Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/facunemi/evidence-sanitizer/llms.txt

Use this file to discover all available pages before exploring further.

evidence-sanitizer returns a specific exit code for every outcome so that shell scripts and CI pipelines can detect and handle failure conditions precisely. Exit code 0 means the command completed successfully — either a sanitized output file was written, or a dry run finished without errors. All non-zero codes indicate a specific category of failure, and the CLI always prints a human-readable error message to stderr alongside the non-zero exit.

Exit Code Reference

CodeNameMeaning
0successSanitization completed and output was written, or --dry-run completed without errors.
1EXIT_INTERNAL_ERRORAn unexpected internal error occurred. This is not expected during normal use.
3EXIT_UNSAFE_PATHAn output path safety violation was detected: the output file already exists, the output path resolves to the same file as the input, or the output parent directory does not exist.
4EXIT_INPUT_ERRORThe input file could not be read, is not a regular file, is not valid UTF-8 (or UTF-8 with BOM), exceeds the 10 MiB size limit, or contains NUL bytes.
5EXIT_OUTPUT_ERRORThe output file could not be written after exclusive creation was attempted.
Exit codes are intended for scripting and automation. Whenever the command exits with a non-zero code, it always prints a human-readable description of the failure to stderr before exiting. You do not need to parse exit codes to understand what went wrong interactively — but you do need them to branch on specific failure types in scripts.

Example Error Messages

Each non-zero exit code is accompanied by a stderr message in the form Error: <description>. Exit code 1 — internal error:
Error: unexpected internal error
Exit code 3 — unsafe path:
Error: output file already exists
Error: output path must not resolve to the input file
Error: output parent directory does not exist
Error: unsafe output path
Exit code 4 — input error:
Error: input file is not a readable regular file
Error: input exceeds 10 MiB limit
Error: input contains NUL bytes
Error: input is not valid UTF-8
Exit code 5 — output error:
Error: could not write output file

Using Exit Codes in Scripts

The following shell script runs sanitization and branches on the exit code to handle each failure category distinctly:
#!/usr/bin/env bash
set -euo pipefail

INPUT="evidence.txt"
OUTPUT="evidence.sanitized.txt"

uv run evidence-sanitizer sanitize "$INPUT" --output "$OUTPUT"
EXIT_CODE=$?

case $EXIT_CODE in
  0)
    echo "Sanitization succeeded. Review $OUTPUT before sharing."
    ;;
  1)
    echo "Internal error — please report this." >&2
    exit 1
    ;;
  3)
    echo "Path safety violation — check that $OUTPUT does not already exist," >&2
    echo "that its parent directory exists, and that it is not the same file as $INPUT." >&2
    exit 3
    ;;
  4)
    echo "Input error — check that $INPUT is a readable UTF-8 file under 10 MiB." >&2
    exit 4
    ;;
  5)
    echo "Output write error — check filesystem permissions for $OUTPUT." >&2
    exit 5
    ;;
  *)
    echo "Unexpected exit code: $EXIT_CODE" >&2
    exit "$EXIT_CODE"
    ;;
esac

CI Pipeline Example

In a CI environment you can use --dry-run combined with exit code checking to gate a pipeline on the presence of expected rule triggers, without writing any output file:
#!/usr/bin/env bash
# Fail the pipeline if the evidence file cannot be validated cleanly.
uv run evidence-sanitizer sanitize evidence.txt \
  --output evidence.sanitized.txt \
  --dry-run

if [ $? -ne 0 ]; then
  echo "Evidence validation failed." >&2
  exit 1
fi

echo "Evidence validated successfully."

Build docs developers (and LLMs) love