False version display 0.4.5 bomber

devops-kung-fu / bomber

Scans Software Bill of Materials (SBOMs) for security vulnerabilities

https://devops-kung-fu.github.io/bomber/

Mozilla Public License 2.0

516 stars 45 forks source link

False version display 0.4.5 bomber #176

Closed AJIOXA closed 1 year ago

AJIOXA commented 1 year ago

bomberIssues I have downloaded new version of bomber 0.4.5, however bomber displays current version as 0.4.4 also not sure why, but currently bomber generate report and the exit with code 1 bomber2 bomber3 as far as i understood, exit code 1 is just because of critical issues in report of bomber, but is it possible to set by myself the number of issues which will cause exit code 1? Thank you in advance!

AJIOXA commented 1 year ago

Founded flag --fail just not displays in --help menu

djschleen commented 1 year ago

I'll take care of that and bump the version

ZheSun88 commented 1 year ago

we have run the bomber 0.4.5 (sceenshown version 0.4.4 like it mentioned above)

we got this summary.

"summary": {
        "Unspecified": 0,
        "Low": 0,
        "Moderate": 0,
        "High": 0,
        "Critical": 0
    }

then the exit code returns 10, should it return 0 instead? another issue has been created here. https://github.com/devops-kung-fu/bomber/issues/178

djschleen commented 1 year ago

@ZheSun88 we have a fix for it coming out today to address the exit code logic, and have updated the README.md to explain what the --severity and --exitcode flag are.