diff --git a/.vscode/launch.json b/.vscode/launch.json index 76c1e15..fd70ba6 100644 --- a/.vscode/launch.json +++ b/.vscode/launch.json @@ -4,6 +4,17 @@ // For more information, visit: https://go.microsoft.com/fwlink/?linkid=830387 "version": "0.2.0", "configurations": [ + + { + "showGlobalVariables": true, + "name": "Debug: validate", + "type": "go", + "request": "launch", + "mode": "debug", + "program": "main.go", // "program": "${file}", + "args": ["validate", "-i", "examples/cyclonedx/SBOM/protonmail-webclient-v4-0912dff/bom.json"], + "dlvFlags": ["--check-go-version=false"] + }, { "showGlobalVariables": true, "name": "Debug: validate (offline)", diff --git a/README.md b/README.md index 2ff5755..08a3ab5 100644 --- a/README.md +++ b/README.md @@ -328,6 +328,10 @@ Use the [schema](#schema) command to list supported schemas formats, versions an Customized JSON schemas can also be permanently configured as named schema "variants" within the utility's configuration file. See [adding schemas](#adding-schemas). +- **Overriding default schema** + - Using the [`--force` flag](#--force-flag) and passing in a URI to an alternative JSON schema. +- **"Customized" schema** variants, perhaps derived from standard BOM schemas, can be used for validation using the `--variant` flag (e.g., industry or company-specific schemas). + - **Note**: *These variants need to be built into the utility binary as a resource.* - **Overriding default schema** - Using the [`--force` flag](#--force-flag) and passing in a URI to an alternative JSON schema. - **"Customized" schema** variants, perhaps derived from standard BOM schemas, can be used for validation using the `--variant` flag (e.g., industry or company-specific schemas). @@ -339,6 +343,11 @@ The following flags can be used to improve performance when formatting error out ##### `--force` flag +You can override the schema used for validation *(which defaults to the schema that matches the declared format and version found in the input BOM file)* by providing a different one using the `--force` flag. This may be useful to verify a BOM contents against a newer specification version or provide a customized schema. + - **Note**: *The `--force` flag works with schema files with valid URIs which include URLs (e.g., 'https://') and files (e.g., 'file://').* + +##### `--force` flag + You can override the schema used for validation *(which defaults to the schema that matches the declared format and version found in the input BOM file)* by providing a different one using the `--force` flag. This may be useful to verify a BOM contents against a newer specification version or provide a customized schema. - **Note**: *The `--force` flag works with schema files with valid URIs which include URLs (e.g., 'https://') and files (e.g., 'file://').* @@ -386,12 +395,6 @@ echo $? 0 // no error (valid) ``` -##### Example: Validate 1.5 - -```bash -./sbom-utility validate -i test/cyclonedx/cdx-1-5-mature-example-1.json -``` - ##### Example: Validate using a remote JSON schema file using '--force' flag ```bash diff --git a/cmd/validate.go b/cmd/validate.go index dc507cf..8c7088b 100644 --- a/cmd/validate.go +++ b/cmd/validate.go @@ -323,7 +323,7 @@ func Validate(writer io.Writer, persistentFlags utils.PersistentCommandFlags, va } if errLoad != nil { - return INVALID, bom, schemaErrors, fmt.Errorf("unable to load schema: '%s'", schemaName) + return INVALID, bom, schemaErrors, fmt.Errorf("unable to load schema: `%s`", schemaName) } }