Closed spiffcs closed 9 months ago
The main change for this PR surrounds the reporting structure and how grant parses user requests.
grant check gpl
grant check alpine:latest
grant check ubuntu.spdx.json
grant check ./contents
grant check alpine:latest, ubuntu.spdx.json
syft -o json ubuntu:latest | grant check MIT, alpine:latest, wolfi.spdx.json, ./contents
Summary
The main change for this PR surrounds the reporting structure and how grant parses user requests.
Example grant command showing the different inputs
grant check gpl
(Single License)grant check alpine:latest
(Single Image)grant check ubuntu.spdx.json
(Single SBOM)grant check ./contents
(Folder where grant will check each item to run an eval against)grant check alpine:latest, ubuntu.spdx.json
(Multiple source: image and sbom)syft -o json ubuntu:latest | grant check MIT, alpine:latest, wolfi.spdx.json, ./contents
(Everything all at once)