You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
There is currently no support in Syft for this but it can be accomplished by executing multiple times. This is less than ideal, as scans have the potential to be slow. Once Syft has some support, we can look at adding this to sbom-action.
Always output the syft json format, additionally allow other outputs (defaulting to today's behavior of outputting SPDX json). This will help to enable grype scanning (with high efficiency) between the sbom-action and the scan-action.
After a talk with @kzantow I learned this issue was made to allow the generation of syft json AND spdx files, the former meant for vulnerability scanning, the latter for publishing purposes. But currently vuln scanning can ingest either format, so the two files aren't required.
The use case where multiple outputs may be relevant, for SBOM action and CLI, is to generate a file while also printing SBOM as a table -- the table here is a visual helper to whoever ran the tool.
jonasagx
changed the title
Allow multiple output of different formats
Print table view when generating output file
Mar 7, 2022
There is currently no support in Syft for this but it can be accomplished by executing multiple times. This is less than ideal, as scans have the potential to be slow. Once Syft has some support, we can look at adding this to
sbom-action
.See:
The text was updated successfully, but these errors were encountered: