Add strict SBOM validation flag.

* trustier will only validate an SBOM with the CycloneDX Bom validator if strict is set to true.
devops-kung-fu · Oct 9, 2024 · 4ac8a7b · 4ac8a7b
1 parent e833dd7
commit 4ac8a7b
Showing 1 changed file with 5 additions and 1 deletion.
diff --git a/src/main.rs b/src/main.rs
@@ -33,6 +33,10 @@ struct Args {
     //Optional file name to write json output to
     #[arg(short, long, required = false)]
     output_file: Option<String>,
+
+    //Optional flag to enable strict SBOM validation
+    #[arg(short, long, default_value_t = false)]
+    strict: bool,
 }
 
 fn main() {
@@ -67,7 +71,7 @@ fn main() {
         }
     };
 
-    if !bom.validate().passed() {
+    if args.strict && !bom.validate().passed() {
         eprintln!("* Provided input is not a valid SBOM");
         return;
     }