From eee1ec5fb73a55da2afbe2eb5a8dfc867942c77e Mon Sep 17 00:00:00 2001 From: PeterSchafer <101886095+PeterSchafer@users.noreply.github.com> Date: Mon, 25 Mar 2024 20:52:03 +0100 Subject: [PATCH] fix: Fix error in sbom command when using --json-file-output (#5136) --- cliv2/go.mod | 2 +- cliv2/go.sum | 4 +-- test/jest/acceptance/snyk-sbom/sbom.spec.ts | 30 +++++++++++++++++++++ 3 files changed, 33 insertions(+), 3 deletions(-) diff --git a/cliv2/go.mod b/cliv2/go.mod index 105f4c7348..69180dccd9 100644 --- a/cliv2/go.mod +++ b/cliv2/go.mod @@ -13,7 +13,7 @@ require ( github.com/snyk/cli-extension-iac-rules v0.0.0-20230601153200-c572cfce46ce github.com/snyk/cli-extension-sbom v0.0.0-20240314090036-46535b380426 github.com/snyk/container-cli v0.0.0-20240322120441-6d9b9482f9b1 - github.com/snyk/go-application-framework v0.0.0-20240325111322-3ab1f2dfef13 + github.com/snyk/go-application-framework v0.0.0-20240325175807-5cb112133ceb github.com/snyk/go-httpauth v0.0.0-20240307114523-1f5ea3f55c65 github.com/snyk/snyk-iac-capture v0.6.5 github.com/snyk/snyk-ls v0.0.0-20240318135323-bd809c95fbe4 diff --git a/cliv2/go.sum b/cliv2/go.sum index f41efba40a..e9dc9cf16c 100644 --- a/cliv2/go.sum +++ b/cliv2/go.sum @@ -660,8 +660,8 @@ github.com/snyk/code-client-go v0.3.1 h1:jCYBRJJ/qVlPRqJONwmwpMCMe7s/lulbJQE6KUe github.com/snyk/code-client-go v0.3.1/go.mod h1:D+cfqDbuZE1S106bY3Tr+ZXLb9BR16kKBtvlf0xdyNA= github.com/snyk/container-cli v0.0.0-20240322120441-6d9b9482f9b1 h1:9RKY9NdX5DrJAoVXDP0JiqrXT+4Nb9NH8pjEcA0NsLA= github.com/snyk/container-cli v0.0.0-20240322120441-6d9b9482f9b1/go.mod h1:38w+dcAQp9eG3P5t2eNS9eG0reut10AeJjLv5lJ5lpM= -github.com/snyk/go-application-framework v0.0.0-20240325111322-3ab1f2dfef13 h1:5ZoA7CduF4mQLfmzqxQ1RSX9OXr+L2z5kF9pI2nUmfs= -github.com/snyk/go-application-framework v0.0.0-20240325111322-3ab1f2dfef13/go.mod h1:Yz/qxFyfhf0xbA+z8Vzr5IM9IDG+BS+2PiGaP1yAsEw= +github.com/snyk/go-application-framework v0.0.0-20240325175807-5cb112133ceb h1:ovhyFAt2BDPNmzJ1M2KuGz0s2GSfiY9VoMF4/EvMG00= +github.com/snyk/go-application-framework v0.0.0-20240325175807-5cb112133ceb/go.mod h1:Yz/qxFyfhf0xbA+z8Vzr5IM9IDG+BS+2PiGaP1yAsEw= github.com/snyk/go-httpauth v0.0.0-20240307114523-1f5ea3f55c65 h1:CEQuYv0Go6MEyRCD3YjLYM2u3Oxkx8GpCpFBd4rUTUk= github.com/snyk/go-httpauth v0.0.0-20240307114523-1f5ea3f55c65/go.mod h1:88KbbvGYlmLgee4OcQ19yr0bNpXpOr2kciOthaSzCAg= github.com/snyk/policy-engine v0.22.0 h1:od9pduGrXyfWO791X+8M1qmnvWUxaIXh0gBzGKqeseA= diff --git a/test/jest/acceptance/snyk-sbom/sbom.spec.ts b/test/jest/acceptance/snyk-sbom/sbom.spec.ts index e9ecc5138e..56ff85546d 100644 --- a/test/jest/acceptance/snyk-sbom/sbom.spec.ts +++ b/test/jest/acceptance/snyk-sbom/sbom.spec.ts @@ -1,6 +1,7 @@ import { createProjectFromWorkspace } from '../../util/createProject'; import { runSnykCLI } from '../../util/runSnykCLI'; import { fakeServer } from '../../../acceptance/fake-server'; +import * as fs from 'fs'; jest.setTimeout(1000 * 60 * 5); @@ -83,6 +84,35 @@ describe('snyk sbom (mocked server only)', () => { ); }); + test('`sbom` is written to a file - CycloneDX 1.4', async () => { + const project = await createProjectFromWorkspace('npm-package'); + + const { code } = await runSnykCLI( + `sbom --org aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee --format cyclonedx1.4+json --debug --json-file-output sbom.json`, + { + cwd: project.path(), + env, + }, + ); + + expect(code).toEqual(0); + + const sbomFileContent = fs.readFileSync( + project.path() + '/sbom.json', + 'utf8', + ); + const bom = JSON.parse(sbomFileContent); + expect(bom.metadata.tools).toEqual( + expect.arrayContaining([ + { + vendor: 'Snyk', + name: 'snyk-cli', + version: expect.any(String), + }, + ]), + ); + }); + test('`sbom` generates an SBOM for a single project - CycloneDX 1.5', async () => { const project = await createProjectFromWorkspace('npm-package');