-
Notifications
You must be signed in to change notification settings - Fork 61
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Allow different output formats in parallel (e.g. for SBOM reports) #753
Comments
Thanks for the request @bittner! Something like this seems reasonable to me, and I've wanted a similar thing for As a design item: we want to minimize flag proliferation in (I know this doesn't propose every permutation, but offering some permutations makes it harder to justify not adding others in the future.) Given that, I think we maybe want to do something a little more magic like CCing @di for thoughts as well. |
I like that proposal. Doesn't seem too magical to me, just needs to be explained explicitly in the usage. |
Agreed. I'll give @di some time to chime in, but assuming that sounds reasonable to him I'd be happy to review a PR that adds that behavior 🙂 |
Seems fine to me! |
Pre-submission checks
What's the problem this feature will solve?
When I run
pip-audit
in a CI job I love to have tabular output of the scanning results in the log output, but I also want to submit the results (e.g. SBOM reports in JSON or XML) to the CI service for integration in the PR/MR widget.Currently, I have to run
pip-audit
twice. One run for the tabular output, another one to write the JSON or XML report.Describe the solution you'd like
There are the
--format
and the--output
options, which can only be used once (the last occurrence counts). It would cause a lot of trouble to redefine their behavior, hence new options are likely needed.Two additional options
--cyclonedx-xml=<filepath>
and--cyclonedx-json=<filepath>
could allow to use any format you like on the console, yet still save the CycloneDX SBOM report in XML and/or JSON.Additional context
The proposed solution is inspired by Pytest's
--junit-xml
option.The text was updated successfully, but these errors were encountered: