From 4b8749b16a2787cb335386c5dd206e5ea89c88fe Mon Sep 17 00:00:00 2001 From: Lucas Rodriguez Date: Fri, 22 Mar 2024 14:13:31 -0500 Subject: [PATCH] Update deprecated syft packages command to syft scan --- Makefile | 5 +++-- docs/3-create-a-zarf-package/6-package-sboms.md | 2 +- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/Makefile b/Makefile index 142669779a..46512ffc7e 100644 --- a/Makefile +++ b/Makefile @@ -219,10 +219,11 @@ test-docs-and-schema: # INTERNAL: used to test for new CVEs that may have been introduced test-cves: - go run main.go tools sbom packages . -o json --exclude './docs-website' --exclude './examples' | grype --fail-on low + go run main.go tools sbom scan . -o json --exclude './docs-website' --exclude './examples' | grype --fail-on low cve-report: ## Create a CVE report for the current project (must `brew install grype` first) - go run main.go tools sbom packages . -o json --exclude './docs-website' --exclude './examples' | grype -o template -t hack/.templates/grype.tmpl > build/zarf-known-cves.csv + @test -d ./build || mkdir ./build + go run main.go tools sbom scan . -o json --exclude './docs-website' --exclude './examples' | grype -o template -t hack/.templates/grype.tmpl > build/zarf-known-cves.csv lint-go: ## Run revive to lint the go code (must `brew install revive` first) revive -config revive.toml -exclude src/cmd/viper.go -formatter stylish ./src/... diff --git a/docs/3-create-a-zarf-package/6-package-sboms.md b/docs/3-create-a-zarf-package/6-package-sboms.md index f9826f0374..abe1919324 100644 --- a/docs/3-create-a-zarf-package/6-package-sboms.md +++ b/docs/3-create-a-zarf-package/6-package-sboms.md @@ -30,7 +30,7 @@ Given the Syft CLI is vendored into Zarf you can run these commands with the Zar ```bash # Syft is vendored as `zarf tools sbom` -$ zarf tools sbom packages file:path/to/yourproject/file -o json > my-sbom.json +$ zarf tools sbom scan file:path/to/yourproject/file -o json > my-sbom.json ``` :::