Log audit errors when fail_upon_any_scanner_error is disabled#1352
Merged
Jordanh1996 merged 3 commits intoJun 16, 2026
Merged
Conversation
When fail_upon_any_scanner_error is disabled, frogbot continued without failing but only logged a generic warning, hiding the audit error that support needs to diagnose failures. Co-authored-by: Cursor <cursoragent@cursor.com>
Contributor
|
All contributors have signed the CLA ✍️ ✅ |
Author
|
I have read the CLA Document and I hereby sign the CLA |
Co-authored-by: Cursor <cursoragent@cursor.com>
attiasas
requested changes
Jun 16, 2026
attiasas
left a comment
attiasas
left a comment
Contributor
There was a problem hiding this comment.
Nice job!
Don't forget to fix:
return utils.CreateErrorIfFailUponScannerErrorEnabled(repository.GeneralConfig.FailUponAnyScannerError, fmt.Sprintf("failed to fix vulnerable dependencies: %s", err.Error()), err)
It will log the error twice now
The fix-vulnerabilities call site already embedded err in messageForLog; CreateErrorIfFailUponScannerErrorEnabled now appends the error separately. Co-authored-by: Cursor <cursoragent@cursor.com>
attiasas
added
bug
github-actions
Bot
removed
the
safe to test
This was referenced Jun 17, 2026
Jordanh1996
added a commit
to Jordanh1996/frogbot
that referenced
this pull request
Jun 17, 2026
When allow_partial_results is enabled, frogbot continued without failing but only logged a generic warning, hiding the underlying audit error. Include the actual error in the warning so pipelines remain debuggable. Backport of jfrog#1352 for master. Co-authored-by: Cursor <cursoragent@cursor.com>
Jordanh1996
added a commit
that referenced
this pull request
Jun 17, 2026
When allow_partial_results is enabled, frogbot continued without failing but only logged a generic warning, hiding the underlying audit error. Include the actual error in the warning so pipelines remain debuggable. Backport of #1352 for master. Co-authored-by: Cursor <cursoragent@cursor.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
When
fail_upon_any_scanner_erroris off, frogbot skips failing the command but previously logged only a generic warning, hiding the underlying audit error. Include the actual error in the warning so pipelines that allow partial results remain debuggable without toggling the config profile.Test plan
scan-repositorywith a profile wherefail_upon_any_scanner_erroris false and audit fails; confirm the warn line includes the scanner error text and exit code stays 0.Made with Cursor