semgrep - any way to strip out terminal codes in its default output?
If I run semgrep on the command line, I get a very nice output.
However, if I save to a file, I get all sorts of terminal ANSI escape sequences when I open it in a text editor:
Findings:
[36m[22m[24m ....lib/_baseutils.py [0m
[1m[24mpython.flask.security.xss.audit.direct-use-of-jinja2.direct-use-of-jinja2[0m
Detected direct use of jinja2. If not done properly, this may bypass HTML escaping which
opens up the application to cross-site scripting (XSS) vulnerabilities. Prefer using the
Flask method 'render_template()' and templates with a '.html' extension in order to
prevent XSS.
Details: https://sg.run/RoKe
2252┆ templateEnv = [1m[24mEnvironment(loader=templateLoader)[0m
⋮┆----------------------------------------
Yes, I know I can cat out.txt and it looks beautiful again. But how do I get a format that looks ok in a text editor? (Actually, the best would be a markdown, since the urls would work).
Now, I've tested --json flag, but that's over complicated for human readability. --vim, --emacs was ok, but a bit terse, like missing the rules urls. And too long being in a single line. The rest of the output formats like --junit look even lesss promising.
I guess I could sed the output to strip out those terminal characters. Any other ideas to look at?
If the normal terminal printout is what you want you can use the fact that semgrep supports the somewhat standard NO_COLOR environment variable. So running:
env NO_COLOR=1 semgrep <command> > <file>
should get you a file sans-ANSI escape sequences.
- Add the Code Format to its own button in the toolbar
- How do I escape curly-brace ({}) characters characters in a string while using .format?
- php DateTime no formatting correctly
- Correct virtual environment setup to allow VS Code to format Python Files (using autopep8, Black Formatter or Ruff)
- Why does the basic string formatting outperforms the built-in re.compile() function?
- How to successfully embed images in HTML for display in webmail clients?
- Use format specifier to convert float/int column in polars dataframe to string
- How to print a string at a fixed width?
- Chart with hh:min format in the horizontal axis instead of hours
- git add Signed-off-by line using format.signoff not working
- Formatting Strings in Python
- Understanting what the syntax for {:.2} means in python
- Is there a more concise way to format .expect() message?
- f-strings with variable number of parameters?
- Where's the DateTime 'Z' format specifier?
- Python 3 How to format to yyyy-mm-ddThh:mm:ssZ
- Common Lisp's equivalent of \r inside the format function?
- Why std::make_format_args expects a non-const reference
- What's the difference between String.format() and str.formatted() in Java?
- SI-prefixes for number format in MS Excel
- PHPWord how to add text break / new line while in a text run
- How to enable aligning multiple variable declarations
- Adding comment and formatting with REST API for Azure Devops
- Reading csv with specific formats via pandas read_csv
- How to solve: ValueError: Invalid format specifier?
- Vue: Auto-format/lint: move <script> before <template> tags
- .Net Core 3 - API - XML and JSON format outputs upon URL request (.xml, .json)
- Formatting Raw String Python
- clang-format option to set penalty for breaking preprocessor directives
- WooCommerce Products - Always ensure that SKU contains 13 digits