search

protobom / sbom-convert

Example CLI project to demo API architecture and protobom library
Apache License 2.0
13 stars 7 forks source link

Feature: Introduce diff Command for Version Comparison #47

Closed houdini91 closed 4 months ago

houdini91 commented 6 months ago

This PR introduces a new diff command to demonstrate the functionality of the NodeList API.

Note: PR uses the protobom Suggested Diff API - https://github.com/bom-squad/protobom/pull/173

For example, executing go run main.go diff syft.alpine.3.18.6.cdx.json syft.alpine.3.19.1.cdx.json will generate a comparison between two versions of a Syft Alpine image. The output will present the version drift of packages, showing which packages have been added, removed, or changed between the two versions.

Here's a sample output:

+--------------+---------+-------------+-------------+
| PACKAGE NAME | ACTION  | OLD VERSION | NEW VERSION |
+--------------+---------+-------------+-------------+
| alpine       | changed | 3.18.6      | 3.19.1      |
+--------------+---------+-------------+-------------+
ROOT ELEMENTS

+------------------------+---------+-------------+----------------------+
|      PACKAGE NAME      | ACTION  | OLD VERSION |     NEW VERSION      |
+------------------------+---------+-------------+----------------------+
| alpine                 | changed | 3.18.6      | 3.19.1               |
| alpine                 | changed | 3.18.6      | 3.19.1               |
| alpine-baselayout      | changed | 3.4.3-r1    | 3.4.3-r2             |
| alpine-baselayout-data | changed | 3.4.3-r1    | 3.4.3-r2             |
| apk-tools              | changed | 2.14.0-r2   | 2.14.0-r5            |
| busybox                | changed | 1.36.1-r5   | 1.36.1-r15           |
| busybox-binsh          | changed | 1.36.1-r5   | 1.36.1-r15           |
| musl                   | changed | 1.2.4-r2    | 1.2.4_git20230717-r4 |
| musl-utils             | changed | 1.2.4-r2    | 1.2.4_git20230717-r4 |
| scanelf                | changed | 1.3.7-r1    | 1.3.7-r2             |
| ssl_client             | changed | 1.36.1-r5   | 1.36.1-r15           |
| zlib                   | changed | 1.2.13-r1   | 1.3.1-r0             |
+------------------------+---------+-------------+----------------------+
github-actions[bot] commented 5 months ago

This PR is stale because it has been open 45 days with no activity. Remove stale label or comment or this will be closed in 10 days.

github-actions[bot] commented 4 months ago

This PR was closed because it has been stalled for 10 days with no activity.