parlov-output

Output formatters for parlov. Renders OracleResult as terminal tables or JSON.

table

use parlov_output::render_table;

let output = render_table(&result);
println!("{output}");

+-----------+-----------+----------+-------------------------------+
| Oracle    | Verdict   | Severity | Evidence                      |
+==================================================================+
| Existence | Confirmed | High     | 403 (baseline) vs 404 (probe) |
|           |           | Label    | Authorization-based differential |
|           |           | Leaks    | Resource existence confirmed   |
|           |           | RFC Basis| RFC 9110 §15.5.4              |
+-----------+-----------+----------+-------------------------------+

ANSI-colored by verdict (red = Confirmed, yellow = Likely, green = NotPresent) and severity (red = High, yellow = Medium, cyan = Low). Multiple evidence lines get their own rows. Label, Leaks, and RFC Basis rows appear when the classifier provides metadata; omitted for NotPresent results.

json

use parlov_output::render_json;

let json = render_json(&result)?;

{
  "class": "Existence",
  "verdict": "Confirmed",
  "evidence": [
    "403 (baseline) vs 404 (probe)"
  ],
  "severity": "High",
  "label": "Authorization-based differential",
  "leaks": "Resource existence confirmed to low-privilege callers",
  "rfc_basis": "RFC 9110 §15.5.4"
}

Pretty-printed via serde_json. label, leaks, and rfc_basis are omitted when None (e.g. NotPresent results).

planned

SARIF v2.1.0 output via serde-sarif for CI/CD integration

license

MIT OR Apache-2.0

parlov-output 0.2.0

parlov-output

table

json

planned

license