Update deprecated syft packages command to syft scan

defenseunicorns · Mar 22, 2024 · 4b8749b · 4b8749b
1 parent 0689007
commit 4b8749b
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 3 deletions.
diff --git a/Makefile b/Makefile
@@ -219,10 +219,11 @@ test-docs-and-schema:
 
 # INTERNAL: used to test for new CVEs that may have been introduced
 test-cves:
-	go run main.go tools sbom packages . -o json --exclude './docs-website' --exclude './examples' | grype --fail-on low
+	go run main.go tools sbom scan . -o json --exclude './docs-website' --exclude './examples' | grype --fail-on low
 
 cve-report: ## Create a CVE report for the current project (must `brew install grype` first)
-	go run main.go tools sbom packages . -o json --exclude './docs-website' --exclude './examples' | grype -o template -t hack/.templates/grype.tmpl > build/zarf-known-cves.csv
+	@test -d ./build || mkdir ./build
+	go run main.go tools sbom scan . -o json --exclude './docs-website' --exclude './examples' | grype -o template -t hack/.templates/grype.tmpl > build/zarf-known-cves.csv
 
 lint-go: ## Run revive to lint the go code (must `brew install revive` first)
 	revive -config revive.toml -exclude src/cmd/viper.go -formatter stylish ./src/...
diff --git a/docs/3-create-a-zarf-package/6-package-sboms.md b/docs/3-create-a-zarf-package/6-package-sboms.md
@@ -30,7 +30,7 @@ Given the Syft CLI is vendored into Zarf you can run these commands with the Zar
 
 ```bash
 # Syft is vendored as `zarf tools sbom`
-$ zarf tools sbom packages file:path/to/yourproject/file -o json > my-sbom.json
+$ zarf tools sbom scan file:path/to/yourproject/file -o json > my-sbom.json
 ```
 
 :::