feat: add new consolidated --print-graph flag [CSENG-181]

[snyk-abedonik]

Pull Request Submission Checklist

• Follows CONTRIBUTING guidelines
• Commit messages
  are release-note ready, emphasizing
  what was changed, not how.
• Includes detailed description of changes
• Contains risk assessment (Low | Medium | High)
• Highlights breaking API changes (if applicable)
• Links to automated tests covering new functionality
• Includes manual testing instructions (if necessary)
• Updates relevant GitBook documentation (PR link: ___)
• Includes product update to be announced in the next stable release notes

What does this PR do?

Where should the reviewer start?

How should this be manually tested?

What's the product update that needs to be communicated to CLI users?

[snyk-io]

✅ Snyk checks have passed. No issues have been found so far.

Status	Scan Engine	Critical	High	Medium	Low	Total (0)
✅	Open Source Security	0	0	0	0	0 issues
✅	Licenses	0	0	0	0	0 issues
✅	Code Security	0	0	0	0	0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

[snyk-pr-review-bot]

PR Reviewer Guide 🔍

🧪 PR contains tests

🔒 No security concerns identified

⚡ Recommended focus areas for review Broken Flag Logic 🟠 [major] In getPrintGraphMode, the printGraphEnabled variable only checks for the base --print-graph flag and legacy aliases. It does not account for the new modular sub-flags --effective-graph, --jsonl-output, or --print-errors. Consequently, downstream predicates like shouldPrintEffectiveDepGraph will return false even if the user provides --effective-graph, unless they also explicitly provide the base --print-graph flag. This creates a regression in modular usability compared to the self-contained legacy flags. const printGraphEnabled = !!opts['print-graph'] || legacyEffectiveGraph || legacyEffectiveGraphWithErrors; Unused Feature Implementation 🟡 [minor] The jsonlOutput property is calculated within getPrintGraphMode but is never consumed by any logic in the PR. The standard printDepGraph function remains hardcoded to output human-readable markers ('DepGraph data:', etc.) regardless of this flag. This makes the newly added --jsonl-output flag non-functional for standard dependency graphs. const jsonlOutput = printGraphEnabled && (!!opts['jsonl-output'] || legacyEffectiveGraph || legacyEffectiveGraphWithErrors);

📚 Repository Context Analyzed This review considered 17 relevant code sections from 8 files (average relevance: 0.95) src/lib/snyk-test/common.ts (lines 1-258) src/lib/snyk-test/run-test.ts (5 segments, lines 723-930) src/lib/types.ts (lines 1-301) help/cli-commands/test.md (2 segments, lines 1-100) packages/snyk-fix/src/types.ts (lines 1-251) src/lib/plugins/get-deps-from-plugin.ts (lines 1-184) src/lib/plugins/get-multi-plugin-result.ts (lines 1-262) ... and 1 more file(s)