Skip to content

fix(cli): preserve full per-skill JSON payload in recursive scans (#228)#231

Open
rodboev wants to merge 1 commit into
NVIDIA:mainfrom
rodboev:pr/recursive-json-full-schema-228
Open

fix(cli): preserve full per-skill JSON payload in recursive scans (#228)#231
rodboev wants to merge 1 commit into
NVIDIA:mainfrom
rodboev:pr/recursive-json-full-schema-228

Conversation

@rodboev

@rodboev rodboev commented Jun 29, 2026

Copy link
Copy Markdown
Contributor

Summary

skillspector scan --recursive --format json currently reduces each successful skills[] entry to a summary row and drops the full per-skill report contract that single-skill JSON already exposes. This rebases the branch onto current main, preserves the recursive JSON contract for integrations by embedding the full per-skill payload, and keeps current main's combined-file behavior for recursive non-JSON --output.

Closes #228

Root cause

_scan_multi_skill() already has the full graph result for each skill, including the rendered JSON report_body. The recursive JSON writer rebuilds each skills[] entry from only name, path, risk_score, risk_severity, and finding_count, so the richer per-skill JSON document is discarded before the combined file is written. This branch had also diverged from current main's recursive non-JSON output path, so the stale Markdown assertion was locking in behavior main no longer has.

Diff Notes

  • Rebase onto current main, keeping the existing _result_body() helper and concatenated non-JSON --output writer.
  • Parse successful per-skill JSON report_body values and merge them into each successful recursive skills[] entry while retaining the compatibility summary keys.
  • Keep per-skill error entries unchanged.
  • Update CLI regressions for recursive JSON fidelity, single-skill preservation, and recursive Markdown --output file behavior.

Scope

This stays on the CLI/report-contract boundary. It does not change analyzers, report-node schema, SARIF output, structured-skill discovery, baseline threading, provider behavior, or non-recursive output.

Verification

  • .\.venv\Scripts\python.exe -m pytest tests/unit/test_cli.py (12 passed)
  • uv run ruff check src/skillspector/cli.py tests/unit/test_cli.py
  • uv run ruff format --check src/skillspector/cli.py tests/unit/test_cli.py

@rng1995 rng1995 left a comment

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The JSON payload implementation is sound on this branch's base, but the PR conflicts with current main and its non-JSON regression test locks in behavior that main has since fixed. Rebase, preserve current main's combined-file behavior for recursive non-JSON --output, integrate the JSON payload work, and rerun the CLI suite.

Comment thread tests/unit/test_cli.py Outdated
@rodboev rodboev force-pushed the pr/recursive-json-full-schema-228 branch from 5407376 to a97aa41 Compare June 30, 2026 10:54
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

[BUG] --recursive --format json emits per-skill summary, drops the full per-issue schema (issues[], components[], analysis_completeness)

2 participants