mirror of
https://github.com/anchore/syft
synced 2024-09-20 06:01:53 +00:00
ae0683074e
- Resolves #2974 - add detailed instructions re: updating schemas (a necessary task when a new CycloneDX spec version becomes available). - The DefaultVersion constant has been updated to "1.6" -- it's not clear to me how this is used at this time (it may be redundant given other code), but effectively unless a specific spec version is configured, `syft` will emit the "most recent" spec version available for cyclonedx. Users who wish to pin back to a "older" specVersion (e.g. to preserve compatibilty with utilities that have not yet bumped to latest) can either set this in a syft config file or pass a name@spec_version pair to the output flag (e.g. `-o cyclonedx-json@1.5=some-1.5-spec-bom.cdx.json`) - Regenerate relevant .golden files (there seems to be a way to do this via flags, but I couldn't quite figure out the right set to pass correctly, esp. since (as a relative go novice) I found it difficult to run just a single test file. I ended up "brute-forcing it" by changing the *updateSnapshot val to "true" and running it in Goland. A brief comment giving an example of regenerating fixtures usage would be helpful. Signed-off-by: Rajan Agaskar <ragaskar@gmail.com> |
||
|---|---|---|
| .. | ||
| cyclonedx | ||
| json | ||
| spdx-json | ||