Non-JSON output with `--format sarif`

[homersimpsons]

trafficstars

Issue

The following command does not output JSON-only in STDOUT:

$ docker scout cves --format sarif nginx:1.8-alpine 2>/dev/null

Diagnostic

The above command outputs a "What's next" message that breaks the JSON output making it hard to parse with traditional tools:

$ docker scout cves --format sarif nginx:1.8-alpine 2>/dev/null | tail          ]
        }
      ]
    }
  ]
}

What's Next?
  View base image update recommendations → docker scout recommendations nginx:1.8-alpine

Possible fix

This message should be output in STDERR, just like the other "general messages".

I know it is possible to use --output flag, but I would prefer using STDOUT directly instead of having to manage temporary files.

(I have the latest version, the source code looks closed, so I cannot really dig further myself)