export and scan command support default target

corneliusludmann · corneliusludmann · commit 8840cb9fc046 · 2025-04-30T13:18:15.000Z
diff --git a/cmd/sbom-export.go b/cmd/sbom-export.go
@@ -13,18 +13,20 @@ import (
 
 // sbomExportCmd represents the sbom export command
 var sbomExportCmd = &cobra.Command{
-	Use:   "export <package>",
+	Use:   "export [package]",
 	Short: "Exports the SBOM of a (previously built) package",
 	Long: `Exports the SBOM of a (previously built) package.
 	
 When used with --with-dependencies, it exports SBOMs for the package and all its dependencies
-to the specified output directory.`,
-	Args: cobra.MinimumNArgs(1),
+to the specified output directory.
+
+If no package is specified, the workspace's default target is used.`,
+	Args: cobra.MaximumNArgs(1),
 	Run: func(cmd *cobra.Command, args []string) {
 		// Get the package
 		_, pkg, _, _ := getTarget(args, false)
 		if pkg == nil {
-			log.Fatal("sbom export requires a package")
+			log.Fatal("sbom export requires a package or a default target in the workspace")
 		}
 
 		// Check if SBOM is enabled in workspace settings
diff --git a/cmd/sbom-scan.go b/cmd/sbom-scan.go
@@ -10,21 +10,23 @@ import (
 
 // sbomScanCmd represents the sbom scan command
 var sbomScanCmd = &cobra.Command{
-	Use:   "scan <package>",
+	Use:   "scan [package]",
 	Short: "Scans a package's SBOM for vulnerabilities",
 	Long: `Scans a package's SBOM for vulnerabilities and exports the results to a specified directory.
 	
 This command uses existing SBOM files from previously built packages. It checks if SBOM is enabled
 in the workspace settings. If not, it aborts. The scan results are exported to the directory
 specified by the --output-dir flag.
 
-When used with --with-dependencies, it scans the package and all its dependencies for vulnerabilities.`,
-	Args: cobra.MinimumNArgs(1),
+When used with --with-dependencies, it scans the package and all its dependencies for vulnerabilities.
+
+If no package is specified, the workspace's default target is used.`,
+	Args: cobra.MaximumNArgs(1),
 	Run: func(cmd *cobra.Command, args []string) {
 		// Get the package
 		_, pkg, _, _ := getTarget(args, false)
 		if pkg == nil {
-			log.Fatal("sbom scan requires a package")
+			log.Fatal("sbom scan requires a package or a default target in the workspace")
 		}
 
 		// Check if SBOM is enabled in workspace settings
diff --git a/cmd/sbom.go b/cmd/sbom.go
@@ -8,6 +8,10 @@ import (
 var sbomCmd = &cobra.Command{
 	Use:     "sbom <command>",
 	Short:   "Helpful commands for working with Software Bill of Materials (SBOM)",
+	Long:    `Helpful commands for working with Software Bill of Materials (SBOM).
+	
+The subcommands (export, scan) can be used with or without specifying a package.
+If no package is specified, the workspace's default target is used.`,
 	Args:    cobra.MinimumNArgs(1),
 }
 
