@@ -1010,6 +1010,7 @@ No package sources found, --help for usage information.
10101010---
10111011
10121012[TestCommand/one_file_that_does_not_match_the_supported_sbom_file_names - 1]
1013+ Warning: --sbom has been deprecated in favor of -L
10131014Failed to parse SBOM "<rootdir>/fixtures/locks-many/composer.lock" with error: could not determine extractor suitable to this file
10141015If you believe this is a valid SBOM, make sure the filename follows format per your SBOMs specification.
10151016
@@ -1020,6 +1021,15 @@ could not determine extractor suitable to this file
10201021
10211022---
10221023
1024+ [TestCommand/one_file_that_does_not_match_the_supported_sbom_file_names_using_-L_flag - 1]
1025+
1026+ ---
1027+
1028+ [TestCommand/one_file_that_does_not_match_the_supported_sbom_file_names_using_-L_flag - 2]
1029+ could not determine extractor, requested spdx
1030+
1031+ ---
1032+
10231033[TestCommand/one_specific_supported_lockfile - 1]
10241034Scanning dir ./fixtures/locks-many/composer.lock
10251035Scanned <rootdir>/fixtures/locks-many/composer.lock file and found 1 package
@@ -1059,6 +1069,7 @@ No issues found
10591069---
10601070
10611071[TestCommand/one_specific_supported_sbom_with_duplicate_PURLs - 1]
1072+ Warning: --sbom has been deprecated in favor of -L
10621073Scanned <rootdir>/fixtures/sbom-insecure/with-duplicates.cdx.xml file and found 15 packages
10631074Filtered 1 local/unscannable package/s from the scan.
10641075+--------------------------------+------+-----------+---------+-----------+------------------------------------------------+
@@ -1075,7 +1086,25 @@ Filtered 1 local/unscannable package/s from the scan.
10751086
10761087---
10771088
1089+ [TestCommand/one_specific_supported_sbom_with_duplicate_PURLs_using_-L_flag - 1]
1090+ Scanned <rootdir>/fixtures/sbom-insecure/with-duplicates.cdx.xml file and found 15 packages
1091+ Filtered 1 local/unscannable package/s from the scan.
1092+ +--------------------------------+------+-----------+---------+-----------+------------------------------------------------+
1093+ | OSV URL | CVSS | ECOSYSTEM | PACKAGE | VERSION | SOURCE |
1094+ +--------------------------------+------+-----------+---------+-----------+------------------------------------------------+
1095+ | https://osv.dev/CVE-2025-26519 | | Alpine | musl | 1.2.3-r4 | fixtures/sbom-insecure/with-duplicates.cdx.xml |
1096+ | https://osv.dev/CVE-2018-25032 | 7.5 | Alpine | zlib | 1.2.10-r0 | fixtures/sbom-insecure/with-duplicates.cdx.xml |
1097+ | https://osv.dev/CVE-2022-37434 | 9.8 | Alpine | zlib | 1.2.10-r0 | fixtures/sbom-insecure/with-duplicates.cdx.xml |
1098+ +--------------------------------+------+-----------+---------+-----------+------------------------------------------------+
1099+
1100+ ---
1101+
1102+ [TestCommand/one_specific_supported_sbom_with_duplicate_PURLs_using_-L_flag - 2]
1103+
1104+ ---
1105+
10781106[TestCommand/one_specific_supported_sbom_with_invalid_PURLs - 1]
1107+ Warning: --sbom has been deprecated in favor of -L
10791108Scanned <rootdir>/fixtures/sbom-insecure/bad-purls.cdx.xml file and found 15 packages
10801109Filtered 7 local/unscannable package/s from the scan.
10811110No issues found
@@ -1086,7 +1115,19 @@ No issues found
10861115
10871116---
10881117
1118+ [TestCommand/one_specific_supported_sbom_with_invalid_PURLs_using_-L_flag - 1]
1119+ Scanned <rootdir>/fixtures/sbom-insecure/bad-purls.cdx.xml file and found 15 packages
1120+ Filtered 7 local/unscannable package/s from the scan.
1121+ No issues found
1122+
1123+ ---
1124+
1125+ [TestCommand/one_specific_supported_sbom_with_invalid_PURLs_using_-L_flag - 2]
1126+
1127+ ---
1128+
10891129[TestCommand/one_specific_supported_sbom_with_vulns - 1]
1130+ Warning: --sbom has been deprecated in favor of -L
10901131Scanned <rootdir>/fixtures/sbom-insecure/alpine.cdx.xml file and found 15 packages
10911132Filtered 1 local/unscannable package/s from the scan.
10921133+--------------------------------+------+-----------+---------+-----------+---------------------------------------+
@@ -1103,6 +1144,23 @@ Filtered 1 local/unscannable package/s from the scan.
11031144
11041145---
11051146
1147+ [TestCommand/one_specific_supported_sbom_with_vulns_using_-L_flag - 1]
1148+ Scanned <rootdir>/fixtures/sbom-insecure/alpine.cdx.xml file and found 15 packages
1149+ Filtered 1 local/unscannable package/s from the scan.
1150+ +--------------------------------+------+-----------+---------+-----------+---------------------------------------+
1151+ | OSV URL | CVSS | ECOSYSTEM | PACKAGE | VERSION | SOURCE |
1152+ +--------------------------------+------+-----------+---------+-----------+---------------------------------------+
1153+ | https://osv.dev/CVE-2025-26519 | | Alpine | musl | 1.2.3-r4 | fixtures/sbom-insecure/alpine.cdx.xml |
1154+ | https://osv.dev/CVE-2018-25032 | 7.5 | Alpine | zlib | 1.2.10-r0 | fixtures/sbom-insecure/alpine.cdx.xml |
1155+ | https://osv.dev/CVE-2022-37434 | 9.8 | Alpine | zlib | 1.2.10-r0 | fixtures/sbom-insecure/alpine.cdx.xml |
1156+ +--------------------------------+------+-----------+---------+-----------+---------------------------------------+
1157+
1158+ ---
1159+
1160+ [TestCommand/one_specific_supported_sbom_with_vulns_using_-L_flag - 2]
1161+
1162+ ---
1163+
11061164[TestCommand/one_specific_unsupported_lockfile - 1]
11071165Scanning dir ./fixtures/locks-many/not-a-lockfile.toml
11081166
0 commit comments