=== exit code
1
=== end of exit code

=== stdout - plain


┌──────────────────────────────────┐
│ 1 Reachable Supply Chain Finding │
└──────────────────────────────────┘

    foo.py with lockfile poetry.lock
   ❯❯❱ supply-chain-reachable-1
          found a reachable vulnerability from a dependency

            1┆ x = 2


=== end of stdout - plain

=== stderr - plain


┌────────────────┐
│ Debugging Info │
└────────────────┘

  SCAN ENVIRONMENT
  versions    - semgrep <MASKED> on python <MASKED>
  environment - running in environment git, triggering event is unknown

  CONNECTION
  Initializing scan (deployment=org_name, scan_id=12345)
  Enabled products: Code, Supply Chain

┌─────────────┐
│ Scan Status │
└─────────────┘
  Scanning 1 file tracked by git with 0 Code rules, 3 Supply Chain rules:


  CODE RULES
  Nothing to scan.

  SUPPLY CHAIN RULES

  Dependency Sources   Resolution Method   Ecosystem   Dependencies   Rules
 ───────────────────────────────────────────────────────────────────────────
  poetry.lock          Lockfile            Pypi        3                  3
  yarn.lock            Skipped             Unknown     -                  -


  Analysis   Rules
 ──────────────────
  Basic          2
  Unknown        1

  Current version has 3 findings.

Creating git worktree from '<MASKED>' to scan baseline.
  Will report findings introduced by these commits (may be incomplete for shallow checkouts):
    * <MASKED> add reachable vulnerability



┌─────────────┐
│ Scan Status │
└─────────────┘
  Scanning 2 files tracked by git with 0 Code rules, 3 Supply Chain rules:


  CODE RULES
  Nothing to scan.

  SUPPLY CHAIN RULES

  Dependency Sources   Resolution Method   Ecosystem   Dependencies   Rules
 ───────────────────────────────────────────────────────────────────────────
  poetry.lock          Lockfile            Pypi        3                  3


  Analysis   Rules
 ──────────────────
  Basic          2
  Unknown        1

  Uploading scan results
  Finalizing scan

┌──────────────┐
│ Scan Summary │
└──────────────┘
✅ CI scan completed successfully.
 • Findings: 1 (1 blocking)
 • Rules run: 3
 • Targets scanned: 2
 • Parsed lines: ~100.0%
 • Scan was limited to files changed since baseline commit.
 • For a detailed list of skipped files and lines, run semgrep with the --verbose flag
CI scan completed successfully.
  View results in Semgrep Cloud Platform:
    https://semgrep.dev/orgs/org_name/findings?repo=local_scan/checkout_project_name&ref=some/branch-name
    https://semgrep.dev/orgs/org_name/supply-chain/vulnerabilities?repo=local_scan/checkout_project_name&ref=some/branch-name
  Has findings for blocking rules so exiting with code 1
Test Reason

=== end of stderr - plain

=== stdout - color
<same as above: stdout - plain>
=== end of stdout - color

=== stderr - color
<same as above: stderr - plain>
=== end of stderr - color