=== exit code
1
=== end of exit code

=== stdout - plain


┌──────────────────────────┐
│ 4 Blocking Code Findings │
└──────────────────────────┘

    foo.py
   ❯❯❱ eqeq-bad
          useless comparison

            4┆ a == a
            ⋮┆----------------------------------------
            5┆ a == a
            ⋮┆----------------------------------------
            7┆ a == a
            ⋮┆----------------------------------------
           11┆ y == y


┌──────────────────────────────────┐
│ 1 Reachable Supply Chain Finding │
└──────────────────────────────────┘

    poetry.lock
   ❯❯❱ supply-chain1
          found a dependency

            2┆ name = "badlib"

  BLOCKING CODE RULES FIRED:
    eqeq-bad


=== end of stdout - plain

=== stderr - plain


┌────────────────┐
│ Debugging Info │
└────────────────┘

  SCAN ENVIRONMENT
  versions    - semgrep <MASKED> on python <MASKED>
  environment - running in environment git, triggering event is unknown

  CONNECTION
  Initializing scan (deployment=org_name, scan_id=12345)
  Enabled products: Code, Supply Chain

┌─────────────┐
│ Scan Status │
└─────────────┘
  Scanning 4 files tracked by git with 1 Code rule, 1 Supply Chain rule:


  CODE RULES
  Scanning 1 file.

  SUPPLY CHAIN RULES
  Scanning 1 file and 2 dependency sources.

  Dependency Sources   Resolution Method   Ecosystem   Dependencies   Rules
 ───────────────────────────────────────────────────────────────────────────
  poetry.lock          Lockfile            Pypi        3                  1
  yarn.lock            Lockfile            Npm         1                  0

  Uploading scan results
  Finalizing scan

┌──────────────┐
│ Scan Summary │
└──────────────┘
✅ CI scan completed successfully.
 • Findings: 5 (5 blocking)
 • Rules run: 2
 • Targets scanned: 3
 • Parsed lines: ~100.0%
 • Scan was limited to files tracked by git
 • For a detailed list of skipped files and lines, run semgrep with the --verbose flag
CI scan completed successfully.
  View results in Semgrep Cloud Platform:
    https://semgrep.dev/orgs/org_name/findings?repo=local_scan/checkout_project_name&ref=some/branch-name
    https://semgrep.dev/orgs/org_name/supply-chain/vulnerabilities?repo=local_scan/checkout_project_name&ref=some/branch-name
  Has findings for blocking rules so exiting with code 1
Test Reason

=== end of stderr - plain

=== stdout - color
<same as above: stdout - plain>
=== end of stdout - color

=== stderr - color
<same as above: stderr - plain>
=== end of stderr - color