Merge pull request #35 from shubham-stepsecurity/sm/update

ashishkurmi · web-flow · commit 94231e692daa · 2026-04-22T00:37:19.000-07:00
feat: default quiet=false, raise S3 upload timeout to 10m, gofmt cleanup
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -16,6 +16,11 @@ See [VERSIONING.md](VERSIONING.md) for why the version starts at 1.8.1.
 - **`--include-bundled-plugins` flag**: Bundled/platform plugins (e.g., Eclipse's 500+ OSGi bundles) are now filtered out by default to reduce noise and payload size (~124KB → ~21KB). Use the flag to include them.
 - **Sigstore signing retry logic**: Release workflow retries artifact signing with Sigstore on transient failures.
 
+### Changed
+
+- **Quiet mode now defaults to `false`**: Progress output is shown by default in community mode, matching the behavior already documented in the README. `configure` prompt and `configure show` now display `false` when the value is unset.
+- **S3 telemetry upload timeout increased from 60 seconds to 10 minutes**: Large scan payloads on slower networks were exhausting the previous 60 s budget and forcing the retry loop to redo the entire upload.
+
 ## [1.10.1] - 2026-04-21
 
 ### Added
diff --git a/cmd/stepsecurity-dev-machine-guard/main.go b/cmd/stepsecurity-dev-machine-guard/main.go
@@ -56,7 +56,7 @@ func main() {
 	exec := executor.NewReal()
 
 	// Quiet resolution: config is the base, CLI overrides.
-	quiet := true
+	quiet := false
 	if config.Quiet != nil {
 		quiet = *config.Quiet
 	}
diff --git a/internal/cli/cli.go b/internal/cli/cli.go
@@ -11,17 +11,17 @@ import (
 
 // Config holds all parsed CLI flags.
 type Config struct {
-	Command          string   // "", "install", "uninstall", "send-telemetry", "configure", "configure show"
-	OutputFormat     string   // "pretty", "json", "html"
-	OutputFormatSet  bool     // true if --pretty/--json/--html was explicitly passed (not persisted)
-	HTMLOutputFile   string   // set by --html (not persisted)
-	ColorMode        string   // "auto", "always", "never"
-	Verbose          bool     // --verbose
-	EnableNPMScan        *bool    // nil=auto, true/false=explicit
-	EnableBrewScan       *bool    // nil=auto, true/false=explicit
-	EnablePythonScan     *bool    // nil=auto, true/false=explicit
-	IncludeBundledPlugins bool   // --include-bundled-plugins: include bundled/platform plugins in output
-	SearchDirs           []string // defaults to ["$HOME"]
+	Command               string   // "", "install", "uninstall", "send-telemetry", "configure", "configure show"
+	OutputFormat          string   // "pretty", "json", "html"
+	OutputFormatSet       bool     // true if --pretty/--json/--html was explicitly passed (not persisted)
+	HTMLOutputFile        string   // set by --html (not persisted)
+	ColorMode             string   // "auto", "always", "never"
+	Verbose               bool     // --verbose
+	EnableNPMScan         *bool    // nil=auto, true/false=explicit
+	EnableBrewScan        *bool    // nil=auto, true/false=explicit
+	EnablePythonScan      *bool    // nil=auto, true/false=explicit
+	IncludeBundledPlugins bool     // --include-bundled-plugins: include bundled/platform plugins in output
+	SearchDirs            []string // defaults to ["$HOME"]
 }
 
 // Parse parses CLI arguments and returns a Config.
diff --git a/internal/config/config.go b/internal/config/config.go
@@ -240,9 +240,9 @@ func RunConfigure() error {
 	}
 
 	// Quiet mode
-	currentQuiet := "true"
-	if existing.Quiet != nil && !*existing.Quiet {
-		currentQuiet = "false"
+	currentQuiet := "false"
+	if existing.Quiet != nil && *existing.Quiet {
+		currentQuiet = "true"
 	}
 	quietInput := promptValue(reader, "Quiet Mode (true/false)", currentQuiet)
 	switch strings.ToLower(quietInput) {
@@ -410,10 +410,10 @@ func displayOutputFormat(v string) string {
 }
 
 func displayQuiet(v *bool) string {
-	if v != nil && !*v {
-		return "false"
+	if v != nil && *v {
+		return "true"
 	}
-	return "true"
+	return "false"
 }
 
 func isPlaceholder(v string) bool {
diff --git a/internal/detector/eclipse_plugins.go b/internal/detector/eclipse_plugins.go
@@ -597,4 +597,3 @@ func parseEclipsePluginName(name string) *model.Extension {
 		IDEType:   "eclipse",
 	}
 }
-
diff --git a/internal/detector/eclipse_plugins_test.go b/internal/detector/eclipse_plugins_test.go
@@ -290,4 +290,3 @@ func TestFilterUserInstalledExtensions(t *testing.T) {
 		}
 	}
 }
-
diff --git a/internal/detector/ide.go b/internal/detector/ide.go
@@ -109,7 +109,7 @@ var ideDefinitions = []ideSpec{
 		WinPaths: []string{`%PROGRAMFILES%\JetBrains\GoLand *`},
 	},
 	{
-		AppName:      "Rider", IDEType: "rider", Vendor: "JetBrains",
+		AppName: "Rider", IDEType: "rider", Vendor: "JetBrains",
 		AppPath:      "/Applications/Rider.app",
 		WinPaths:     []string{`%PROGRAMFILES%\JetBrains\JetBrains Rider *`},
 		RegistryName: "JetBrains Rider",
diff --git a/internal/detector/jetbrains_test.go b/internal/detector/jetbrains_test.go
@@ -409,20 +409,22 @@ type mockDirEntry struct {
 	isDir bool
 }
 
-func (e *mockDirEntry) Name() string              { return e.name }
-func (e *mockDirEntry) IsDir() bool               { return e.isDir }
-func (e *mockDirEntry) Type() os.FileMode         { return 0 }
-func (e *mockDirEntry) Info() (os.FileInfo, error) { return &testFileInfo{name: e.name, dir: e.isDir}, nil }
+func (e *mockDirEntry) Name() string      { return e.name }
+func (e *mockDirEntry) IsDir() bool       { return e.isDir }
+func (e *mockDirEntry) Type() os.FileMode { return 0 }
+func (e *mockDirEntry) Info() (os.FileInfo, error) {
+	return &testFileInfo{name: e.name, dir: e.isDir}, nil
+}
 
 // testFileInfo implements os.FileInfo for testing.
 type testFileInfo struct {
 	name string
 	dir  bool
 }
 
-func (fi *testFileInfo) Name() string      { return fi.name }
-func (fi *testFileInfo) Size() int64       { return 0 }
-func (fi *testFileInfo) IsDir() bool       { return fi.dir }
+func (fi *testFileInfo) Name() string       { return fi.name }
+func (fi *testFileInfo) Size() int64        { return 0 }
+func (fi *testFileInfo) IsDir() bool        { return fi.dir }
 func (fi *testFileInfo) ModTime() time.Time { return time.Time{} }
 func (fi *testFileInfo) Mode() os.FileMode  { return 0o644 }
 func (fi *testFileInfo) Sys() any           { return nil }
diff --git a/internal/detector/nodescan.go b/internal/detector/nodescan.go
@@ -90,7 +90,6 @@ func (s *NodeScanner) runInDir(ctx context.Context, dir string, timeout time.Dur
 	return s.exec.RunInDir(ctx, dir, timeout, name, args...)
 }
 
-
 // checkPath checks if a binary is available, using the logged-in user's PATH when running as root.
 func (s *NodeScanner) checkPath(ctx context.Context, name string) error {
 	if s.shouldRunAsUser() {
diff --git a/internal/scan/scanner.go b/internal/scan/scanner.go
@@ -261,4 +261,3 @@ func mcpConfigsToCommunity(configs []model.MCPConfig) []model.MCPConfig {
 	}
 	return configs
 }
-
diff --git a/internal/telemetry/telemetry.go b/internal/telemetry/telemetry.go
@@ -469,7 +469,7 @@ func uploadToS3(ctx context.Context, log *progress.Logger, payload *Payload) err
 	// Upload payload to S3 with retry — use a longer timeout since payloads
 	// with npm scan data and execution logs can be several MB.
 	log.Progress("Uploading telemetry to S3 (%d bytes)...", len(payloadJSON))
-	s3Client := &http.Client{Timeout: 60 * time.Second}
+	s3Client := &http.Client{Timeout: 10 * time.Minute}
 	const maxRetries = 3
 	var putResp *http.Response
 	for attempt := 1; attempt <= maxRetries; attempt++ {
@@ -616,4 +616,3 @@ func ideDisplayName(ideType string) string {
 		return ideType
 	}
 }
-

Original file line number	Diff line number	Diff line change
`@@ -56,7 +56,7 @@ func main() {`
`56`	`56`	`exec := executor.NewReal()`
`57`	`57`
`58`	`58`	`// Quiet resolution: config is the base, CLI overrides.`
`59`		`- quiet := true`
	`59`	`+ quiet := false`
`60`	`60`	`if config.Quiet != nil {`
`61`	`61`	`quiet = *config.Quiet`
`62`	`62`	`}`
Original file line number	Diff line number	Diff line change
`@@ -240,9 +240,9 @@ func RunConfigure() error {`
`240`	`240`	`}`
`241`	`241`
`242`	`242`	`// Quiet mode`
`243`		`- currentQuiet := "true"`
`244`		`- if existing.Quiet != nil && !*existing.Quiet {`
`245`		`- currentQuiet = "false"`
	`243`	`+ currentQuiet := "false"`
	`244`	`+ if existing.Quiet != nil && *existing.Quiet {`
	`245`	`+ currentQuiet = "true"`
`246`	`246`	`}`
`247`	`247`	`quietInput := promptValue(reader, "Quiet Mode (true/false)", currentQuiet)`
`248`	`248`	`switch strings.ToLower(quietInput) {`
`@@ -410,10 +410,10 @@ func displayOutputFormat(v string) string {`
`410`	`410`	`}`
`411`	`411`
`412`	`412`	`func displayQuiet(v *bool) string {`
`413`		`- if v != nil && !*v {`
`414`		`- return "false"`
	`413`	`+ if v != nil && *v {`
	`414`	`+ return "true"`
`415`	`415`	`}`
`416`		`- return "true"`
	`416`	`+ return "false"`
`417`	`417`	`}`
`418`	`418`
`419`	`419`	`func isPlaceholder(v string) bool {`
Original file line number	Diff line number	Diff line change
`@@ -597,4 +597,3 @@ func parseEclipsePluginName(name string) *model.Extension {`
`597`	`597`	`IDEType: "eclipse",`
`598`	`598`	`}`
`599`	`599`	`}`
`600`		`-`
Original file line number	Diff line number	Diff line change
`@@ -290,4 +290,3 @@ func TestFilterUserInstalledExtensions(t *testing.T) {`
`290`	`290`	`}`
`291`	`291`	`}`
`292`	`292`	`}`
`293`		`-`
Original file line number	Diff line number	Diff line change
`@@ -109,7 +109,7 @@ var ideDefinitions = []ideSpec{`
`109`	`109`	WinPaths: []string{`%PROGRAMFILES%\JetBrains\GoLand *`},
`110`	`110`	`},`
`111`	`111`	`{`
`112`		`- AppName: "Rider", IDEType: "rider", Vendor: "JetBrains",`
	`112`	`+ AppName: "Rider", IDEType: "rider", Vendor: "JetBrains",`
`113`	`113`	`AppPath: "/Applications/Rider.app",`
`114`	`114`	WinPaths: []string{`%PROGRAMFILES%\JetBrains\JetBrains Rider *`},
`115`	`115`	`RegistryName: "JetBrains Rider",`
Original file line number	Diff line number	Diff line change
`@@ -90,7 +90,6 @@ func (s *NodeScanner) runInDir(ctx context.Context, dir string, timeout time.Dur`
`90`	`90`	`return s.exec.RunInDir(ctx, dir, timeout, name, args...)`
`91`	`91`	`}`
`92`	`92`
`93`		`-`
`94`	`93`	`// checkPath checks if a binary is available, using the logged-in user's PATH when running as root.`
`95`	`94`	`func (s *NodeScanner) checkPath(ctx context.Context, name string) error {`
`96`	`95`	`if s.shouldRunAsUser() {`
Original file line number	Diff line number	Diff line change
`@@ -261,4 +261,3 @@ func mcpConfigsToCommunity(configs []model.MCPConfig) []model.MCPConfig {`
`261`	`261`	`}`
`262`	`262`	`return configs`
`263`	`263`	`}`
`264`		`-`