-
Notifications
You must be signed in to change notification settings - Fork 566
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
docs: synchronizing help from snyk/user-docs (#5179)
Co-authored-by: mcombuechen <[email protected]>
- Loading branch information
1 parent
ea6293b
commit 77d8bfe
Showing
3 changed files
with
59 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,54 @@ | ||
# SBOM test | ||
|
||
**Feature availability:** This feature is available to customers on Snyk Enterprise plans. | ||
|
||
## Usage | ||
|
||
`snyk sbom test --experimental --file=<FILE_PATH> [<options>]` | ||
|
||
## Description | ||
|
||
The `snyk sbom test` command checks SBOM files for vulnerabilities in open-source packages. | ||
|
||
## Exit codes | ||
|
||
Possible exit codes and their meaning: | ||
|
||
**0**: success (scan completed), no vulnerabilities found\ | ||
**1**: action_needed (scan completed), vulnerabilities found\ | ||
**2**: failure, try to re-run the command | ||
|
||
## Configure the Snyk CLI | ||
|
||
You can use environment variables to configure the Snyk CLI and set variables for connecting with the Snyk API. See [Configure the Snyk CLI](https://docs.snyk.io/snyk-cli/configure-the-snyk-cli) | ||
|
||
## Debug | ||
|
||
Use the `-d` or `--debug` option to output the debug logs. | ||
|
||
## Options | ||
|
||
### `--experimental` | ||
|
||
Required. Use experimental command features. This option is currently required as the command is in its experimental phase. | ||
|
||
### `--file=<FILE_PATH>` | ||
|
||
Required. Specify the file path of the SBOM document. | ||
|
||
The `snyk sbom test` command accepts the following file formats: | ||
|
||
- **CycloneDX:** JSON version 1.4, 1.5 and 2.0 | ||
- **SPDX:** JSON version 2.3 and 2.3.1 | ||
|
||
Packages and components within the provided SBOM file must be identified by a PackageURL (purl). | ||
|
||
Supported purl types are: `apk`, `deb`, `cargo`, `cocoapods`, `composer`, `gem`, `generic`, `golang`, `hex`, `maven`, `npm`, `nuget`, `pypi`, `rpm`, `swift`. | ||
|
||
Example: `$ snyk sbom test --experimental --file=bom.cdx.json` | ||
|
||
### `--json` | ||
|
||
Print results on the console as a JSON data structure. | ||
|
||
Example: `$ snyk sbom test --experimental --file=bom.cdx.json --json` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,3 +1,7 @@ | ||
--- | ||
description: Generate an SBOM document from a local file system. | ||
--- | ||
|
||
# SBOM | ||
|
||
## Prerequisites | ||
|