Colorize severity in table output #1284
Conversation
|
Here is a quick sample output to show what this looks like in the new table output. I think it's a great change and 👍 cc @wagoodman for a final comment. I thought we might want to inverse so |
|
@shanedell let me try and get these conflicts updated for you |
|
Re: As for the default, I feel like the default should be to show colors by default. However, what's missing is the ability to know when colors are not supported by the underlying terminal. This can be done a few different ways / heuristics, but there are some underlying libs that support this already... I'd recommend using
This way the functionality gracefully degrades based on what the environment supports or hints at. |
shanedell
force-pushed
the
table-output-color-severity
branch
from
b29efc8 to
6a81737
Compare
|
@spiffcs I fixed the merge conflicts but did you also want me to incorporate what @wagoodman mentions with |
- Create flag "--no-color" to allow disabling the color. By default its enabled. - When "--no-color" not specified highlight severity in its color: - Critical -> Bold Red - High -> Red - Medium -> Yellow - Low -> Green - Negligible -> Blue - Note: Golang doesn't have all colors available. Also, doesn't seem to be able use hex codes properly. - Add termenv to check if the terminal color profile supports colored output. If it doesn't default to noColor Closes anchore#225 Signed-off-by: Shane Dell <shanedell100@gmail.com>
shanedell
force-pushed
the
table-output-color-severity
branch
from
6a81737 to
27962c1
Compare
|
@spiffcs I added |
|
Should we also respect the |
|
actually, we're about to move to bubbletea/lipgloss which might already respond to NO_COLOR env vars. I'll try it out and post back here. In the meantime let's hold off before adding a switch for this until we have an answer. |
* main: (23 commits) Remove Docker section from DEVELOPING.md (anchore#1384) chore(deps): update bootstrap tools to latest versions (anchore#1381) chore(deps): bump github.com/docker/docker (anchore#1382) Port to new syft source API (anchore#1376) chore(deps): bump golang.org/x/term from 0.9.0 to 0.10.0 (anchore#1375) chore: bump quality gate labels and images (anchore#1374) chore(deps): update bootstrap tools to latest versions (anchore#1368) Add a simple CSV format template to the templates/ directory and tweak docs (anchore#1366) chore(deps): update Syft to v0.84.1 (anchore#1372) fix: Add more log4j-adjacent package ignore rules (anchore#1358) chore: bump the quality gate labels (anchore#1369) add oss community board auto-add workflow (anchore#1364) fix: totals for vulnerability matches (anchore#1359) chore(deps): bump ossf/scorecard-action from 2.1.3 to 2.2.0 (anchore#1363) chore(deps): bump anchore/sbom-action from 0.14.2 to 0.14.3 (anchore#1357) Configure chronicle to pre-1.0 mode (anchore#1356) chore(deps): update Syft to v0.84.0 (anchore#1354) chore(deps): update bootstrap tools to latest versions (anchore#1353) chore(deps): update Syft to v0.83.1 (anchore#1352) chore(deps): bump golang.org/x/term from 0.8.0 to 0.9.0 (anchore#1350) ...
|
@wagoodman it looks like bubble tea supports respecting no color: Example of how it uses this: https://pkg.go.dev/github.com/muesli/termenv#EnvColorProfile |
spiffcs
force-pushed
the
table-output-color-severity
branch
from
1c28195 to
74cc9be
Compare
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
|
@spiffcs indeed, but there is still one more case to cover. There is a related issue in syft that shows the case anchore/syft#1893 .. here's the offending line https://github.com/anchore/go-logger/blob/d65da42248673d1596c5c144a974db4a10d6af60/adapter/logrus/logger.go#L47 |
|
Added the blocked label so that we can rebase this work on top of some WIP regarding a refactor of the UI library |
…verity Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
|
@shanedell I've updated the branch with the latest from main and also removed the CLI flag since this should already be determined from the underlying lipgloss lib. I still need to verify the correctness, but this at least gets the branch updated. |
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
…verity Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
|
Here's an example of the behavior when there is no TTY on 
|
Colorize severity in table output
Create flag "--no-color" to allow disabling the color. By default its enabled.Responds to theNO_COLORandCLICOLOR_FORCEenvironment variables.Closes #225
Note:
When you look at https://github.com/olekukonko/tablewriter/blob/master/table_with_color.go#L63 there are only so many colors available. Through testing I couldn't take the color hex codes from https://github.com/anchore/grype-vscode/blob/main/src/ui/react-components/FindingsList.tsx#L148-L162 and make them work in Golang. So I went with the below colors based on ones available:
Open to other suggestions if anyone is able to point me to other ways of coloring the tablewriter.