feat: returning dependencies as a string, for MCP server opportunity

Author: Alex Holmberg

src/handlers/dependencies.rs

@@ -13,11 +13,14 @@ pub async fn handle_dependencies(
     _prod_only: bool,
     _dev_only: bool,
     format: OutputFormat,
-) -> crate::Result<()> {
+) -> crate::Result<String> {
     let project_path = path.canonicalize()
         .unwrap_or_else(|_| path.clone());
 
-    println!("🔍 Analyzing dependencies: {}", project_path.display());
+    let mut output = String::new();
+    let header = format!("🔍 Analyzing dependencies: {}\n", project_path.display());
+    println!("{}", header);
+    output.push_str(&header);
 
     // First, analyze the project using monorepo analysis
     let monorepo_analysis = analyze_monorepo(&project_path)?;
@@ -36,17 +39,20 @@ pub async fn handle_dependencies(
     ).await?;
 
     if format == OutputFormat::Table {
-        display_dependencies_table(&dep_analysis, &monorepo_analysis, licenses, vulnerabilities, &all_languages, &project_path).await?;
+        let table_output = display_dependencies_table(&dep_analysis, &monorepo_analysis, licenses, vulnerabilities, &all_languages, &project_path).await?;
+        output.push_str(&table_output);
     } else if format == OutputFormat::Json {
         // JSON output
-        let output = serde_json::json!({
+        let json_data = serde_json::json!({
             "dependencies": dep_analysis.dependencies,
             "total": dep_analysis.dependencies.len(),
         });
-        println!("{}", serde_json::to_string_pretty(&output)?);
+        let json_output = serde_json::to_string_pretty(&json_data)?;
+        println!("{}", json_output);
+        output.push_str(&json_output);
     }
 
-    Ok(())
+    Ok(output)
 }
 
 async fn display_dependencies_table(
@@ -56,58 +62,74 @@ async fn display_dependencies_table(
     vulnerabilities: bool,
     all_languages: &[analyzer::DetectedLanguage],
     project_path: &std::path::Path,
-) -> crate::Result<()> {
+) -> crate::Result<String> {
     use termcolor::{ColorChoice, StandardStream, WriteColor, ColorSpec, Color};
 
+    let mut output = String::new();
     let mut stdout = StandardStream::stdout(ColorChoice::Always);
 
     // Print summary
-    println!("\n📦 Dependency Analysis Report");
-    println!("{}", "=".repeat(80));
+    let summary_header = format!("\n📦 Dependency Analysis Report\n{}\n", "=".repeat(80));
+    println!("{}", summary_header);
+    output.push_str(&summary_header);
 
-    let total_deps: usize = dep_analysis.dependencies.len();
-    println!("Total dependencies: {}", total_deps);
+    let total_deps_line = format!("Total dependencies: {}\n", dep_analysis.dependencies.len());
+    println!("{}", total_deps_line);
+    output.push_str(&total_deps_line);
 
     if monorepo_analysis.is_monorepo {
-        println!("Projects analyzed: {}", monorepo_analysis.projects.len());
+        let projects_line = format!("Projects analyzed: {}\n", monorepo_analysis.projects.len());
+        println!("{}", projects_line);
+        output.push_str(&projects_line);
         for project in &monorepo_analysis.projects {
-            println!("  • {} ({})", project.name, format_project_category(&project.project_category));
+            let project_line = format!("  • {} ({})\n", project.name, format_project_category(&project.project_category));
+            println!("{}", project_line);
+            output.push_str(&project_line);
         }
     }
 
     for (name, info) in &dep_analysis.dependencies {
-        print!("  {} v{}", name, info.version);
+        let dep_line = format!("  {} v{}", name, info.version);
+        print!("{}", dep_line);
+        output.push_str(&dep_line);
 
         // Color code by type
         stdout.set_color(ColorSpec::new().set_fg(Some(
             if info.is_dev { Color::Yellow } else { Color::Green }
         )))?;
 
-        print!(" [{}]", if info.is_dev { "dev" } else { "prod" });
+        let type_tag = format!(" [{}]", if info.is_dev { "dev" } else { "prod" });
+        print!("{}", type_tag);
+        output.push_str(&type_tag);
 
         stdout.reset()?;
 
         if licenses && info.license.is_some() {
-            print!(" - License: {}", info.license.as_ref().unwrap_or(&"Unknown".to_string()));
+            let license_info = format!(" - License: {}", info.license.as_ref().unwrap_or(&"Unknown".to_string()));
+            print!("{}", license_info);
+            output.push_str(&license_info);
         }
 
         println!();
+        output.push('\n');
     }
 
     if licenses {
-        display_license_summary(&dep_analysis.dependencies);
+        let license_output = display_license_summary(&dep_analysis.dependencies);
+        output.push_str(&license_output);
     }
 
     if vulnerabilities {
-        check_and_display_vulnerabilities(dep_analysis, all_languages, project_path).await?;
+        let vuln_output = check_and_display_vulnerabilities(dep_analysis, all_languages, project_path).await?;
+        output.push_str(&vuln_output);
     }
 
-    Ok(())
+    Ok(output)
 }
 
-fn display_license_summary(dependencies: &analyzer::dependency_parser::DetailedDependencyMap) {
-    println!("\n📋 License Summary");
-    println!("{}", "-".repeat(80));
+fn display_license_summary(dependencies: &analyzer::dependency_parser::DetailedDependencyMap) -> String {
+    let mut output = String::new();
+    output.push_str(&format!("\n📋 License Summary\n{}\n", "-".repeat(80)));
 
     let mut license_counts: HashMap<String, usize> = HashMap::new();
 
@@ -121,18 +143,24 @@ fn display_license_summary(dependencies: &analyzer::dependency_parser::DetailedD
     licenses.sort_by(|a, b| b.1.cmp(&a.1));
 
     for (license, count) in licenses {
-        println!("  {}: {} packages", license, count);
+        output.push_str(&format!("  {}: {} packages\n", license, count));
     }
+    
+    println!("{}", output);
+    output
 }
 
 async fn check_and_display_vulnerabilities(
     dep_analysis: &analyzer::dependency_parser::DependencyAnalysis,
     all_languages: &[analyzer::DetectedLanguage],
     project_path: &std::path::Path,
-) -> crate::Result<()> {
+) -> crate::Result<String> {
     use termcolor::{ColorChoice, StandardStream, WriteColor, ColorSpec, Color};
 
+    let mut output = String::new();
+    
     println!("\n🔍 Checking for vulnerabilities...");
+    output.push_str("\n🔍 Checking for vulnerabilities...\n");
 
     // Convert DetailedDependencyMap to the format expected by VulnerabilityChecker
     let mut deps_by_language: HashMap<analyzer::dependency_parser::Language, Vec<analyzer::dependency_parser::DependencyInfo>> = HashMap::new();
@@ -199,17 +227,25 @@ async fn check_and_display_vulnerabilities(
         Ok(report) => {
             let mut stdout = StandardStream::stdout(ColorChoice::Always);
 
-            println!("\n🛡️ Vulnerability Report");
-            println!("{}", "-".repeat(80));
-            println!("Checked at: {}", report.checked_at.format("%Y-%m-%d %H:%M:%S UTC"));
-            println!("Total vulnerabilities: {}", report.total_vulnerabilities);
+            let report_header = format!("\n🛡️ Vulnerability Report\n{}\nChecked at: {}\nTotal vulnerabilities: {}\n",
+                "-".repeat(80),
+                report.checked_at.format("%Y-%m-%d %H:%M:%S UTC"),
+                report.total_vulnerabilities
+            );
+            println!("{}", report_header);
+            output.push_str(&report_header);
 
             if report.total_vulnerabilities > 0 {
-                display_vulnerability_breakdown(&report, &mut stdout)?;
-                display_vulnerable_dependencies(&report, &mut stdout)?;
+                let breakdown_output = display_vulnerability_breakdown(&report, &mut stdout)?;
+                output.push_str(&breakdown_output);
+                
+                let deps_output = display_vulnerable_dependencies(&report, &mut stdout)?;
+                output.push_str(&deps_output);
             } else {
                 stdout.set_color(ColorSpec::new().set_fg(Some(Color::Green)))?;
-                println!("\n✅ No known vulnerabilities found!");
+                let no_vulns_message = "\n✅ No known vulnerabilities found!\n";
+                println!("{}", no_vulns_message);
+                output.push_str(no_vulns_message);
                 stdout.reset()?;
             }
         }
@@ -219,56 +255,72 @@ async fn check_and_display_vulnerabilities(
         }
     }
 
-    Ok(())
+    Ok(output)
 }
 
 fn display_vulnerability_breakdown(
     report: &analyzer::vulnerability_checker::VulnerabilityReport,
     stdout: &mut termcolor::StandardStream,
-) -> crate::Result<()> {
+) -> crate::Result<String> {
     use termcolor::{WriteColor, ColorSpec, Color};
 
-    println!("\nSeverity Breakdown:");
+    let mut output = String::new();
+    
+    output.push_str("\nSeverity Breakdown:\n");
     if report.critical_count > 0 {
         stdout.set_color(ColorSpec::new().set_fg(Some(Color::Red)).set_bold(true))?;
-        println!("  CRITICAL: {}", report.critical_count);
+        let critical_line = format!("  CRITICAL: {}\n", report.critical_count);
+        output.push_str(&critical_line);
+        print!("{}", critical_line);
         stdout.reset()?;
     }
     if report.high_count > 0 {
         stdout.set_color(ColorSpec::new().set_fg(Some(Color::Red)))?;
-        println!("  HIGH: {}", report.high_count);
+        let high_line = format!("  HIGH: {}\n", report.high_count);
+        output.push_str(&high_line);
+        print!("{}", high_line);
         stdout.reset()?;
     }
     if report.medium_count > 0 {
         stdout.set_color(ColorSpec::new().set_fg(Some(Color::Yellow)))?;
-        println!("  MEDIUM: {}", report.medium_count);
+        let medium_line = format!("  MEDIUM: {}\n", report.medium_count);
+        output.push_str(&medium_line);
+        print!("{}", medium_line);
         stdout.reset()?;
     }
     if report.low_count > 0 {
         stdout.set_color(ColorSpec::new().set_fg(Some(Color::Blue)))?;
-        println!("  LOW: {}", report.low_count);
+        let low_line = format!("  LOW: {}\n", report.low_count);
+        output.push_str(&low_line);
+        print!("{}", low_line);
         stdout.reset()?;
     }
 
-    Ok(())
+    Ok(output)
 }
 
 fn display_vulnerable_dependencies(
     report: &analyzer::vulnerability_checker::VulnerabilityReport,
     stdout: &mut termcolor::StandardStream,
-) -> crate::Result<()> {
+) -> crate::Result<String> {
     use termcolor::{WriteColor, ColorSpec, Color};
 
-    println!("\nVulnerable Dependencies:");
+    let mut output = String::new();
+    
+    output.push_str("\nVulnerable Dependencies:\n");
     for vuln_dep in &report.vulnerable_dependencies {
-        println!("\n  📦 {} v{} ({})", 
+        let dep_line = format!("\n  📦 {} v{} ({})\n", 
             vuln_dep.name, 
             vuln_dep.version,
             vuln_dep.language.as_str()
         );
+        output.push_str(&dep_line);
+        print!("{}", dep_line);
 
         for vuln in &vuln_dep.vulnerabilities {
-            print!("    ⚠️  {} ", vuln.id);
+            let vuln_id_line = format!("    ⚠️  {} ", vuln.id);
+            output.push_str(&vuln_id_line);
+            print!("{}", vuln_id_line);
 
             // Color by severity
             stdout.set_color(ColorSpec::new().set_fg(Some(
@@ -281,28 +333,36 @@ fn display_vulnerable_dependencies(
                 }
             )).set_bold(vuln.severity == VulnerabilitySeverity::Critical))?;
 
-            print!("[{}]", match vuln.severity {
-                VulnerabilitySeverity::Critical => "CRITICAL",
-                VulnerabilitySeverity::High => "HIGH",
-                VulnerabilitySeverity::Medium => "MEDIUM",
-                VulnerabilitySeverity::Low => "LOW",
-                VulnerabilitySeverity::Info => "INFO",
-            });
+            let severity_tag = match vuln.severity {
+                VulnerabilitySeverity::Critical => "[CRITICAL]",
+                VulnerabilitySeverity::High => "[HIGH]",
+                VulnerabilitySeverity::Medium => "[MEDIUM]",
+                VulnerabilitySeverity::Low => "[LOW]",
+                VulnerabilitySeverity::Info => "[INFO]",
+            };
+            output.push_str(severity_tag);
+            print!("{}", severity_tag);
 
             stdout.reset()?;
 
-            println!(" - {}", vuln.title);
+            let title_line = format!(" - {}\n", vuln.title);
+            output.push_str(&title_line);
+            print!("{}", title_line);
 
             if let Some(ref cve) = vuln.cve {
-                println!("       CVE: {}", cve);
+                let cve_line = format!("       CVE: {}\n", cve);
+                output.push_str(&cve_line);
+                println!("{}", cve_line.trim_end());
             }
             if let Some(ref patched) = vuln.patched_versions {
                 stdout.set_color(ColorSpec::new().set_fg(Some(Color::Green)))?;
-                println!("       Fix: Upgrade to {}", patched);
+                let fix_line = format!("       Fix: Upgrade to {}\n", patched);
+                output.push_str(&fix_line);
+                println!("{}", fix_line.trim_end());
                 stdout.reset()?;
             }
         }
     }
 
-    Ok(())
+    Ok(output)
 } 

src/lib.rs

@@ -72,7 +72,7 @@ pub async fn run_command(command: Commands) -> Result<()> {
             handlers::handle_support(languages, frameworks, detailed)
         }
         Commands::Dependencies { path, licenses, vulnerabilities, prod_only, dev_only, format } => {
-            handlers::handle_dependencies(path, licenses, vulnerabilities, prod_only, dev_only, format).await
+            handlers::handle_dependencies(path, licenses, vulnerabilities, prod_only, dev_only, format).await.map(|_| ())
         }
         Commands::Vulnerabilities { path, severity, format, output } => {
             handlers::handle_vulnerabilities(path, severity, format, output).await