This is an automated email from the ASF dual-hosted git repository.
arm pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tooling-trusted-releases.git
The following commit(s) were added to refs/heads/main by this push:
new c5082d5b #988 - add -- separator for sbomqs invocation
c5082d5b is described below
commit c5082d5b2a9fc260a34c271044e23d274f52c4fb
Author: Alastair McFarlane <[email protected]>
AuthorDate: Tue Mar 31 17:38:57 2026 +0100
#988 - add -- separator for sbomqs invocation
---
atr/sbom/sbomqs.py | 2 +-
atr/tasks/sbom.py | 3 ++-
2 files changed, 3 insertions(+), 2 deletions(-)
diff --git a/atr/sbom/sbomqs.py b/atr/sbom/sbomqs.py
index 3c0e89be..353200c8 100644
--- a/atr/sbom/sbomqs.py
+++ b/atr/sbom/sbomqs.py
@@ -27,7 +27,7 @@ from . import models
def total_score(value: pathlib.Path | str | yyjson.Document) -> float:
- args = ["sbomqs", "compliance", "--ntia", "--json"]
+ args = ["sbomqs", "compliance", "--ntia", "--json", "--"]
with tempfile.NamedTemporaryFile("w", encoding="utf-8", suffix=".json") as
tf:
match value:
case yyjson.Document():
diff --git a/atr/tasks/sbom.py b/atr/tasks/sbom.py
index 33657e7e..83b5e70e 100644
--- a/atr/tasks/sbom.py
+++ b/atr/tasks/sbom.py
@@ -253,8 +253,9 @@ async def score_qs(args: FileArgs) -> results.Results |
None:
proc = await asyncio.create_subprocess_exec(
"sbomqs",
"score",
- full_path.name,
"--json",
+ "--",
+ full_path.name,
cwd=str(full_path.parent),
stdout=asyncio.subprocess.PIPE,
stderr=asyncio.subprocess.PIPE,
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
