scan: include match strings (truncated) (#537)

chainguard-dev · Oct 24, 2024 · 1d2fe83 · 1d2fe83
1 parent 1d42e0e
commit 1d2fe83
Showing 1 changed file with 18 additions and 3 deletions.
diff --git a/pkg/render/terminal_brief.go b/pkg/render/terminal_brief.go
@@ -15,9 +15,9 @@ import (
 	"context"
 	"fmt"
 	"io"
+	"strings"
 
 	"github.com/chainguard-dev/malcontent/pkg/malcontent"
-	"github.com/fatih/color"
 )
 
 type TerminalBrief struct {
@@ -37,10 +37,25 @@ func (r TerminalBrief) File(_ context.Context, fr *malcontent.FileReport) error
 		return nil
 	}
 
-	fmt.Fprintf(r.w, "├── 📄 %s %s%s%s\n", fr.Path, color.HiBlackString("["), riskInColor(fr.RiskLevel), color.HiBlackString("]"))
+	fmt.Fprintf(r.w, "├─ %s %s\n", riskEmoji(fr.RiskScore), fr.Path)
 
 	for _, b := range fr.Behaviors {
-		fmt.Fprintf(r.w, "│      %s %s: %s\n", riskEmoji(fr.RiskScore), riskColor(fr.RiskLevel, b.ID), b.Description)
+		evidence := []string{}
+		for _, m := range b.MatchStrings {
+			if len(m) > 2 && !strings.Contains(b.Description, m) {
+				evidence = append(evidence, m)
+			}
+		}
+
+		e := strings.Join(evidence, ", ")
+		if len(e) > 32 {
+			e = e[0:31] + "…"
+		}
+		if len(e) > 0 {
+			e = ": " + e
+		}
+
+		fmt.Fprintf(r.w, "│  %s %s — %s%s\n", riskColor(fr.RiskLevel, "•"), riskColor(fr.RiskLevel, b.ID), b.Description, e)
 	}
 
 	return nil