refactor: improve logs and add exception stack trace for YarnAuditAnalyzer (#7694)

nhumblot · web-flow · commit 991397caa078 · 2025-05-31T11:50:57.000-04:00
diff --git a/core/src/main/java/org/owasp/dependencycheck/analyzer/NodePackageAnalyzer.java b/core/src/main/java/org/owasp/dependencycheck/analyzer/NodePackageAnalyzer.java
@@ -196,7 +196,8 @@ private boolean isNodeAuditEnabled(Engine engine) {
                     try {
                         ((AbstractNpmAnalyzer) a).prepareFileTypeAnalyzer(engine);
                     } catch (InitializationException ex) {
-                        LOGGER.debug("Error initializing the {}", a.getName());
+                        String message = "Error initializing the " + a.getName();
+                        LOGGER.debug(message, ex);
                     }
                 }
                 return a.isEnabled();
diff --git a/core/src/main/java/org/owasp/dependencycheck/analyzer/YarnAuditAnalyzer.java b/core/src/main/java/org/owasp/dependencycheck/analyzer/YarnAuditAnalyzer.java
@@ -188,12 +188,14 @@ protected void prepareFileTypeAnalyzer(Engine engine) throws InitializationExcep
                     case yarnExecutableNotFoundExitValue:
                     default:
                         this.setEnabled(false);
-                        LOGGER.warn("The {} has been disabled. Yarn executable was not found.", getName());
+                        LOGGER.warn("The {} has been disabled after receiving exit value {}. Yarn executable was not " +
+                                        "found or received a non-zero exit value.", getName(), exitValue);
                 }
             }
         } catch (Exception ex) {
             this.setEnabled(false);
-            LOGGER.warn("The {} has been disabled. Yarn executable was not found.", getName());
+            LOGGER.warn("The {} has been disabled after receiving an exception. This can occur when Yarn executable " +
+                    "is not found.", getName());
             throw new InitializationException("Unable to read yarn audit output.", ex);
         }
     }

Original file line number	Diff line number	Diff line change
`@@ -196,7 +196,8 @@ private boolean isNodeAuditEnabled(Engine engine) {`
`196`	`196`	`try {`
`197`	`197`	`((AbstractNpmAnalyzer) a).prepareFileTypeAnalyzer(engine);`
`198`	`198`	`} catch (InitializationException ex) {`
`199`		`- LOGGER.debug("Error initializing the {}", a.getName());`
	`199`	`+ String message = "Error initializing the " + a.getName();`
	`200`	`+ LOGGER.debug(message, ex);`
`200`	`201`	`}`
`201`	`202`	`}`
`202`	`203`	`return a.isEnabled();`
Original file line number	Diff line number	Diff line change
`@@ -188,12 +188,14 @@ protected void prepareFileTypeAnalyzer(Engine engine) throws InitializationExcep`
`188`	`188`	`case yarnExecutableNotFoundExitValue:`
`189`	`189`	`default:`
`190`	`190`	`this.setEnabled(false);`
`191`		`- LOGGER.warn("The {} has been disabled. Yarn executable was not found.", getName());`
	`191`	`+ LOGGER.warn("The {} has been disabled after receiving exit value {}. Yarn executable was not " +`
	`192`	`+ "found or received a non-zero exit value.", getName(), exitValue);`
`192`	`193`	`}`
`193`	`194`	`}`
`194`	`195`	`} catch (Exception ex) {`
`195`	`196`	`this.setEnabled(false);`
`196`		`- LOGGER.warn("The {} has been disabled. Yarn executable was not found.", getName());`
	`197`	`+ LOGGER.warn("The {} has been disabled after receiving an exception. This can occur when Yarn executable " +`
	`198`	`+ "is not found.", getName());`
`197`	`199`	`throw new InitializationException("Unable to read yarn audit output.", ex);`
`198`	`200`	`}`
`199`	`201`	`}`