trivy icon indicating copy to clipboard operation
trivy copied to clipboard
Published 4 weeks ago verified publisher icon aquasecurity

refactor: rename `--list-all-pkgs` to `--scanners pkg`

Open DmitriyLewen opened this issue 2 years ago • 10 comments

Description

See #5183

TODO:

  • [x] fix tests
  • [x] update integration tests
  • [x] update docs

Related issues

  • Close #5183

Checklist

  • [x] I've read the guidelines for contributing to this repository.
  • [x] I've followed the conventions in the PR title.
  • [x] I've added tests that prove my fix is effective or that my feature works.
  • [x] I've updated the documentation with the relevant information (if needed).
  • [ ] I've added usage information (if the PR introduces new options)
  • [ ] I've included a "before" and "after" example to the description (if the PR is a user interface change).

DmitriyLewen avatar Sep 27 '23 09:09 DmitriyLewen

@DmitriyLewen Does this change make sense to you?

knqyf263 avatar Oct 01 '23 16:10 knqyf263

When i started working on this PR - I wasn't sure we needed these changes. Previously I used --list-all-pkgs flag. I got used to it, it was convenient for me and this flag was enough for me.

But when i created this PR i understood your opinion about this change.

We have scanners for vuln, license, secrets, etc... => we also need scanners to find installed packages.

But i had 1 problem. Many times i understood that i was confusing sbom scanner and sbom target. This can really confuse users. Perhaps we can rename --scanners sbom to --scanners packages or something like that. This may help with tangling.

DmitriyLewen avatar Oct 02 '23 04:10 DmitriyLewen

We have scanners for vuln, license, secrets, etc... => we also need scanners to find installed packages.

Right. For example, there is a case where Trivy supports packages, but doesn't support vulnerabilities. It's easy for us to say --scanner sbom is supported, but --scanner vuln is not supported. It is more consistent.

Perhaps we can rename --scanners sbom to --scanners packages or something like that. This may help with tangling.

I like it. Let's go with that idea. Thanks!

knqyf263 avatar Oct 02 '23 05:10 knqyf263

I like it. Let's go with that idea. Thanks!

Okay, i will change sbom to packages and write to you.

DmitriyLewen avatar Oct 02 '23 05:10 DmitriyLewen

Okay, i will change sbom to packages and write to you.

How about --scanner pkg?

knqyf263 avatar Oct 02 '23 05:10 knqyf263

~~--scanners pkgs would be correct.~~ ( we use license, secret, so we need to use pkg) But I like. It's shorter than packages, but intuitive.

DmitriyLewen avatar Oct 02 '23 05:10 DmitriyLewen

@knqyf263 I renamed scanner. Take a look, when you have time, please

DmitriyLewen avatar Oct 04 '23 05:10 DmitriyLewen

This PR is stale because it has been labeled with inactivity.

github-actions[bot] avatar Dec 04 '23 00:12 github-actions[bot]

This PR is stale because it has been labeled with inactivity.

github-actions[bot] avatar Feb 03 '24 00:02 github-actions[bot]

This PR is stale because it has been labeled with inactivity.

github-actions[bot] avatar Apr 06 '24 00:04 github-actions[bot]

We need to rethink the design.

knqyf263 avatar Jun 04 '24 05:06 knqyf263