Filename validation happens with default schema

[mmarseu]

Is it intentional behavior that the validate command validates the filename even when using the default schema? It seems counterintuitive, since this is a very special requirement that we probably shouldn't impose on every user of the tool.

I know filename validation can be "disabled" manually in a sense by providing a catch-all regex (i.e., .*) to the --filename-pattern option but IMO the default behavior should be either:

• no validation at all, since the CycloneDX standard doesn't require any particular filename
• or a warning (no error) if the filename doesn't match what CycloneDX recommends (i.e., bom.json or *.cdx.json), with an option to disable (e.g., --no-filename)

[italvi]

I know, it is only a recommendation, but we do allow bom.json per default and imho we should at least try to set a standard.

However, your second suggestion works for me as well, as always using bom.json is ambiguous.

[mmarseu]

However, your second suggestion works for me as well, as always using bom.json is ambiguous.

Alright, I'll take care of it.