Skip to content

feat: added aibom extension #5882

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
PeterSchafer merged 1 commit into from
May 8, 2025
Merged

feat: added aibom extension #5882

PeterSchafer merged 1 commit into from
May 8, 2025

Conversation

@denis-snyk
Copy link
Contributor

@denis-snyk denis-snyk commented May 7, 2025
edited
Loading

Pull Request Submission Checklist

  • Follows CONTRIBUTING guidelines
  • Includes detailed description of changes
  • Contains risk assessment (Low | Medium | High)
  • Highlights breaking API changes (if applicable)
  • Links to automated tests covering new functionality (Will be added to environment-testing once feature is live)
  • Includes manual testing instructions (if necessary)
  • Updates relevant GitBook documentation (Given this feature is very experimental and has restricted use, we likely don't want it in the documentation yet)
  • Includes product update to be announced in the next stable release notes

What does this PR do?

Registers a new CLI extention cli-extension-ai-bom. This version of the extension adds a single command snyk aibom which creates an AI Bill Of Materials in CycloneDX format and outputs it to the command line.
The codebase for the extension is: https://github.com/snyk/cli-extension-ai-bom . It's currently relatively small & follows the standard structure of a golang CLI extension.

Where should the reviewer start?

The main thing we do to the CLI in this PR is register the extension in cliv2/cmd/cliv2/main.go.

Risk assessment & Feature Flag

This CLI extension adds a new command. It should not impact any other commands. The command requires both a --experimental flag and an org_public_id based Feature Flag to be enabled.

How should this be manually tested?

Build the CLI, make build. Run the CLI against any python project with AI assets. e.g.
snyk aibom cli/test/fixtures/ai-bom/python-chatbot --experimental.

We intend to add e2e tests once the command is in the preview branch. This will likely be part of environment testing (unless you recommend otherwise).

What's the product update that needs to be communicated to CLI users?

Product updates to be included during Snyk Launch 2025

What are the relevant tickets?

https://snyksec.atlassian.net/browse/AIBOM-34

@denis-snyk
feat: added aibom extension
58e5143 
Added the aibom extension which contains the CLI command snyk aibom for the purposes of creating an AI Bill Of Materials.
@denis-snyk denis-snyk self-assigned this May 7, 2025
@denis-snyk denis-snyk marked this pull request as ready for review May 7, 2025 20:10
@denis-snyk denis-snyk requested a review from a team as a code owner May 7, 2025 20:10
@PeterSchafer PeterSchafer merged commit ca8ea36 into main May 8, 2025
10 checks passed
@PeterSchafer PeterSchafer deleted the feat/ai-bom branch May 8, 2025 08:18
@denis-snyk denis-snyk mentioned this pull request May 8, 2025
Closed
@CatalinSnyk CatalinSnyk mentioned this pull request May 14, 2025
Closed
8 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@PeterSchafer PeterSchafer PeterSchafer approved these changes

Assignees

@denis-snyk denis-snyk

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@denis-snyk @PeterSchafer