fix: Fix error in sbom command when using --json-file-output (#5136)

snyk · Mar 25, 2024 · eee1ec5 · eee1ec5
1 parent 6aca5db
commit eee1ec5
Show file tree

Hide file tree

Showing 3 changed files with 33 additions and 3 deletions.
diff --git a/cliv2/go.mod b/cliv2/go.mod
@@ -13,7 +13,7 @@ require (
 	github.com/snyk/cli-extension-iac-rules v0.0.0-20230601153200-c572cfce46ce
 	github.com/snyk/cli-extension-sbom v0.0.0-20240314090036-46535b380426
 	github.com/snyk/container-cli v0.0.0-20240322120441-6d9b9482f9b1
-	github.com/snyk/go-application-framework v0.0.0-20240325111322-3ab1f2dfef13
+	github.com/snyk/go-application-framework v0.0.0-20240325175807-5cb112133ceb
 	github.com/snyk/go-httpauth v0.0.0-20240307114523-1f5ea3f55c65
 	github.com/snyk/snyk-iac-capture v0.6.5
 	github.com/snyk/snyk-ls v0.0.0-20240318135323-bd809c95fbe4

diff --git a/cliv2/go.sum b/cliv2/go.sum
@@ -660,8 +660,8 @@ github.com/snyk/code-client-go v0.3.1 h1:jCYBRJJ/qVlPRqJONwmwpMCMe7s/lulbJQE6KUe
 github.com/snyk/code-client-go v0.3.1/go.mod h1:D+cfqDbuZE1S106bY3Tr+ZXLb9BR16kKBtvlf0xdyNA=
 github.com/snyk/container-cli v0.0.0-20240322120441-6d9b9482f9b1 h1:9RKY9NdX5DrJAoVXDP0JiqrXT+4Nb9NH8pjEcA0NsLA=
 github.com/snyk/container-cli v0.0.0-20240322120441-6d9b9482f9b1/go.mod h1:38w+dcAQp9eG3P5t2eNS9eG0reut10AeJjLv5lJ5lpM=
-github.com/snyk/go-application-framework v0.0.0-20240325111322-3ab1f2dfef13 h1:5ZoA7CduF4mQLfmzqxQ1RSX9OXr+L2z5kF9pI2nUmfs=
-github.com/snyk/go-application-framework v0.0.0-20240325111322-3ab1f2dfef13/go.mod h1:Yz/qxFyfhf0xbA+z8Vzr5IM9IDG+BS+2PiGaP1yAsEw=
+github.com/snyk/go-application-framework v0.0.0-20240325175807-5cb112133ceb h1:ovhyFAt2BDPNmzJ1M2KuGz0s2GSfiY9VoMF4/EvMG00=
+github.com/snyk/go-application-framework v0.0.0-20240325175807-5cb112133ceb/go.mod h1:Yz/qxFyfhf0xbA+z8Vzr5IM9IDG+BS+2PiGaP1yAsEw=
 github.com/snyk/go-httpauth v0.0.0-20240307114523-1f5ea3f55c65 h1:CEQuYv0Go6MEyRCD3YjLYM2u3Oxkx8GpCpFBd4rUTUk=
 github.com/snyk/go-httpauth v0.0.0-20240307114523-1f5ea3f55c65/go.mod h1:88KbbvGYlmLgee4OcQ19yr0bNpXpOr2kciOthaSzCAg=
 github.com/snyk/policy-engine v0.22.0 h1:od9pduGrXyfWO791X+8M1qmnvWUxaIXh0gBzGKqeseA=

diff --git a/test/jest/acceptance/snyk-sbom/sbom.spec.ts b/test/jest/acceptance/snyk-sbom/sbom.spec.ts
@@ -1,6 +1,7 @@
 import { createProjectFromWorkspace } from '../../util/createProject';
 import { runSnykCLI } from '../../util/runSnykCLI';
 import { fakeServer } from '../../../acceptance/fake-server';
+import * as fs from 'fs';
 
 jest.setTimeout(1000 * 60 * 5);
 
@@ -83,6 +84,35 @@ describe('snyk sbom (mocked server only)', () => {
     );
   });
 
+  test('`sbom` is written to a file - CycloneDX 1.4', async () => {
+    const project = await createProjectFromWorkspace('npm-package');
+
+    const { code } = await runSnykCLI(
+      `sbom --org aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee --format cyclonedx1.4+json --debug --json-file-output sbom.json`,
+      {
+        cwd: project.path(),
+        env,
+      },
+    );
+
+    expect(code).toEqual(0);
+
+    const sbomFileContent = fs.readFileSync(
+      project.path() + '/sbom.json',
+      'utf8',
+    );
+    const bom = JSON.parse(sbomFileContent);
+    expect(bom.metadata.tools).toEqual(
+      expect.arrayContaining([
+        {
+          vendor: 'Snyk',
+          name: 'snyk-cli',
+          version: expect.any(String),
+        },
+      ]),
+    );
+  });
+
   test('`sbom` generates an SBOM for a single project - CycloneDX 1.5', async () => {
     const project = await createProjectFromWorkspace('npm-package');