Skip to content

feat: add sbom test with reachability command proxy #6084

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
PeterSchafer merged 1 commit into from
Aug 4, 2025
Merged

feat: add sbom test with reachability command proxy #6084

PeterSchafer merged 1 commit into from
Aug 4, 2025

Conversation

@paulrosca-snyk
Copy link
Contributor

@paulrosca-snyk paulrosca-snyk commented Aug 1, 2025
edited
Loading

Pull Request Submission Checklist

  • Follows CONTRIBUTING guidelines
  • Commit messages
    are release-note ready, emphasizing
    what was changed, not how.
  • Includes detailed description of changes
  • Contains risk assessment (Low | Medium | High)
  • Highlights breaking API changes (if applicable)
  • Links to automated tests covering new functionality
  • Includes manual testing instructions (if necessary)
  • Updates relevant GitBook documentation (PR link: ___)
  • Includes product update to be announced in the next stable release notes

What does this PR do?

Updates the cli-extension-sbom and cli-extension-os-flows.

  • Adds support for snyk sbom test --file="sbom.json" --reachability which will proxy to snyk test --sbom="sbom.json" --reachability
  • Fixes bug in template rendering for snyk test --reachability

Where should the reviewer start?

How should this be manually tested?

snyk sbom test --file="sbom.json" --reachability --source-dir="/path/to/source/directory/"

should output the same result as

snyk test --sbom="sbom.jsom" --reachability" --source-dir="/path/to/source/directory/"

What's the product update that needs to be communicated to CLI users?

N/A. This should only be available to people that have the feature flag enabled.

Risk assessment (Low | Medium | High)?

Low - this is just adding a proxy to an existing command and the functionality is gated behind feature flags.

@paulrosca-snyk paulrosca-snyk marked this pull request as ready for review August 1, 2025 14:47
@paulrosca-snyk paulrosca-snyk requested a review from a team as a code owner August 1, 2025 14:47
@paulrosca-snyk paulrosca-snyk force-pushed the feat/snyk-sbom-test-reachability branch from f637273 to fc10ea8 Compare August 1, 2025 14:52
@snyk-io
Copy link

snyk-io bot commented Aug 1, 2025
edited
Loading

🎉 Snyk checks have passed. No issues have been found so far.

security/snyk check is complete. No issues have been found. (View Details)

license/snyk check is complete. No issues have been found. (View Details)

code/snyk check is complete. No issues have been found. (View Details)

@paulrosca-snyk paulrosca-snyk force-pushed the feat/snyk-sbom-test-reachability branch from fc10ea8 to 7bb1a1e Compare August 4, 2025 07:51
@PeterSchafer PeterSchafer reopened this Aug 4, 2025
@PeterSchafer PeterSchafer enabled auto-merge August 4, 2025 09:13
@PeterSchafer PeterSchafer merged commit 315ae3c into main Aug 4, 2025
11 checks passed
@PeterSchafer PeterSchafer deleted the feat/snyk-sbom-test-reachability branch August 4, 2025 09:34
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@PeterSchafer PeterSchafer PeterSchafer approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@paulrosca-snyk @PeterSchafer