fix(cli): show info message only when --scanners is available - Githubissues

aquasecurity / trivy

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

https://aquasecurity.github.io/trivy

Apache License 2.0

22.1k stars 2.18k forks source link

fix(cli): show info message only when --scanners is available #7032

Closed knqyf263 closed 1 week ago

knqyf263 commented 1 week ago

Description

trivy convert shows the following message even though it doesn't have --scanners flag.

Before

$ trivy convert -f cyclonedx /tmp/with_vulns.json -o /dev/null
2024-06-27T07:33:52+04:00       INFO    "--format cyclonedx" disables security scanning. Specify "--scanners vuln" explicitly if you want to include vulnerabilities in the CycloneDX report.

After

$ trivy convert -f cyclonedx /tmp/with_vulns.json -o /dev/null

Related issues

Discussion: https://github.com/aquasecurity/trivy/discussions/7016

Checklist

[x] I've read the guidelines for contributing to this repository.
[x] I've followed the conventions in the PR title.
[x] I've added tests that prove my fix is effective or that my feature works.
[ ] I've updated the documentation with the relevant information (if needed).
[ ] I've added usage information (if the PR introduces new options)
[x] I've included a "before" and "after" example to the description (if the PR is a user interface change).