added logging to slack and email commands

jorijn · jorijn · commit ccd857c2d456 · 2019-03-09T08:46:35.000+01:00
diff --git a/src/Console/SecurityMailCommand.php b/src/Console/SecurityMailCommand.php
@@ -3,6 +3,7 @@
 namespace Jorijn\LaravelSecurityChecker\Console;
 
 use Illuminate\Console\Command;
+use Illuminate\Support\Facades\Log;
 use Illuminate\Support\Facades\Mail;
 use Jorijn\LaravelSecurityChecker\Mailables\SecurityMail;
 use SensioLabs\Security\SecurityChecker;
@@ -45,12 +46,14 @@ public function handle()
         $composerLock = base_path('composer.lock');
 
         // and feed it into the SecurityChecker
+        Log::debug('about to check for vulnerabilities');
         $checkResult = json_decode((string)$this->checker->check($composerLock), true);
 
         // if the user didn't want any email if there are no results,
         // cancel execution here.
         $proceed = config('laravel-security-checker.notify_even_without_vulnerabilities', false);
         if ($proceed !== true && \count($checkResult) === 0) {
+            Log::info('no vulnerabilities were found, not sending any email');
             return 0;
         }
 
@@ -60,12 +63,14 @@ public function handle()
         });
 
         if ($recipients->count() === 0) {
+            Log::error('vulnerabilities were found, but there are no recipients configured');
             $this->error(
                 /** @scrutinizer ignore-type */__('laravel-security-checker::messages.no_recipients_configured')
             );
             return 1;
         }
 
+        Log::warning('vulnerabilities were found, emailed to configured recipients');
         Mail::to($recipients->toArray())->send(new SecurityMail($checkResult));
 
         return 0;
diff --git a/src/Console/SecuritySlackCommand.php b/src/Console/SecuritySlackCommand.php
@@ -3,6 +3,7 @@
 namespace Jorijn\LaravelSecurityChecker\Console;
 
 use Illuminate\Console\Command;
+use Illuminate\Support\Facades\Log;
 use Illuminate\Support\Facades\Notification;
 use Jorijn\LaravelSecurityChecker\Notifications\SecuritySlackNotification;
 use SensioLabs\Security\SecurityChecker;
@@ -43,21 +44,26 @@ public function handle()
     {
         // require that the user specifies a slack channel in the .env file
         if (!config('laravel-security-checker.slack_webhook_url')) {
+            Log::error('checking for vulnerabilities using slack was requested but no hook is configured');
             throw new \Exception('No Slack Webhook has been specified.');
         }
 
         // get the path to composer.lock
         $composerLock = base_path('composer.lock');
 
         // and feed it into the SecurityChecker
+        Log::debug('about to check for vulnerabilities');
         $vulnerabilities = json_decode((string)$this->checker->check($composerLock), true);
 
         // cancel execution here if user does not want to be notified when there are 0 vulns.
         $proceed = config('laravel-security-checker.notify_even_without_vulnerabilities', false);
         if (count($vulnerabilities) === 0 && $proceed !== true) {
+            Log::info('no vulnerabilities were found, not sending a slack notification');
+
             return 0;
         }
 
+        Log::warning('vulnerabilities were found, sending slack notification to configured hook');
         Notification::route('slack', config('laravel-security-checker.slack_webhook_url', null))
             ->notify(new SecuritySlackNotification($vulnerabilities, realpath($composerLock)));
     }
