René's URL Explorer Experiment


Title: ROX-30571: roxctl sbom scan by dcaravel · Pull Request #18503 · stackrox/stackrox · GitHub

Open Graph Title: ROX-30571: roxctl sbom scan by dcaravel · Pull Request #18503 · stackrox/stackrox

X Title: ROX-30571: roxctl sbom scan by dcaravel · Pull Request #18503 · stackrox/stackrox

Description: Description Adds the roxctl sbom scan command. PR Stack: #18503 ⬅️ this PR #18658 #18484 User-facing documentation CHANGELOG.md is updated OR update is not needed documentation PR is created and is linked above OR is not needed Testing and quality the change is production ready: the change is GA, or otherwise the functionality is gated by a feature flag CI results are inspected Automated testing added unit tests modified existing tests How I validated my change $ go run ./roxctl sbom scan --file dignore/rhacs-4.9.json output { "id": "fake HashId", "scan": { "scannerVersion": "matcher=v7", "scanTime": "2026-01-16T00:48:23.865085543Z", "components": [ { "name": "Fake Package #1", "version": "v1.0.0", "vulns": [ { "cve": "Fake Vuln #1", "cvss": 3.3, "link": "https://nvd.nist.gov/vuln/detail/CVE-5678-1234", "scoreVersion": "V3", "cvssV3": { "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N", "exploitabilityScore": 0.8, "impactScore": 2.5, "attackComplexity": "COMPLEXITY_HIGH", "privilegesRequired": "PRIVILEGE_LOW", "userInteraction": "UI_REQUIRED", "confidentiality": "IMPACT_LOW", "integrity": "IMPACT_LOW", "score": 3.3, "severity": "LOW" }, "severity": "CRITICAL_VULNERABILITY_SEVERITY", "cvssMetrics": [ { "source": "SOURCE_NVD", "url": "https://nvd.nist.gov/vuln/detail/CVE-5678-1234", "cvssv3": { "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N", "exploitabilityScore": 0.8, "impactScore": 2.5, "attackComplexity": "COMPLEXITY_HIGH", "privilegesRequired": "PRIVILEGE_LOW", "userInteraction": "UI_REQUIRED", "confidentiality": "IMPACT_LOW", "integrity": "IMPACT_LOW", "score": 3.3, "severity": "LOW" } } ] }, { "cve": "Fake Vuln #2", "cvss": 3.3, "link": "https://nvd.nist.gov/vuln/detail/CVE-5678-1234", "scoreVersion": "V3", "cvssV3": { "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N", "exploitabilityScore": 0.8, "impactScore": 2.5, "attackComplexity": "COMPLEXITY_HIGH", "privilegesRequired": "PRIVILEGE_LOW", "userInteraction": "UI_REQUIRED", "confidentiality": "IMPACT_LOW", "integrity": "IMPACT_LOW", "score": 3.3, "severity": "LOW" }, "severity": "IMPORTANT_VULNERABILITY_SEVERITY", "cvssMetrics": [ { "source": "SOURCE_NVD", "url": "https://nvd.nist.gov/vuln/detail/CVE-5678-1234", "cvssv3": { "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N", "exploitabilityScore": 0.8, "impactScore": 2.5, "attackComplexity": "COMPLEXITY_HIGH", "privilegesRequired": "PRIVILEGE_LOW", "userInteraction": "UI_REQUIRED", "confidentiality": "IMPACT_LOW", "integrity": "IMPACT_LOW", "score": 3.3, "severity": "LOW" } } ] }, { "cve": "Fake Vuln #3", "cvss": 8.2, "link": "https://access.redhat.com/security/cve/CVE-1234-567", "scoreVersion": "V3", "cvssV3": { "vector": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:H", "exploitabilityScore": 2.8, "impactScore": 4.7, "attackVector": "ATTACK_ADJACENT", "scope": "CHANGED", "confidentiality": "IMPACT_LOW", "availability": "IMPACT_HIGH", "score": 8.2, "severity": "HIGH" }, "severity": "MODERATE_VULNERABILITY_SEVERITY", "cvssMetrics": [ { "source": "SOURCE_RED_HAT", "url": "https://access.redhat.com/security/cve/CVE-1234-567", "cvssv3": { "vector": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:H", "exploitabilityScore": 2.8, "impactScore": 4.7, "attackVector": "ATTACK_ADJACENT", "scope": "CHANGED", "confidentiality": "IMPACT_LOW", "availability": "IMPACT_HIGH", "score": 8.2, "severity": "HIGH" } }, { "source": "SOURCE_NVD", "url": "https://nvd.nist.gov/vuln/detail/CVE-1234-567", "cvssv2": { "vector": "AV:N/AC:M/Au:M/C:C/I:N/A:P", "attackVector": "ATTACK_NETWORK", "accessComplexity": "ACCESS_MEDIUM", "confidentiality": "IMPACT_COMPLETE", "availability": "IMPACT_PARTIAL", "exploitabilityScore": 5.5, "impactScore": 7.8, "score": 6.4, "severity": "MEDIUM" } } ] }, { "cve": "Fake Vuln #4", "cvss": 3.3, "link": "https://nvd.nist.gov/vuln/detail/CVE-5678-1234", "scoreVersion": "V3", "cvssV3": { "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N", "exploitabilityScore": 0.8, "impactScore": 2.5, "attackComplexity": "COMPLEXITY_HIGH", "privilegesRequired": "PRIVILEGE_LOW", "userInteraction": "UI_REQUIRED", "confidentiality": "IMPACT_LOW", "integrity": "IMPACT_LOW", "score": 3.3, "severity": "LOW" }, "severity": "LOW_VULNERABILITY_SEVERITY", "cvssMetrics": [ { "source": "SOURCE_NVD", "url": "https://nvd.nist.gov/vuln/detail/CVE-5678-1234", "cvssv3": { "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N", "exploitabilityScore": 0.8, "impactScore": 2.5, "attackComplexity": "COMPLEXITY_HIGH", "privilegesRequired": "PRIVILEGE_LOW", "userInteraction": "UI_REQUIRED", "confidentiality": "IMPACT_LOW", "integrity": "IMPACT_LOW", "score": 3.3, "severity": "LOW" } } ] } ] }, { "name": "Fake Package #2", "version": "v2.3.4", "vulns": [ { "cve": "Fake Vuln #3", "cvss": 8.2, "link": "https://access.redhat.com/security/cve/CVE-1234-567", "scoreVersion": "V3", "cvssV3": { "vector": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:H", "exploitabilityScore": 2.8, "impactScore": 4.7, "attackVector": "ATTACK_ADJACENT", "scope": "CHANGED", "confidentiality": "IMPACT_LOW", "availability": "IMPACT_HIGH", "score": 8.2, "severity": "HIGH" }, "severity": "MODERATE_VULNERABILITY_SEVERITY", "cvssMetrics": [ { "source": "SOURCE_RED_HAT", "url": "https://access.redhat.com/security/cve/CVE-1234-567", "cvssv3": { "vector": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:H", "exploitabilityScore": 2.8, "impactScore": 4.7, "attackVector": "ATTACK_ADJACENT", "scope": "CHANGED", "confidentiality": "IMPACT_LOW", "availability": "IMPACT_HIGH", "score": 8.2, "severity": "HIGH" } }, { "source": "SOURCE_NVD", "url": "https://nvd.nist.gov/vuln/detail/CVE-1234-567", "cvssv2": { "vector": "AV:N/AC:M/Au:M/C:C/I:N/A:P", "attackVector": "ATTACK_NETWORK", "accessComplexity": "ACCESS_MEDIUM", "confidentiality": "IMPACT_COMPLETE", "availability": "IMPACT_PARTIAL", "exploitabilityScore": 5.5, "impactScore": 7.8, "score": 6.4, "severity": "MEDIUM" } } ] }, { "cve": "Fake Vuln #4", "cvss": 3.3, "link": "https://nvd.nist.gov/vuln/detail/CVE-5678-1234", "scoreVersion": "V3", "cvssV3": { "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N", "exploitabilityScore": 0.8, "impactScore": 2.5, "attackComplexity": "COMPLEXITY_HIGH", "privilegesRequired": "PRIVILEGE_LOW", "userInteraction": "UI_REQUIRED", "confidentiality": "IMPACT_LOW", "integrity": "IMPACT_LOW", "score": 3.3, "severity": "LOW" }, "severity": "LOW_VULNERABILITY_SEVERITY", "cvssMetrics": [ { "source": "SOURCE_NVD", "url": "https://nvd.nist.gov/vuln/detail/CVE-5678-1234", "cvssv3": { "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N", "exploitabilityScore": 0.8, "impactScore": 2.5, "attackComplexity": "COMPLEXITY_HIGH", "privilegesRequired": "PRIVILEGE_LOW", "userInteraction": "UI_REQUIRED", "confidentiality": "IMPACT_LOW", "integrity": "IMPACT_LOW", "score": 3.3, "severity": "LOW" } } ] } ] } ], "operatingSystem": "unknown", "dataSource": { "id": "a87471e6-9678-4e66-8348-91e302b6de07", "name": "Scanner V4" } } } $ go run ./roxctl sbom scan --file=dignore/rhacs-4.9.json --output json output { "result": { "summary": { "CRITICAL": 1, "IMPORTANT": 1, "LOW": 1, "MODERATE": 1, "TOTAL-COMPONENTS": 2, "TOTAL-VULNERABILITIES": 4 }, "vulnerabilities": [ { "cveId": "Fake Vuln #1", "cveSeverity": "CRITICAL", "cveCVSS": 3.3, "cveInfo": "https://nvd.nist.gov/vuln/detail/CVE-5678-1234", "advisoryId": "", "advisoryInfo": "", "componentName": "Fake Package #1", "componentVersion": "v1.0.0", "componentFixedVersion": "" }, { "cveId": "Fake Vuln #2", "cveSeverity": "IMPORTANT", "cveCVSS": 3.3, "cveInfo": "https://nvd.nist.gov/vuln/detail/CVE-5678-1234", "advisoryId": "", "advisoryInfo": "", "componentName": "Fake Package #1", "componentVersion": "v1.0.0", "componentFixedVersion": "" }, { "cveId": "Fake Vuln #3", "cveSeverity": "MODERATE", "cveCVSS": 8.2, "cveInfo": "https://access.redhat.com/security/cve/CVE-1234-567", "advisoryId": "", "advisoryInfo": "", "componentName": "Fake Package #1", "componentVersion": "v1.0.0", "componentFixedVersion": "" }, { "cveId": "Fake Vuln #4", "cveSeverity": "LOW", "cveCVSS": 3.3, "cveInfo": "https://nvd.nist.gov/vuln/detail/CVE-5678-1234", "advisoryId": "", "advisoryInfo": "", "componentName": "Fake Package #1", "componentVersion": "v1.0.0", "componentFixedVersion": "" }, { "cveId": "Fake Vuln #3", "cveSeverity": "MODERATE", "cveCVSS": 8.2, "cveInfo": "https://access.redhat.com/security/cve/CVE-1234-567", "advisoryId": "", "advisoryInfo": "", "componentName": "Fake Package #2", "componentVersion": "v2.3.4", "componentFixedVersion": "" }, { "cveId": "Fake Vuln #4", "cveSeverity": "LOW", "cveCVSS": 3.3, "cveInfo": "https://nvd.nist.gov/vuln/detail/CVE-5678-1234", "advisoryId": "", "advisoryInfo": "", "componentName": "Fake Package #2", "componentVersion": "v2.3.4", "componentFixedVersion": "" } ] } } go run ./roxctl sbom scan --file=dignore/rhacs-4.9.json --output table output Scan results for image: dignore/rhacs-4.9.json (TOTAL-COMPONENTS: 2, TOTAL-VULNERABILITIES: 4, LOW: 1, MODERATE: 1, IMPORTANT: 1, CRITICAL: 1) +-----------------+---------+--------------+-----------+------+-----------------------------------------------------+---------------+----------+---------------+ | COMPONENT | VERSION | CVE | SEVERITY | CVSS | LINK | FIXED VERSION | ADVISORY | ADVISORY LINK | +-----------------+---------+--------------+-----------+------+-----------------------------------------------------+---------------+----------+---------------+ | Fake Package #1 | v1.0.0 | Fake Vuln #1 | CRITICAL | 3.3 | https://nvd.nist.gov/vuln/detail/CVE-5678-1234 | - | - | - | | | +--------------+-----------+------+-----------------------------------------------------+---------------+----------+---------------+ | | | Fake Vuln #2 | IMPORTANT | 3.3 | https://nvd.nist.gov/vuln/detail/CVE-5678-1234 | - | - | - | | | +--------------+-----------+------+-----------------------------------------------------+---------------+----------+---------------+ | | | Fake Vuln #3 | MODERATE | 8.2 | https://access.redhat.com/security/cve/CVE-1234-567 | - | - | - | | | +--------------+-----------+------+-----------------------------------------------------+---------------+----------+---------------+ | | | Fake Vuln #4 | LOW | 3.3 | https://nvd.nist.gov/vuln/detail/CVE-5678-1234 | - | - | - | +-----------------+---------+--------------+-----------+------+-----------------------------------------------------+---------------+----------+---------------+ | Fake Package #2 | v2.3.4 | Fake Vuln #3 | MODERATE | 8.2 | https://access.redhat.com/security/cve/CVE-1234-567 | - | - | - | | | +--------------+-----------+------+-----------------------------------------------------+---------------+----------+---------------+ | | | Fake Vuln #4 | LOW | 3.3 | https://nvd.nist.gov/vuln/detail/CVE-5678-1234 | - | - | - | +-----------------+---------+--------------+-----------+------+-----------------------------------------------------+---------------+----------+---------------+ WARN: A total of 4 unique vulnerabilities were found in 2 components $ go run ./roxctl sbom scan --file=rhacs-4.9.json --output csv output COMPONENT,VERSION,CVE,SEVERITY,CVSS,LINK,FIXED_VERSION,ADVISORY,ADVISORY_LINK Fake Package #1,v1.0.0,Fake Vuln #1,CRITICAL,3.3,https://nvd.nist.gov/vuln/detail/CVE-5678-1234,-,-,- Fake Package #1,v1.0.0,Fake Vuln #2,IMPORTANT,3.3,https://nvd.nist.gov/vuln/detail/CVE-5678-1234,-,-,- Fake Package #1,v1.0.0,Fake Vuln #3,MODERATE,8.2,https://access.redhat.com/security/cve/CVE-1234-567,-,-,- Fake Package #1,v1.0.0,Fake Vuln #4,LOW,3.3,https://nvd.nist.gov/vuln/detail/CVE-5678-1234,-,-,- Fake Package #2,v2.3.4,Fake Vuln #3,MODERATE,8.2,https://access.redhat.com/security/cve/CVE-1234-567,-,-,- Fake Package #2,v2.3.4,Fake Vuln #4,LOW,3.3,https://nvd.nist.gov/vuln/detail/CVE-5678-1234,-,-,- $ go run ./roxctl sbom scan --file NOPE.json ERROR: SBOM file does not exist: "NOPE.json" $ go run ./roxctl sbom scan --file dignore/rhacs-4.9.invalid.json ERROR: auto detecting media type: SBOM file does not appear to be valid JSON $ go run ./roxctl sbom scan --file dignore/rhacs-4.9.notspdx.json ERROR: auto detecting media type: unsupported SBOM format $ go run ./roxctl sbom scan --file dignore/rhacs-4.9.json --content-type WRONG ERROR: received unexpected status code 400. Response Body: {"code":3,"message":"validating media type: unsupported media type \"WRONG\", supported types [text/spdx+json application/spdx+json]"}

Open Graph Description: Description Adds the roxctl sbom scan command. PR Stack: #18503 ⬅️ this PR #18658 #18484 User-facing documentation CHANGELOG.md is updated OR update is not needed documentation PR is created ...

X Description: Description Adds the roxctl sbom scan command. PR Stack: #18503 ⬅️ this PR #18658 #18484 User-facing documentation CHANGELOG.md is updated OR update is not needed documentation PR is created ...

Opengraph URL: https://github.com/stackrox/stackrox/pull/18503

X: @github

direct link

Domain: github.com

route-pattern/:user_id/:repository/pull/:id/files(.:format)
route-controllerpull_requests
route-actionfiles
fetch-noncev2:a30f2e07-32f2-f709-a30b-a3aafed5c287
current-catalog-service-hashae870bc5e265a340912cde392f23dad3671a0a881730ffdadd82f2f57d81641b
request-idE932:2FA5EC:10AEC8B:17036DB:6A4DD8A9
html-safe-nonce701e5c589dd0d15eaa987f32b26305426343f4f6e0119773d875a6ad7758715e
visitor-payloadeyJyZWZlcnJlciI6IiIsInJlcXVlc3RfaWQiOiJFOTMyOjJGQTVFQzoxMEFFQzhCOjE3MDM2REI6NkE0REQ4QTkiLCJ2aXNpdG9yX2lkIjoiMTYwMTAwMTI3OTU3OTg3MTQwMSIsInJlZ2lvbl9lZGdlIjoiaWFkIiwicmVnaW9uX3JlbmRlciI6ImlhZCJ9
visitor-hmac8c5bda63a572ba2604472dc4f267f6424de91cf3fa9d676fb6fade02a2f09f9d
hovercard-subject-tagpull_request:3175987808
github-keyboard-shortcutsrepository,pull-request-list,pull-request-conversation,pull-request-files-changed,copilot
google-site-verificationApib7-x98H0j5cPqHWwSMm6dNU4GmODRoqxLiDzdx9I
octolytics-urlhttps://collector.github.com/github/collect
analytics-location///pull_requests/show/files
fb:app_id1401488693436528
apple-itunes-appapp-id=1477376905, app-argument=https://github.com/stackrox/stackrox/pull/18503/files
twitter:imagehttps://avatars.githubusercontent.com/u/119438707?s=400&v=4
twitter:cardsummary_large_image
og:imagehttps://avatars.githubusercontent.com/u/119438707?s=400&v=4
og:image:altDescription Adds the roxctl sbom scan command. PR Stack: #18503 ⬅️ this PR #18658 #18484 User-facing documentation CHANGELOG.md is updated OR update is not needed documentation PR is created ...
og:site_nameGitHub
og:typeobject
hostnamegithub.com
expected-hostnamegithub.com
None06b8a6144231bf3a234f1c2e9993861e07ce98a905912b114aa386c2d7e84b33
turbo-cache-controlno-preview
diff-viewunified
go-importgithub.com/stackrox/stackrox git https://github.com/stackrox/stackrox.git
octolytics-dimension-user_id40638982
octolytics-dimension-user_loginstackrox
octolytics-dimension-repository_id434017296
octolytics-dimension-repository_nwostackrox/stackrox
octolytics-dimension-repository_publictrue
octolytics-dimension-repository_is_forkfalse
octolytics-dimension-repository_network_root_id434017296
octolytics-dimension-repository_network_root_nwostackrox/stackrox
turbo-body-classeslogged-out env-production page-responsive full-width
disable-turbotrue
browser-stats-urlhttps://api.github.com/_private/browser/stats
browser-errors-urlhttps://api.github.com/_private/browser/errors
release1d344bdb7547fe6bca17a59bb2b8aac3dc9532a0
ui-targetfull
theme-color#1e2327
color-schemelight dark

Links:

Skip to contenthttps://github.com/stackrox/stackrox/pull/18503/files#start-of-content
https://github.com/
Sign in https://github.com/login?return_to=https%3A%2F%2Fgithub.com%2Fstackrox%2Fstackrox%2Fpull%2F18503%2Ffiles
GitHub CopilotWrite better code with AIhttps://github.com/features/copilot
GitHub Copilot appDirect agents from issue to mergehttps://github.com/features/ai/github-app
MCP RegistryNewIntegrate external toolshttps://github.com/mcp
ActionsAutomate any workflowhttps://github.com/features/actions
CodespacesInstant dev environmentshttps://github.com/features/codespaces
IssuesPlan and track workhttps://github.com/features/issues
Code ReviewManage code changeshttps://github.com/features/code-review
GitHub Advanced SecurityFind and fix vulnerabilitieshttps://github.com/security/advanced-security
Code securitySecure your code as you buildhttps://github.com/security/advanced-security/code-security
Secret protectionStop leaks before they starthttps://github.com/security/advanced-security/secret-protection
Why GitHubhttps://github.com/why-github
Documentationhttps://docs.github.com
Bloghttps://github.blog
Changeloghttps://github.blog/changelog
Marketplacehttps://github.com/marketplace
View all featureshttps://github.com/features
Enterpriseshttps://github.com/enterprise
Small and medium teamshttps://github.com/team
Startupshttps://github.com/enterprise/startups
Nonprofitshttps://github.com/solutions/industry/nonprofits
App Modernizationhttps://github.com/solutions/use-case/app-modernization
DevSecOpshttps://github.com/solutions/use-case/devsecops
DevOpshttps://github.com/solutions/use-case/devops
CI/CDhttps://github.com/solutions/use-case/ci-cd
View all use caseshttps://github.com/solutions/use-case
Healthcarehttps://github.com/solutions/industry/healthcare
Financial serviceshttps://github.com/solutions/industry/financial-services
Manufacturinghttps://github.com/solutions/industry/manufacturing
Governmenthttps://github.com/solutions/industry/government
View all industrieshttps://github.com/solutions/industry
View all solutionshttps://github.com/solutions
AIhttps://github.com/resources/articles?topic=ai
Software Developmenthttps://github.com/resources/articles?topic=software-development
DevOpshttps://github.com/resources/articles?topic=devops
Securityhttps://github.com/resources/articles?topic=security
View all topicshttps://github.com/resources/articles
Customer storieshttps://github.com/customer-stories
Events & webinarshttps://github.com/resources/events
Ebooks & reportshttps://github.com/resources/whitepapers
Business insightshttps://github.com/solutions/executive-insights
GitHub Skillshttps://skills.github.com
Documentationhttps://docs.github.com
Customer supporthttps://support.github.com
Community forumhttps://github.com/orgs/community/discussions
Trust centerhttps://github.com/trust-center
Partnershttps://github.com/partners
View all resourceshttps://github.com/resources
GitHub SponsorsFund open source developershttps://github.com/sponsors
Security Labhttps://securitylab.github.com
Maintainer Communityhttps://maintainers.github.com
Acceleratorhttps://github.com/accelerator
GitHub Starshttps://stars.github.com
Archive Programhttps://archiveprogram.github.com
Topicshttps://github.com/topics
Trendinghttps://github.com/trending
Collectionshttps://github.com/collections
Enterprise platformAI-powered developer platformhttps://github.com/enterprise
GitHub Advanced SecurityEnterprise-grade security featureshttps://github.com/security/advanced-security
Copilot for BusinessEnterprise-grade AI featureshttps://github.com/features/copilot/copilot-business
Premium SupportEnterprise-grade 24/7 supporthttps://github.com/premium-support
Pricinghttps://github.com/pricing
Search syntax tipshttps://docs.github.com/search-github/github-code-search/understanding-github-code-search-syntax
documentationhttps://docs.github.com/search-github/github-code-search/understanding-github-code-search-syntax
Sign in https://github.com/login?return_to=https%3A%2F%2Fgithub.com%2Fstackrox%2Fstackrox%2Fpull%2F18503%2Ffiles
Sign up https://github.com/signup?ref_cta=Sign+up&ref_loc=header+logged+out&ref_page=%2F%3Cuser-name%3E%2F%3Crepo-name%3E%2Fpull_requests%2Fshow%2Ffiles&source=header-repo&source_repo=stackrox%2Fstackrox
Reloadhttps://github.com/stackrox/stackrox/pull/18503/files
Reloadhttps://github.com/stackrox/stackrox/pull/18503/files
Reloadhttps://github.com/stackrox/stackrox/pull/18503/files
Please reload this pagehttps://github.com/stackrox/stackrox/pull/18503/files
stackrox https://github.com/stackrox
stackroxhttps://github.com/stackrox/stackrox
Notifications https://github.com/login?return_to=%2Fstackrox%2Fstackrox
Fork 180 https://github.com/login?return_to=%2Fstackrox%2Fstackrox
Star 1.3k https://github.com/login?return_to=%2Fstackrox%2Fstackrox
Code https://github.com/stackrox/stackrox
Issues 52 https://github.com/stackrox/stackrox/issues
Pull requests 549 https://github.com/stackrox/stackrox/pulls
Actions https://github.com/stackrox/stackrox/actions
Security and quality 0 https://github.com/stackrox/stackrox/security
Insights https://github.com/stackrox/stackrox/pulse
Code https://github.com/stackrox/stackrox
Issues https://github.com/stackrox/stackrox/issues
Pull requests https://github.com/stackrox/stackrox/pulls
Actions https://github.com/stackrox/stackrox/actions
Security and quality https://github.com/stackrox/stackrox/security
Insights https://github.com/stackrox/stackrox/pulse
Sign up for GitHub https://github.com/signup?return_to=%2Fstackrox%2Fstackrox%2Fissues%2Fnew%2Fchoose
terms of servicehttps://docs.github.com/terms
privacy statementhttps://docs.github.com/privacy
Sign inhttps://github.com/login?return_to=%2Fstackrox%2Fstackrox%2Fissues%2Fnew%2Fchoose
dcaravelhttps://github.com/dcaravel
masterhttps://github.com/stackrox/stackrox/tree/master
dc/sbom-scan-roxctlhttps://github.com/stackrox/stackrox/tree/dc/sbom-scan-roxctl
Conversation 22 https://github.com/stackrox/stackrox/pull/18503
Commits 8 https://github.com/stackrox/stackrox/pull/18503/commits
Checks 87 https://github.com/stackrox/stackrox/pull/18503/checks
Files changed https://github.com/stackrox/stackrox/pull/18503/files
Please reload this pagehttps://github.com/stackrox/stackrox/pull/18503/files
ROX-30571: roxctl sbom scan https://github.com/stackrox/stackrox/pull/18503/files#top
Show all changes 8 commits https://github.com/stackrox/stackrox/pull/18503/files
4e2c276 add roxctl sbom scan command dcaravel Jan 16, 2026 https://github.com/stackrox/stackrox/pull/18503/commits/4e2c276e826c022e39e4736004cb0f3a9584675c
7dadb29 add unit/integration tests for roxctl sbom scan dcaravel Jan 16, 2026 https://github.com/stackrox/stackrox/pull/18503/commits/7dadb29f16e90aefc655ebd1985090f41ca518fd
1331b70 add validation for output severities dcaravel Jan 16, 2026 https://github.com/stackrox/stackrox/pull/18503/commits/1331b70e1ffd51fe0ae4954aee071bec9fded75d
bdb3e80 refactor print scan summary heading to fix tests dcaravel Jan 16, 2026 https://github.com/stackrox/stackrox/pull/18503/commits/bdb3e80e6328d28b9d957777241ba2c0d506daf4
f2579f3 set retry to 0 so that timeout is respected dcaravel Jan 22, 2026 https://github.com/stackrox/stackrox/pull/18503/commits/f2579f3891adc3b51433110227a2f072584d6ccf
0a2630a fix allseverities usage dcaravel Jan 23, 2026 https://github.com/stackrox/stackrox/pull/18503/commits/0a2630a6d7f019ec0c934f16ccdc70f4188d37db
c659d21 switch to json decoder dcaravel Apr 2, 2026 https://github.com/stackrox/stackrox/pull/18503/commits/c659d21c1bc675a57681b598aea10bb9afa08241
b82039e fix typo for sbom command tree dcaravel Apr 2, 2026 https://github.com/stackrox/stackrox/pull/18503/commits/b82039ef40d9501da2558e8c875edf9de5095bec
Clear filters https://github.com/stackrox/stackrox/pull/18503/files
Please reload this pagehttps://github.com/stackrox/stackrox/pull/18503/files
Please reload this pagehttps://github.com/stackrox/stackrox/pull/18503/files
command.go https://github.com/stackrox/stackrox/pull/18503/files#diff-acf4bfdc2da9fe96a5f44f5d755e453342d2069d4214022bdaa1731bae0c3629
command_tree_debug.yaml https://github.com/stackrox/stackrox/pull/18503/files#diff-27525f2ccdf0916f9cd86154d3ae5959dd38458a2b1fa9bbf556a38c9d76a938
command_tree_release.yaml https://github.com/stackrox/stackrox/pull/18503/files#diff-35e410e7aeebeae885dee53ae9c9ccc8ab039c25e7561c79d60e1c78425f5587
sbom.go https://github.com/stackrox/stackrox/pull/18503/files#diff-8fba54c21a58035cef2a9b960184b03a90eb1b4a3676b943e427b767bcb1b5d3
scan.go https://github.com/stackrox/stackrox/pull/18503/files#diff-93d5e8e58a65a1dd57046dac7ca4a2551c4a22eee20c8aac917d49b70bea052e
scan_test.go https://github.com/stackrox/stackrox/pull/18503/files#diff-a98eaf8ec380c65072ca7c3b6adde2152cd437a85038b36fbf825dba3e44f771
roxctl--help.txt https://github.com/stackrox/stackrox/pull/18503/files#diff-c01d393b2fd1c2f1621101007552a73c3958050590c941c2c6272e26a8efef76
https://github.com/stackrox/stackrox/blob/master/.github/CODEOWNERS#L42
roxctl/maincommand/command.gohttps://github.com/stackrox/stackrox/pull/18503/files#diff-acf4bfdc2da9fe96a5f44f5d755e453342d2069d4214022bdaa1731bae0c3629
View file https://github.com/stackrox/stackrox/blob/b82039ef40d9501da2558e8c875edf9de5095bec/roxctl/maincommand/command.go
Open in desktop https://desktop.github.com
https://github.co/hiddenchars
https://github.com/stackrox/stackrox/pull/18503/{{ revealButtonHref }}
https://github.com/stackrox/stackrox/pull/18503/files#diff-acf4bfdc2da9fe96a5f44f5d755e453342d2069d4214022bdaa1731bae0c3629
https://github.com/stackrox/stackrox/pull/18503/files#diff-acf4bfdc2da9fe96a5f44f5d755e453342d2069d4214022bdaa1731bae0c3629
https://github.com/stackrox/stackrox/pull/18503/files#diff-acf4bfdc2da9fe96a5f44f5d755e453342d2069d4214022bdaa1731bae0c3629
https://github.com/stackrox/stackrox/pull/18503/files#diff-acf4bfdc2da9fe96a5f44f5d755e453342d2069d4214022bdaa1731bae0c3629
https://github.com/stackrox/stackrox/blob/master/.github/CODEOWNERS#L42
roxctl/maincommand/command_tree_debug.yamlhttps://github.com/stackrox/stackrox/pull/18503/files#diff-27525f2ccdf0916f9cd86154d3ae5959dd38458a2b1fa9bbf556a38c9d76a938
View file https://github.com/stackrox/stackrox/blob/b82039ef40d9501da2558e8c875edf9de5095bec/roxctl/maincommand/command_tree_debug.yaml
Open in desktop https://desktop.github.com
https://github.co/hiddenchars
https://github.com/stackrox/stackrox/pull/18503/{{ revealButtonHref }}
https://github.com/stackrox/stackrox/pull/18503/files#diff-27525f2ccdf0916f9cd86154d3ae5959dd38458a2b1fa9bbf556a38c9d76a938
https://github.com/stackrox/stackrox/pull/18503/files#diff-27525f2ccdf0916f9cd86154d3ae5959dd38458a2b1fa9bbf556a38c9d76a938
https://github.com/stackrox/stackrox/blob/master/.github/CODEOWNERS#L42
roxctl/maincommand/command_tree_release.yamlhttps://github.com/stackrox/stackrox/pull/18503/files#diff-35e410e7aeebeae885dee53ae9c9ccc8ab039c25e7561c79d60e1c78425f5587
View file https://github.com/stackrox/stackrox/blob/b82039ef40d9501da2558e8c875edf9de5095bec/roxctl/maincommand/command_tree_release.yaml
Open in desktop https://desktop.github.com
https://github.co/hiddenchars
https://github.com/stackrox/stackrox/pull/18503/{{ revealButtonHref }}
https://github.com/stackrox/stackrox/pull/18503/files#diff-35e410e7aeebeae885dee53ae9c9ccc8ab039c25e7561c79d60e1c78425f5587
https://github.com/stackrox/stackrox/pull/18503/files#diff-35e410e7aeebeae885dee53ae9c9ccc8ab039c25e7561c79d60e1c78425f5587
https://github.com/stackrox/stackrox/blob/master/.github/CODEOWNERS#L42
roxctl/sbom/sbom.gohttps://github.com/stackrox/stackrox/pull/18503/files#diff-8fba54c21a58035cef2a9b960184b03a90eb1b4a3676b943e427b767bcb1b5d3
View file https://github.com/stackrox/stackrox/blob/b82039ef40d9501da2558e8c875edf9de5095bec/roxctl/sbom/sbom.go
Open in desktop https://desktop.github.com
https://github.co/hiddenchars
https://github.com/stackrox/stackrox/pull/18503/{{ revealButtonHref }}
Please reload this pagehttps://github.com/stackrox/stackrox/pull/18503/files
Please reload this pagehttps://github.com/stackrox/stackrox/pull/18503/files
https://github.com
Termshttps://docs.github.com/site-policy/github-terms/github-terms-of-service
Privacyhttps://docs.github.com/site-policy/privacy-policies/github-privacy-statement
Securityhttps://github.com/security
Statushttps://www.githubstatus.com/
Communityhttps://github.community/
Docshttps://docs.github.com/
Contacthttps://support.github.com?tags=dotcom-footer

Viewport: width=device-width


URLs of crawlers that visited me.