Add strict SBOM validation flag.

djschleen · web-flow · commit 4ac8a7b6a1f8 · 2024-10-09T00:56:05.000Z
* trustier will only validate an SBOM with the CycloneDX Bom validator if strict is set to true.
diff --git a/src/main.rs b/src/main.rs
@@ -33,6 +33,10 @@ struct Args {
     //Optional file name to write json output to
     #[arg(short, long, required = false)]
     output_file: Option<String>,
+
+    //Optional flag to enable strict SBOM validation
+    #[arg(short, long, default_value_t = false)]
+    strict: bool,
 }
 
 fn main() {
@@ -67,7 +71,7 @@ fn main() {
         }
     };
 
-    if !bom.validate().passed() {
+    if args.strict && !bom.validate().passed() {
         eprintln!("* Provided input is not a valid SBOM");
         return;
     }

Original file line number	Diff line number	Diff line change
`@@ -33,6 +33,10 @@ struct Args {`
`33`	`33`	`//Optional file name to write json output to`
`34`	`34`	`#[arg(short, long, required = false)]`
`35`	`35`	`output_file: Option<String>,`
	`36`	`+`
	`37`	`+ //Optional flag to enable strict SBOM validation`
	`38`	`+ #[arg(short, long, default_value_t = false)]`
	`39`	`+ strict: bool,`
`36`	`40`	`}`
`37`	`41`
`38`	`42`	`fn main() {`
`@@ -67,7 +71,7 @@ fn main() {`
`67`	`71`	`}`
`68`	`72`	`};`
`69`	`73`
`70`		`- if !bom.validate().passed() {`
	`74`	`+ if args.strict && !bom.validate().passed() {`
`71`	`75`	`eprintln!("* Provided input is not a valid SBOM");`
`72`	`76`	`return;`
`73`	`77`	`}`