Rename flag --list-all-pkgs to --list-pkgs

Resolves aquasecurity#828

In order to avoid confusion on the effect of `--list-all-pkgs` flag,
rename the flag to solely `--list-pkgs` which will result in listing
the packages alongside scanning for vulnerabilities according to the
given behavior.

In essence,

 -                                    | OS package list | OS package vulnerabilities | Langueage-specific package list | Language-specific vulnerabilities
------------------------------------- | --------------- | -------------------------- | ------------------------------- | ---------------------------------
`--vuln-type os`	              |       x	        |             v              |                x                |                x
`--vuln-type library`	              |       x	        |             x	             |                x	               |                v
`--vuln-type os,library`	      |       x         |             v	             |                x                |                v
`--vuln-type os --list-pkgs`          |	      v         |             v              |                x                |                x
`--vuln-type library --list-pkgs`     |	      x	        |             x	             |                v                |                v
`--vuln-type os,library --list-pkgs`  |       v         |             v              |                v                |                v

Signed-off-by: Yuval Goldberg <yuvigoldi@gmail.com>

docs/getting-started/cli/client.md

@@ -21,7 +21,7 @@ OPTIONS:
    --ignorefile value          specify .trivyignore file (default: ".trivyignore") [$TRIVY_IGNOREFILE]
    --timeout value             timeout (default: 5m0s) [$TRIVY_TIMEOUT]
    --ignore-policy value       specify the Rego file to evaluate each vulnerability [$TRIVY_IGNORE_POLICY]
-   --list-all-pkgs             enabling the option will output all packages regardless of vulnerability (default: false) [$TRIVY_LIST_ALL_PKGS]
+   --list-pkgs                 enabling the option will output all packages regardless of vulnerability (default: false) [$TRIVY_LIST_PKGS]
    --offline-scan              do not issue API requests to identify dependencies (default: false) [$TRIVY_OFFLINE_SCAN]
    --token value               for authentication [$TRIVY_TOKEN]
    --token-header value        specify a header name for token (default: "Trivy-Token") [$TRIVY_TOKEN_HEADER]

docs/getting-started/cli/fs.md

@@ -24,7 +24,7 @@ OPTIONS:
    --timeout value                                timeout (default: 5m0s) [$TRIVY_TIMEOUT]
    --no-progress                                  suppress progress bar (default: false) [$TRIVY_NO_PROGRESS]
    --ignore-policy value                          specify the Rego file to evaluate each vulnerability [$TRIVY_IGNORE_POLICY]
-   --list-all-pkgs                                enabling the option will output all packages regardless of vulnerability (default: false) [$TRIVY_LIST_ALL_PKGS]
+   --list-pkgs                                    enabling the option will output all packages regardless of vulnerability (default: false) [$TRIVY_LIST_PKGS]
    --offline-scan                                 do not issue API requests to identify dependencies (default: false) [$TRIVY_OFFLINE_SCAN]
    --skip-files value                             specify the file paths to skip traversal [$TRIVY_SKIP_FILES]
    --skip-dirs value                              specify the directories where the traversal is skipped [$TRIVY_SKIP_DIRS]

docs/getting-started/cli/image.md

@@ -25,7 +25,7 @@ OPTIONS:
    --ignorefile value          specify .trivyignore file (default: ".trivyignore") [$TRIVY_IGNOREFILE]
    --timeout value             timeout (default: 5m0s) [$TRIVY_TIMEOUT]
    --ignore-policy value       specify the Rego file to evaluate each vulnerability [$TRIVY_IGNORE_POLICY]
-   --list-all-pkgs             enabling the option will output all packages regardless of vulnerability (default: false) [$TRIVY_LIST_ALL_PKGS]
+   --list-pkgs                 enabling the option will output all packages regardless of vulnerability (default: false) [$TRIVY_LIST_PKGS]
    --offline-scan              do not issue API requests to identify dependencies (default: false) [$TRIVY_OFFLINE_SCAN]
    --skip-files value          specify the file path to skip traversal [$TRIVY_SKIP_FILES]
    --skip-dirs value           specify the directory where the traversal is skipped [$TRIVY_SKIP_DIRS]

docs/getting-started/cli/repo.md

@@ -25,7 +25,7 @@ OPTIONS:
    --no-progress               suppress progress bar (default: false) [$TRIVY_NO_PROGRESS]
    --quiet, -q                      suppress progress bar and log output (default: false) [$TRIVY_QUIET]
    --ignore-policy value       specify the Rego file to evaluate each vulnerability [$TRIVY_IGNORE_POLICY]
-   --list-all-pkgs             enabling the option will output all packages regardless of vulnerability (default: false) [$TRIVY_LIST_ALL_PKGS]
+   --list-pkgs                 enabling the option will output all packages regardless of vulnerability (default: false) [$TRIVY_LIST_PKGS]
    --offline-scan              do not issue API requests to identify dependencies (default: false) [$TRIVY_OFFLINE_SCAN]
    --skip-files value          specify the file path to skip traversal [$TRIVY_SKIP_FILES]
    --skip-dirs value           specify the directory where the traversal is skipped [$TRIVY_SKIP_DIRS]

docs/getting-started/cli/rootfs.md

@@ -24,7 +24,7 @@ OPTIONS:
    --timeout value                                timeout (default: 5m0s) [$TRIVY_TIMEOUT]
    --no-progress                                  suppress progress bar (default: false) [$TRIVY_NO_PROGRESS]
    --ignore-policy value                          specify the Rego file to evaluate each vulnerability [$TRIVY_IGNORE_POLICY]
-   --list-all-pkgs                                enabling the option will output all packages regardless of vulnerability (default: false) [$TRIVY_LIST_ALL_PKGS]
+   --list-pkgs                                    enabling the option will output all packages regardless of vulnerability (default: false) [$TRIVY_LIST_PKGS]
    --offline-scan                                 do not issue API requests to identify dependencies (default: false) [$TRIVY_OFFLINE_SCAN]
    --skip-files value                             specify the file paths to skip traversal [$TRIVY_SKIP_FILES]
    --skip-dirs value                              specify the directories where the traversal is skipped [$TRIVY_SKIP_DIRS]

pkg/commands/app.go

@@ -227,10 +227,10 @@ var (
 		EnvVars: []string{"TRIVY_IGNORE_POLICY"},
 	}
 
-	listAllPackages = cli.BoolFlag{
-		Name:    "list-all-pkgs",
+	listPackages = cli.BoolFlag{
+		Name:    "list-pkgs",
 		Usage:   "enabling the option will output all packages regardless of vulnerability",
-		EnvVars: []string{"TRIVY_LIST_ALL_PKGS"},
+		EnvVars: []string{"TRIVY_LIST_PKGS"},
 	}
 
 	skipFiles = cli.StringSliceFlag{
@@ -427,7 +427,7 @@ func NewImageCommand() *cli.Command {
 			&timeoutFlag,
 			&lightFlag,
 			&ignorePolicy,
-			&listAllPackages,
+			&listPackages,
 			&cacheBackendFlag,
 			&redisBackendCACert,
 			&redisBackendCert,
@@ -468,7 +468,7 @@ func NewFilesystemCommand() *cli.Command {
 			&timeoutFlag,
 			&noProgressFlag,
 			&ignorePolicy,
-			&listAllPackages,
+			&listPackages,
 			&offlineScan,
 			stringSliceFlag(skipFiles),
 			stringSliceFlag(skipDirs),
@@ -506,7 +506,7 @@ func NewRootfsCommand() *cli.Command {
 			&timeoutFlag,
 			&noProgressFlag,
 			&ignorePolicy,
-			&listAllPackages,
+			&listPackages,
 			&offlineScan,
 			stringSliceFlag(skipFiles),
 			stringSliceFlag(skipDirs),
@@ -548,7 +548,7 @@ func NewRepositoryCommand() *cli.Command {
 			&noProgressFlag,
 			&quietFlag,
 			&ignorePolicy,
-			&listAllPackages,
+			&listPackages,
 			&offlineScan,
 			&insecureFlag,
 			stringSliceFlag(skipFiles),
@@ -584,7 +584,7 @@ func NewClientCommand() *cli.Command {
 			stringSliceFlag(skipFiles),
 			stringSliceFlag(skipDirs),
 			stringSliceFlag(configPolicy),
-			&listAllPackages,
+			&listPackages,
 			&offlineScan,
 			&insecureFlag,
 

pkg/commands/artifact/run.go

@@ -177,7 +177,7 @@ func scan(ctx context.Context, opt Option, initializeScanner InitializeScanner,
 		VulnType:            opt.VulnType,
 		SecurityChecks:      opt.SecurityChecks,
 		ScanRemovedPackages: opt.ScanRemovedPkgs, // this is valid only for image subcommand
-		ListAllPackages:     opt.ListAllPkgs,
+		ListPackages:        opt.ListPkgs,
 	}
 	log.Logger.Debugf("Vulnerability type:  %s", scanOptions.VulnType)
 

pkg/commands/client/run.go

@@ -62,7 +62,7 @@ func runWithTimeout(ctx context.Context, opt Option) error {
 		VulnType:            opt.VulnType,
 		SecurityChecks:      opt.SecurityChecks,
 		ScanRemovedPackages: opt.ScanRemovedPkgs,
-		ListAllPackages:     opt.ListAllPkgs,
+		ListPackages:        opt.ListPkgs,
 	}
 	log.Logger.Debugf("Vulnerability type:  %s", scanOptions.VulnType)
 

pkg/commands/option/image.go

@@ -7,13 +7,13 @@ import (
 // ImageOption holds the options for scanning images
 type ImageOption struct {
 	ScanRemovedPkgs bool
-	ListAllPkgs     bool
+	ListPkgs        bool
 }
 
 // NewImageOption is the factory method to return ImageOption
 func NewImageOption(c *cli.Context) ImageOption {
 	return ImageOption{
 		ScanRemovedPkgs: c.Bool("removed-pkgs"),
-		ListAllPkgs:     c.Bool("list-all-pkgs"),
+		ListPkgs:        c.Bool("list-pkgs"),
 	}
 }

pkg/rpc/client/client.go

@@ -66,9 +66,9 @@ func (s Scanner) Scan(target, artifactKey string, blobKeys []string, options typ
 			ArtifactId: artifactKey,
 			BlobIds:    blobKeys,
 			Options: &rpc.ScanOptions{
-				VulnType:        options.VulnType,
-				SecurityChecks:  options.SecurityChecks,
-				ListAllPackages: options.ListAllPackages,
+				VulnType:       options.VulnType,
+				SecurityChecks: options.SecurityChecks,
+				ListPackages:   options.ListPackages,
 			},
 		})
 		return err

pkg/rpc/server/server.go

@@ -39,9 +39,9 @@ func NewScanServer(s scanner.Driver, vulnClient result.Client) *ScanServer {
 // Scan scans and return response
 func (s *ScanServer) Scan(_ context.Context, in *rpcScanner.ScanRequest) (*rpcScanner.ScanResponse, error) {
 	options := types.ScanOptions{
-		VulnType:        in.Options.VulnType,
-		SecurityChecks:  in.Options.SecurityChecks,
-		ListAllPackages: in.Options.ListAllPackages,
+		VulnType:       in.Options.VulnType,
+		SecurityChecks: in.Options.SecurityChecks,
+		ListPackages:   in.Options.ListPackages,
 	}
 	results, os, err := s.localScanner.Scan(in.Target, in.ArtifactId, in.BlobIds, options)
 	if err != nil {

pkg/scanner/local/scan.go

@@ -147,7 +147,7 @@ func (s Scanner) scanOSPkgs(target string, detail ftypes.ArtifactDetail, options
 		return nil, eosl, nil
 	}
 
-	if options.ListAllPackages {
+	if options.ListPackages {
 		sort.Slice(pkgs, func(i, j int) bool {
 			return strings.Compare(pkgs[i].Name, pkgs[j].Name) <= 0
 		})
@@ -215,7 +215,7 @@ func (s Scanner) scanLibrary(apps []ftypes.Application, options types.ScanOption
 			Class:           types.ClassLangPkg,
 			Type:            app.Type,
 		}
-		if options.ListAllPackages {
+		if options.ListPackages {
 			libReport.Packages = app.Libraries
 		}
 		results = append(results, libReport)

pkg/scanner/local/scan_test.go

@@ -157,9 +157,9 @@ func TestScanner_Scan(t *testing.T) {
 				target:   "alpine:latest",
 				layerIDs: []string{"sha256:5216338b40a7b96416b8b9858974bbe4acc3096ee60acbc4dfb1ee02aecceb10"},
 				options: types.ScanOptions{
-					VulnType:        []string{types.VulnTypeOS, types.VulnTypeLibrary},
-					SecurityChecks:  []string{types.SecurityCheckVulnerability},
-					ListAllPackages: true,
+					VulnType:       []string{types.VulnTypeOS, types.VulnTypeLibrary},
+					SecurityChecks: []string{types.SecurityCheckVulnerability},
+					ListPackages:   true,
 				},
 			},
 			fixtures: []string{"testdata/fixtures/happy.yaml"},

pkg/types/scanoptions.go

@@ -5,5 +5,5 @@ type ScanOptions struct {
 	VulnType            []string
 	SecurityChecks      []string
 	ScanRemovedPackages bool
-	ListAllPackages     bool
+	ListPackages        bool
 }