sbom-tool icon indicating copy to clipboard operation
sbom-tool copied to clipboard

Published 20 hours ago verified publisher icon microsoft

CLI should allow for reasonable defaults

Open richardtallent-erm opened this issue 2 years ago • 3 comments

First time using this tool, and I find it frustrating that so many command-line options are required. Most should have reasonable defaults, or be auto-detected. I just spent 10 minutes looking at a the [INFO] Scan manifest file... with no indicator of progress, finally hit Enter and got:

##[error]Encountered an error while generating the manifest.
##[error]Error details: Unable to generate a package version based on provided parameters. Please provide the package version in the 'PackageVersion' parameter.

richardtallent-erm avatar Oct 04 '22 13:10 richardtallent-erm

@daneshbadlani , what are your thoughts on this request?

edgarrs avatar Oct 04 '22 17:10 edgarrs

+1 for this one. trivy and syft have much easier entrypoint for generating sbom Any idea why sbom-tool requires all these arguments when competing tools dont?

ArgTang avatar Oct 05 '22 14:10 ArgTang

@daneshbadlani will come up with a proposal for default values

edgarrs avatar Oct 11 '22 17:10 edgarrs

Provided the default values to @aasim

daneshbadlani avatar Dec 15 '22 04:12 daneshbadlani

Not easily actionable for current team without suggested defaults. A contribution with reasonable suggested defaults would be considered. Currently this work is not planned.

jlperkins avatar Feb 08 '24 19:02 jlperkins

Looks like @daneshbadlani contributed some reasonable suggested defaults, did those get lost in the shuffle?

richardtallent-erm avatar Feb 08 '24 20:02 richardtallent-erm