Attributes, typeEngine, registry, codeGraph) // Process each Python file in the project (fourth pass for call site resolution - PARALLELIZED) - logger.Progress("Resolving call sites (parallel)...") + logger.Debug("Resolving call sites (parallel)...") callSiteJobs := make(chan returnJob, 100) var callGraphMutex sync.Mutex // Protect callGraph modifications @@ -394,7 +394,7 @@ func BuildCallGraph(codeGraph *graph.CodeGraph, registry *core.ModuleRegistry, p resolution.PrintAttributeFailureStats(logger) // Pass 5: Generate taint summaries for all functions - logger.Progress("Generating taint summaries...") + logger.Debug("Generating taint summaries...") GenerateTaintSummaries(callGraph, codeGraph, registry) logger.Statistic("Generated taint summaries for %d functions", len(callGraph.Summaries))