Skip to content

Feature Request: read SBOM from stdin #172

@kzantow

Description

@kzantow

It would be great if the CLI functions which read SBOMs support reading from piped standard input.

There are some cases where it is much more convenient to pipe output of one tool into another one instead of requiring files. For example: using the tools to validate a SBOM in a container requires: saving the SBOM to a file, run the container with a mounted filesystem containing the SBOM, referencing the same SBOM using a path matching how the container mount was specified, etc. whereas doing something like cat <sbom> | docker run --rm -i spdx-java-tools-validator:latest could be much simpler and could prevent needing an intermediary file altogether in certain circumstances.

A suggestion: one reasonably simple way to do this is just check the file input being just a single dash, - (like implemented in vim: vi -), which causes the system to explicitly read from stdin instead of attempting to load a file. This would allow something like the aforementioned cat <sbom> | docker run --rm -i spdx-java-tools-validator:latest Verify - to work for the example.

Activity

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancementNew feature or request

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

      Development

      No branches or pull requests

        Participants

        @bact@kzantow

        Issue actions

          Feature Request: read SBOM from stdin · Issue #172 · spdx/tools-java