feat(sbom): add purls to json test results #5809

paulrosca-snyk · 2025-04-03T06:20:14Z

Pull Request Submission Checklist

Follows CONTRIBUTING guidelines
Includes detailed description of changes
Contains risk assessment (Low | Medium | High)
Highlights breaking API changes (if applicable)
Links to automated tests covering new functionality
Includes manual testing instructions (if necessary)
Updates relevant GitBook documentation (PR link: ___)
Includes product update to be announced in the next stable release notes

What does this PR do?

Upgrades cli-extension-sbom to the latest version. In this version, the --json output of the snyk sbom test command will also include packageUrl as a field on the vulnerability results.

Where should the reviewer start?

How should this be manually tested?

Running the snyk sbom test --experimental --file=PATH_TO_SBOM --json should return a list of vulnerabilities which also contain the package url of the affected package.

What's the product update that needs to be communicated to CLI users?

paulrosca-snyk force-pushed the UNIFY-569-snyk-sbom-test-doesnt-provide-purl-or-bom-ref-information branch from 0c9d5e1 to ba29c8a Compare April 3, 2025 07:36

feat(sbom): add purls to json test results

42daf2c

paulrosca-snyk force-pushed the UNIFY-569-snyk-sbom-test-doesnt-provide-purl-or-bom-ref-information branch from ba29c8a to 42daf2c Compare April 3, 2025 07:49

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

feat(sbom): add purls to json test results #5809

feat(sbom): add purls to json test results #5809

paulrosca-snyk commented Apr 3, 2025

feat(sbom): add purls to json test results #5809

Are you sure you want to change the base?

feat(sbom): add purls to json test results #5809

Conversation

paulrosca-snyk commented Apr 3, 2025

Pull Request Submission Checklist

What does this PR do?

Where should the reviewer start?

How should this be manually tested?

What's the product update that needs to be communicated to CLI users?