feat: command line arguements for vex

intel / cve-bin-tool

The CVE Binary Tool helps you determine if your system includes known vulnerabilities. You can scan binaries for over 200 common, vulnerable components (openssl, libpng, libxml2, expat and others), or if you know the components used, you can get a list of known vulnerabilities associated with an SBOM or a list of components and versions.

https://cve-bin-tool.readthedocs.io/en/latest/

GNU General Public License v3.0

1.14k stars 444 forks source link

feat: command line arguements for vex #4226

Open mastersans opened 4 days ago

mastersans commented 4 days ago

added commands for vex input and output
generation support shifted to use vex_manager
the test would fail due to mismatch of pypi and github version of lib4sbom
errors are quick to fix, but I thought to draft a PR

cc @anthonyharrison @terriko

mastersans commented 2 days ago

also I'll include spdx vex support in later commits once the project is more towards the completion.

mastersans commented 1 day ago

Hey @anthonyharrison I have made the requested changes can you checkout them, Thanks