salvacybersec/keyhunter
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(06-06): wire scan --output to formatter registry and exit-code contract

Browse Source 
- Replace inline jsonFinding switch with output.Get() dispatch
- Add renderScanOutput helper used by RunE and tests
- Introduce version var + versionString() for SARIF tool metadata
- Update --output help to list table, json, sarif, csv
- Change root Execute to os.Exit(2) on RunE errors per OUT-06
  (exit 0=clean, 1=findings, 2=tool error)
This commit is contained in:
salvacybersec
2026-04-05 23:41:38 +03:00
parent 3b89bde38d
commit c9114e4142
2 changed files with 46 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
cmd/root.go
View File

@@ -21,9 +21,18 @@ Supports 108+ providers with Aho-Corasick pre-filtering and regex + entropy dete
}
// Execute is the entry point called by main.go.
//
// OUT-06 exit-code contract:
// - 0: clean scan (no findings)
// - 1: findings present (emitted directly by scanCmd via os.Exit(1))
// - 2: scan/tool error (any RunE returning a non-nil error)
//
// Cobra prints the error message itself; we only translate the non-nil return
// into exit code 2 so CI consumers can distinguish "found leaks" from "scan
// failed".
func Execute() {
if err := rootCmd.Execute(); err != nil {
os.Exit(1)
os.Exit(2)
}
}