scorecard icon indicating copy to clipboard operation
scorecard copied to clipboard
verified publisher icon ossf

Consider adding a log library?

Open fredgan opened this issue 2 years ago • 5 comments

Hi folks, Do you consider adding a log library, such as https://github.com/sirupsen/logrus to scorecard?

Sometimes I encounter some problems, such as accessing a link that reports an error or missing some configuration. I spend a lot of time finding the cause of these problems, but if there is a log library that tells me which file and which line of code reports the error, then I will be able to save a lot of time. So, would you consider adding a log library that can display the file and line number of the error to this library?

Thanks!

fredgan avatar Aug 15 '23 03:08 fredgan

Hi, which errors are you referring to? There's a --verbosity flag and a --show-details flag that provide more information. I also personally use the --format=raw flag to get a better idea of what data scorecard has pulled from the GitHub API.

raghavkaul avatar Aug 15 '23 20:08 raghavkaul

@raghavkaul Hi, sorry for the late explanation.

I mean the errors in the output. Now I can read the errors message in the output, But I can't read where the error come from.

Such as:

Local\Temp\GoLand___1go_build_github_com_ossf_scorecard_v4.exe --checks CII-Best-Practices,Branch-Protection,License,Vulnerabilities,Dangerous-Workflow,Token-Permissions,Code-Review,Packaging,Security-Policy,Signed-Releases,Dependency-Update-Tool,Pinned-Dependencies,Fuzzing,Binary-Artifacts,SAST,Maintained,CI-Tests,Contributors --format json --repo https://github.com/open-telemetry/opentelemetry-cpp Error: RunScorecard: repo unreachable: Get "https://api.github.com/repos/open-telemetry/opentelemetry-cpp": internal error: innerTransport.RoundTrip: internal error: innerTransport.RoundTrip: error in HTTP: proxyconnect tcp: dial tcp 172.18.100.92:8080: connectex: An attempt was made to access a socket in a way forbidden by its access permissions. 2023/08/09 11:46:58 error during command execution: RunScorecard: repo unreachable: Get "https://api.github.com/repos/open-telemetry/opentelemetry-cpp": internal error: innerTransport.RoundTrip: internal error: innerTransport.RoundTrip: error in HTTP: proxyconnect tcp: dial tcp 172.18.100.92:8080: connectex: An attempt was made to access a socket in a way forbidden by its access permissions.

Do see the error? It shows the time & error message. But I can't know where this error happened directly. I have to search the error messages from the code. If I can read the error file & line number from the output, it will save a lot of time.

Because the error was printed by fmt.Errorf() in the scorecard. The error will be printed on the screen. If logrus used, the log file&line number will be printed, too.

fredgan avatar Aug 21 '23 12:08 fredgan

This issue is stale because it has been open for 60 days with no activity.

github-actions[bot] avatar Oct 21 '23 01:10 github-actions[bot]

This issue is stale because it has been open for 60 days with no activity.

github-actions[bot] avatar Dec 29 '23 01:12 github-actions[bot]

This issue has been marked stale because it has been open for 60 days with no activity.

github-actions[bot] avatar May 15 '24 01:05 github-actions[bot]