Skip to content

Phase 0 cleanup: quieter terminal output, PDF encoding fix, and dead-code removal#117

Merged
advaitpatel merged 2 commits into
mainfrom
chore/phase-0-cleanup
Jul 1, 2026
Merged

Phase 0 cleanup: quieter terminal output, PDF encoding fix, and dead-code removal#117
advaitpatel merged 2 commits into
mainfrom
chore/phase-0-cleanup

Conversation

@advaitpatel

Copy link
Copy Markdown
Collaborator

Summary

Housekeeping pass that reduces terminal noise, fixes a latent PDF crash, and removes
dead code, with no change to scanning behavior or report contents.

Changes

Cleaner terminal output

  • Internal logs now write to stderr (keeping stdout clean) and stay quiet in CLI
    mode, so raw location-tagged lines like
    WARNING - docksec.docker_scanner - Line 451: ... no longer interleave with the
    tool's own [INFO]/[WARNING] messages.
  • Added DOCKSEC_LOG_LEVEL (e.g. DOCKSEC_LOG_LEVEL=DEBUG) to restore verbose logging
    for troubleshooting.
  • Suppressed the noisy PyFPDF & fpdf2 import warning that printed on every run.

Fixed

  • PDF generation no longer fails on non-latin-1 characters (bullets, smart quotes, em
    dashes, emoji) in vulnerability titles, scanner output, or AI findings. All PDF text
    is now sanitized consistently through the core-font-safe encoder.

Removed

  • The unused -o/--output CLI flag (declared but never wired up).
  • Duplicate, dead report-writer methods on DockerSecurityScanner; ReportGenerator
    is now the single source for JSON/CSV/PDF/HTML output.
  • The leftover compose_scanner_cli.py placeholder module.

Testing

  • pytest: 85 passed (5 new tests covering logger behavior, PDF Unicode safety, and
    rejection of the removed flag).
  • Manual end-to-end --scan-only run confirmed: no leaked log lines, no fpdf warning,
    all four reports generated, exit code 0.

Notes

  • No user-facing behavior or report format changed; this is cleanup only.
  • Remaining output-polish items (progress-bar ordering, === banners ===, format
    selection, --fail-on) are intentionally deferred to the Phase 1 output overhaul.

…code removal

## Summary

Housekeeping pass that reduces terminal noise, fixes a latent PDF crash, and removes
dead code, with no change to scanning behavior or report contents.

## Changes

### Cleaner terminal output
- Internal logs now write to `stderr` (keeping `stdout` clean) and stay quiet in CLI
  mode, so raw location-tagged lines like
  `WARNING - docksec.docker_scanner - Line 451: ...` no longer interleave with the
  tool's own `[INFO]/[WARNING]` messages.
- Added `DOCKSEC_LOG_LEVEL` (e.g. `DOCKSEC_LOG_LEVEL=DEBUG`) to restore verbose logging
  for troubleshooting.
- Suppressed the noisy `PyFPDF & fpdf2` import warning that printed on every run.

### Fixed
- PDF generation no longer fails on non-latin-1 characters (bullets, smart quotes, em
  dashes, emoji) in vulnerability titles, scanner output, or AI findings. All PDF text
  is now sanitized consistently through the core-font-safe encoder.

### Removed
- The unused `-o/--output` CLI flag (declared but never wired up).
- Duplicate, dead report-writer methods on `DockerSecurityScanner`; `ReportGenerator`
  is now the single source for JSON/CSV/PDF/HTML output.
- The leftover `compose_scanner_cli.py` placeholder module.

## Testing
- `pytest`: 85 passed (5 new tests covering logger behavior, PDF Unicode safety, and
  rejection of the removed flag).
- Manual end-to-end `--scan-only` run confirmed: no leaked log lines, no fpdf warning,
  all four reports generated, exit code 0.

## Notes
- No user-facing behavior or report format changed; this is cleanup only.
- Remaining output-polish items (progress-bar ordering, `=== banners ===`, format
  selection, `--fail-on`) are intentionally deferred to the Phase 1 output overhaul.
Comment thread tests/test_utils.py Fixed
Comment thread tests/test_utils.py Outdated
import logging
from docksec.utils import get_custom_logger

logger = get_custom_logger('TestLoggerHandlers')
@advaitpatel
advaitpatel merged commit 9c0a720 into main Jul 1, 2026
8 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants