From fee74d57b87fe52011ac2c56d7aa379eaf44d48c Mon Sep 17 00:00:00 2001 From: Alex Goodman Date: Thu, 1 Jul 2021 10:52:57 -0400 Subject: [PATCH] Update documentation to show SPDX support (#452) * add docs for spdx support Signed-off-by: Alex Goodman * copy updates for format options Signed-off-by: Alex Goodman --- README.md | 4 +++- cmd/packages.go | 4 +++- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 75754c1da..c1e4d61b9 100644 --- a/README.md +++ b/README.md @@ -83,7 +83,9 @@ syft packages -o Where the `format`s available are: - `json`: Use this to get as much information out of Syft as possible! - `text`: A row-oriented, human-and-machine-friendly output. -- `cyclonedx`: A XML report conforming to the [CycloneDX 1.2](https://cyclonedx.org/) specification. +- `cyclonedx`: A XML report conforming to the [CycloneDX 1.2 specification](https://cyclonedx.org/specification/overview/). +- `spdx`: A tag-value formatted report conforming to the [SPDX 2.2 specification](https://spdx.github.io/spdx-spec/). +- `spdx-json`: A JSON report conforming to the [SPDX 2.2 JSON Schema](https://github.com/spdx/spdx-spec/blob/v2.2/schemas/spdx-schema.json). - `table`: A columnar summary (default). ## Installation diff --git a/cmd/packages.go b/cmd/packages.go index 32cd3474a..07351c899 100644 --- a/cmd/packages.go +++ b/cmd/packages.go @@ -28,7 +28,9 @@ import ( const ( packagesExample = ` {{.appName}} {{.command}} alpine:latest a summary of discovered packages {{.appName}} {{.command}} alpine:latest -o json show all possible cataloging details - {{.appName}} {{.command}} alpine:latest -o cyclonedx show a CycloneDX SBOM + {{.appName}} {{.command}} alpine:latest -o cyclonedx show a CycloneDX formatted SBOM + {{.appName}} {{.command}} alpine:latest -o spdx show a SPDX 2.2 tag-value formatted SBOM + {{.appName}} {{.command}} alpine:latest -o spdx-json show a SPDX 2.2 JSON formatted SBOM {{.appName}} {{.command}} alpine:latest -vv show verbose debug information Supports the following image sources: