Products
List
To see exactly which products are covered by which CSAF advisory, run:
Input
bomnipotent_client product listOutput
[INFO]
╭────────────────────────────┬──────────────┬─────────────┬────────────────────────────┬────────────────┬────────────────────────────┬───────────╮
│ Full Product Name │ BOM Name │ BOM Version │ Vulnerability │ Status │ CSAF ID │ TLP │
├────────────────────────────┼──────────────┼─────────────┼────────────────────────────┼────────────────┼────────────────────────────┼───────────┤
│ Best Vendor's Your Project │ Your Project │ 1.0.0 │ GHSA-qg5g-gv98-5ffh │ known_affected │ ghsa-qg5g-gv98-5ffh_adviso │ TLP:AMBER │
│ v1.0.0 │ │ │ Rustls network-reachable p │ │ ry │ │
│ │ │ │ anic │ │ │ │
│ Best Vendor's Your Project │ Your Project │ 1.1.0 │ GHSA-qg5g-gv98-5ffh │ fixed │ ghsa-qg5g-gv98-5ffh_adviso │ TLP:AMBER │
│ v1.1.0 │ │ │ Rustls network-reachable p │ │ ry │ │
│ │ │ │ anic │ │ │ │
│ Best Vendor's Your Project │ Your Project │ 1.1.0 │ GHSA-qg5g-gv98-5ffh │ recommended │ ghsa-qg5g-gv98-5ffh_adviso │ TLP:AMBER │
│ v1.1.0 │ │ │ Rustls network-reachable p │ │ ry │ │
│ │ │ │ anic │ │ │ │
│ rustls Version 0.23.15 │ rustls │ 0.23.15 │ GHSA-qg5g-gv98-5ffh │ known_affected │ ghsa-qg5g-gv98-5ffh_adviso │ TLP:AMBER │
│ │ │ │ Rustls network-reachable p │ │ ry │ │
│ │ │ │ anic │ │ │ │
╰────────────────────────────┴──────────────┴─────────────┴────────────────────────────┴────────────────┴────────────────────────────┴───────────╯
The command accepts the optional filters “name”, “vulnerability”, “status” and “csaf”:
Input (long variant)
bomnipotent_client product list --status=known_affected --csaf="ghsa-qg5g-gv98-5ffh_advisory"Input (short variant)
bomnipotent_client product list -s known_affected -c "ghsa-qg5g-gv98-5ffh_advisory"Output
[INFO]
╭────────────────────────────┬──────────────┬─────────────┬────────────────────────────┬────────────────┬────────────────────────────┬───────────╮
│ Full Product Name │ BOM Name │ BOM Version │ Vulnerability │ Status │ CSAF ID │ TLP │
├────────────────────────────┼──────────────┼─────────────┼────────────────────────────┼────────────────┼────────────────────────────┼───────────┤
│ Best Vendor's Your Project │ Your Project │ 1.0.0 │ GHSA-qg5g-gv98-5ffh │ known_affected │ ghsa-qg5g-gv98-5ffh_adviso │ TLP:AMBER │
│ v1.0.0 │ │ │ Rustls network-reachable p │ │ ry │ │
│ │ │ │ anic │ │ │ │
│ rustls Version 0.23.15 │ rustls │ 0.23.15 │ GHSA-qg5g-gv98-5ffh │ known_affected │ ghsa-qg5g-gv98-5ffh_adviso │ TLP:AMBER │
│ │ │ │ Rustls network-reachable p │ │ ry │ │
│ │ │ │ anic │ │ │ │
╰────────────────────────────┴──────────────┴─────────────┴────────────────────────────┴────────────────┴────────────────────────────┴───────────╯
Existence
The "exist" subcommand checks how many entries on the server match some filters. It is available for all commands that accept the "list" subcommand, and accepts the same filters.
Depending on the output mode, the client prints:
- normal mode: a sentence including the number of found objects.
- code: The string "200" if at least one item was found, or "404" if none were found.
- raw: The number of entries that were found.
Input (long variant)
bomnipotent_client product exist --status=known_affectedInput (short variant)
bomnipotent_client product exist -s known_affectedOutput
[INFO] The server contains 2 product(s) matching the filters.
Analyze
Running the command “product analyze” and providing it with one or more filepaths to valid CSAF files displays the (combined) products covered by these documents:
Input (available since version 1.2.0)
bomnipotent_client product analyze /home/your_project/advisory.jsonOutput
[INFO]
╭────────────────────────────┬──────────────┬─────────────┬────────────────────────────┬────────────────┬────────────────────────────┬───────────╮
│ Full Product Name │ BOM Name │ BOM Version │ Vulnerability │ Status │ CSAF ID │ TLP │
├────────────────────────────┼──────────────┼─────────────┼────────────────────────────┼────────────────┼────────────────────────────┼───────────┤
│ Best Vendor's Your Project │ Your Project │ 1.0.0 │ GHSA-qg5g-gv98-5ffh │ known_affected │ ghsa-qg5g-gv98-5ffh_adviso │ TLP:AMBER │
│ v1.0.0 │ │ │ Rustls network-reachable p │ │ ry │ │
│ │ │ │ anic │ │ │ │
│ Best Vendor's Your Project │ Your Project │ 1.1.0 │ GHSA-qg5g-gv98-5ffh │ fixed │ ghsa-qg5g-gv98-5ffh_adviso │ TLP:AMBER │
│ v1.1.0 │ │ │ Rustls network-reachable p │ │ ry │ │
│ │ │ │ anic │ │ │ │
│ Best Vendor's Your Project │ Your Project │ 1.1.0 │ GHSA-qg5g-gv98-5ffh │ recommended │ ghsa-qg5g-gv98-5ffh_adviso │ TLP:AMBER │
│ v1.1.0 │ │ │ Rustls network-reachable p │ │ ry │ │
│ │ │ │ anic │ │ │ │
│ rustls Version 0.23.15 │ rustls │ 0.23.15 │ GHSA-qg5g-gv98-5ffh │ known_affected │ ghsa-qg5g-gv98-5ffh_adviso │ TLP:AMBER │
│ │ │ │ Rustls network-reachable p │ │ ry │ │
│ │ │ │ anic │ │ │ │
╰────────────────────────────┴──────────────┴─────────────┴────────────────────────────┴────────────────┴────────────────────────────┴───────────╯