nodejs-scan SAST analyzer prints non-verbose errors even when report generation is successful

What is the issue

The customer is running Node JS Scan on a container in their pipeline. The job succeeds but prints a bunch of errors along the way (see below).

...
$ /analyzer run
[INFO] [NodeJsScan] [2022-05-11T14:37:03Z] ▶ GitLab NodeJsScan analyzer v2.23.1
[INFO] [NodeJsScan] [2022-05-11T14:37:03Z] ▶ Detecting project
[INFO] [NodeJsScan] [2022-05-11T14:37:03Z] ▶ Found relevant files in project, analyzing entire repository
[INFO] [NodeJsScan] [2022-05-11T14:37:03Z] ▶ Running analyzer
[DEBU] [NodeJsScan] [2022-05-11T14:37:03Z] ▶ /builds/fortressinfosec/r3/.gitlab/sast-ruleset.toml not found, ruleset support will be disabled.
[DEBU] [NodeJsScan] [2022-05-11T14:57:03Z] ▶ /usr/local/bin/njsscan --config .njsscan --json --output /tmp/njsscan.json /builds/fortressinfosec/r3
[INFO] [NodeJsScan] [2022-05-11T14:57:03Z] ▶ Creating report
[DEBU] [NodeJsScan] [2022-05-11T14:57:04Z] ▶ njsscan error: Timeout, 
[DEBU] [NodeJsScan] [2022-05-11T14:57:04Z] ▶ njsscan error: Timeout, 
[DEBU] [NodeJsScan] [2022-05-11T14:57:04Z] ▶ njsscan error: Timeout, 
[DEBU] [NodeJsScan] [2022-05-11T14:57:04Z] ▶ njsscan error: Syntax error, 
[DEBU] [NodeJsScan] [2022-05-11T14:57:04Z] ▶ njsscan error: Syntax error, 
[DEBU] [NodeJsScan] [2022-05-11T14:57:04Z] ▶ njsscan error: Syntax error, 
[DEBU] [NodeJsScan] [2022-05-11T14:57:04Z] ▶ njsscan error: Syntax error, 
[DEBU] [NodeJsScan] [2022-05-11T14:57:04Z] ▶ njsscan error: Syntax error, 
[DEBU] [NodeJsScan] [2022-05-11T14:57:04Z] ▶ njsscan error: Syntax error, 
...
[DEBU] [NodeJsScan] [2022-05-11T14:57:04Z] ▶ njsscan error: Timeout, 
[DEBU] [NodeJsScan] [2022-05-11T14:57:04Z] ▶ njsscan error: Timeout, 
[DEBU] [NodeJsScan] [2022-05-11T14:57:04Z] ▶ /builds/fortressinfosec/r3/.gitlab/sast-ruleset.toml not found, ruleset support will be disabled.
[DEBU] [NodeJsScan] [2022-05-11T14:57:04Z] ▶ Applying report overrides
[DEBU] [NodeJsScan] [2022-05-11T14:57:04Z] ▶ /builds/fortressinfosec/r3/.gitlab/sast-ruleset.toml not found, ruleset support will be disabled.
[DEBU] [NodeJsScan] [2022-05-11T14:57:04Z] ▶ Optimizing JSON Output
Saving cache for successful job 00:39
Creating cache default-protected...
app/node_modules/: found 18114 matching files and directories 
app/.meteor/local: found 9507 matching files and directories 
WARNING: vendorPortal/node_modules/: no matching files 
WARNING: vendorPortal/.meteor/local: no matching files 
Uploading cache.zip to https://storage.googleapis.com/gitlab-com-runners-cache/project/29007963/default-protected 
Created cache
Uploading artifacts for successful job 00:02
Uploading artifacts...
gl-sast-report.json: found 1 matching files and directories 
Uploading artifacts as "sast" to coordinator... 201 Created  id=2442804480 responseStatus=201 Created token=wKQf-KND
Cleaning up project directory and file based variables 00:01
Job succeeded

Based on a quick look at the code -- it is caused by the underlying library(njsscan) which we use for scanning. njsscan generates the analysis report along with any errors found during the process. The analyzer prints out reported errors(if any) and then proceeds with the conversion of the generated report to SAST compatible report.

Relevent issue/ticket links

• https://gitlab.zendesk.com/agent/tickets/293569
• https://gitlab.slack.com/archives/CLA54H7PY/p1654125366490349