diff --git a/help/cli-commands/README.md b/help/cli-commands/README.md index da5ce34c78a..0fb60594f44 100644 --- a/help/cli-commands/README.md +++ b/help/cli-commands/README.md @@ -46,7 +46,7 @@ The `snyk code test` command finds security issues using Static Code Analysis. ### [`snyk sbom`](sbom.md) -Produce an SBOM for a local software project in an ecosystem supported by Snyk. +Generate or test an SBOM document in ecosystems supported by Snyk. ### [`snyk log4shell`](log4shell.md) diff --git a/help/cli-commands/sbom-test.md b/help/cli-commands/sbom-test.md new file mode 100644 index 00000000000..da02eba9f72 --- /dev/null +++ b/help/cli-commands/sbom-test.md @@ -0,0 +1,54 @@ +# SBOM test + +**Feature availability:** This feature is available to customers on Snyk Enterprise plans. + +## Usage + +`snyk sbom test --experimental --file= []` + +## Description + +The `snyk sbom test` command checks SBOM files for vulnerabilities in open-source packages. + +## Exit codes + +Possible exit codes and their meaning: + +**0**: success (scan completed), no vulnerabilities found\ +**1**: action_needed (scan completed), vulnerabilities found\ +**2**: failure, try to re-run the command + +## Configure the Snyk CLI + +You can use environment variables to configure the Snyk CLI and set variables for connecting with the Snyk API. See [Configure the Snyk CLI](https://docs.snyk.io/snyk-cli/configure-the-snyk-cli) + +## Debug + +Use the `-d` or `--debug` option to output the debug logs. + +## Options + +### `--experimental` + +Required. Use experimental command features. This option is currently required as the command is in its experimental phase. + +### `--file=` + +Required. Specify the file path of the SBOM document. + +The `snyk sbom test` command accepts the following file formats: + +- **CycloneDX:** JSON version 1.4, 1.5 and 2.0 +- **SPDX:** JSON version 2.3 and 2.3.1 + +Packages and components within the provided SBOM file must be identified by a PackageURL (purl). + +Supported purl types are: `apk`, `deb`, `cargo`, `cocoapods`, `composer`, `gem`, `generic`, `golang`, `hex`, `maven`, `npm`, `nuget`, `pypi`, `rpm`, `swift`. + +Example: `$ snyk sbom test --experimental --file=bom.cdx.json` + +### `--json` + +Print results on the console as a JSON data structure. + +Example: `$ snyk sbom test --experimental --file=bom.cdx.json --json` diff --git a/help/cli-commands/sbom.md b/help/cli-commands/sbom.md index ff992cfd3a3..a2c982c7fbf 100644 --- a/help/cli-commands/sbom.md +++ b/help/cli-commands/sbom.md @@ -1,3 +1,7 @@ +--- +description: Generate an SBOM document from a local file system. +--- + # SBOM ## Prerequisites