govulncheck: dump the output of the scan when 'debug' is enabled

[xcoulon]

makes more sense than listing the files :)

Signed-off-by: Xavier Coulon xcoulon@redhat.com

Summary by CodeRabbit

• Refactor
  • Improved internal debug logging efficiency in the vulnerability scanning process. Debug output is now captured and logged after the scan completes, providing clearer diagnostics when needed.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

Walkthrough

Refactored debug logging in the scan function by removing directory file enumeration logging and replacing it with full govulncheck process output logging upon completion. This simplifies the control flow while maintaining debugging visibility.

Changes

Cohort / File(s)	Summary
Debug Logging Refactor govulncheck-action/internal/govulncheck/scan.go	Removed per-file debug logging loop that enumerated target directory; added debug log emitting complete govulncheck stdout after process completion. Simplified control flow without functional changes.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~5 minutes

• Single file modification involving only debug logging adjustments
• No changes to public API or core logic
• Straightforward removal and addition of logging statements

Poem

🐰 A rabbit hops through logs so bright,
Removing noise, improving sight,
No more file-by-file we trace,
Just govulncheck's full embrace! ✨

Pre-merge checks and finishing touches

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	You can run @coderabbitai generate docstrings to improve docstring coverage.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title directly and specifically describes the main change: replacing file listing debug logs with output dumping in the govulncheck scan function.

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (1)

govulncheck-action/internal/govulncheck/scan.go (1)

54-56: Debug logging of full govulncheck stdout matches the PR goal

This neatly satisfies the intent to dump the scan output when debug is enabled: it runs only after a successful govulncheck execution and is gated on the debug level, so normal runs are unaffected. The only thing to keep in mind operationally is that the JSON output can be quite large and may contain detailed vulnerability data, so ensure your log retention/access policies are appropriate for debug logs in CI.

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between bcdba76 and 2e9b219.

📒 Files selected for processing (1)

• govulncheck-action/internal/govulncheck/scan.go (1 hunks)