anchore · wagoodman · Jan 15, 2025 · Dec 3, 2024 · Dec 18, 2024 · Dec 18, 2024
diff --git a/.github/scripts/json-schema-drift-check.sh b/.github/scripts/json-schema-drift-check.sh
@@ -0,0 +1,17 @@
+#!/usr/bin/env bash
+set -u
+
+if [ "$(git status --porcelain | wc -l)" -ne "0" ]; then
+  echo "  🔴 there are uncommitted changes, please commit them before running this check"
+  exit 1
+fi
+
+if ! make generate-json-schema; then
+  echo "Generating json schema failed"
+  exit 1
+fi
+
+if [ "$(git status --porcelain | wc -l)" -ne "0" ]; then
+  echo "  🔴 there are uncommitted changes, please commit them before running this check"
+  exit 1
+fi
diff --git a/.golangci.yaml b/.golangci.yaml
@@ -1,5 +1,6 @@
 issues:
   max-same-issues: 25
+  uniq-by-line: false
 
   # TODO: enable this when we have coverage on docstring comments
 #  # The list of ids of default excludes to include or disable.
@@ -49,8 +50,6 @@ linters-settings:
     # If lower than 0, disable the check.
     # Default: 40
     statements: 50
-output:
-  uniq-by-line: false
 run:
   timeout: 10m
 

diff --git a/Taskfile.yaml b/Taskfile.yaml
@@ -56,6 +56,7 @@ tasks:
       - task: check-go-mod-tidy
       - task: check-licenses
       - task: lint
+      - task: check-json-schema-drift
       - task: validate-cyclonedx-schema
 # TODO: while developing v6, we need to disable this check (since v5 and v6 are imported in the same codebase)
 #      - task: validate-grype-db-schema
@@ -171,6 +172,11 @@ tasks:
       - cmd: .github/scripts/go-mod-tidy-check.sh && echo "go.mod and go.sum are tidy!"
         silent: true
 
+  check-json-schema-drift:
+    desc: Ensure there is no drift between the JSON schema and the code
+    cmds:
+      - .github/scripts/json-schema-drift-check.sh
+
   validate-cyclonedx-schema:
     desc: Run integration tests
     cmds:
@@ -313,9 +319,17 @@ tasks:
   ## Code and data generation targets #################################
 
   generate:
-    desc: Run data generation tasks
+    desc: Run code and data generation tasks
+    cmds:
+      - task: generate-json-schema
+
+  generate-json-schema:
+    desc: Generate a new JSON schema
     cmds:
+      # re-generate package metadata
       - "cd grype/internal && go generate"
+      # generate the JSON schema for the CLI output
+      - "cd cmd/grype/cli/commands/internal/jsonschema && go run ."
 
 
   ## Build-related targets #################################

diff --git a/cmd/grype/cli/commands/db_check.go b/cmd/grype/cli/commands/db_check.go
@@ -38,7 +38,7 @@ func DBCheck(app clio.Application) *cobra.Command {
 
 	cmd := &cobra.Command{
 		Use:   "check",
-		Short: "check to see if there is a database update available",
+		Short: "Check to see if there is a database update available",
 		PreRunE: func(cmd *cobra.Command, args []string) error {
 			// DB commands should not opt into the low-pass check filter
 			opts.DB.MaxUpdateCheckFrequency = 0

diff --git a/cmd/grype/cli/commands/db_delete.go b/cmd/grype/cli/commands/db_delete.go
@@ -17,7 +17,7 @@ func DBDelete(app clio.Application) *cobra.Command {
 
 	cmd := &cobra.Command{
 		Use:     "delete",
-		Short:   "delete the vulnerability database",
+		Short:   "Delete the vulnerability database",
 		Args:    cobra.ExactArgs(0),
 		PreRunE: disableUI(app),
 		RunE: func(_ *cobra.Command, _ []string) error {

diff --git a/cmd/grype/cli/commands/db_diff.go b/cmd/grype/cli/commands/db_diff.go
@@ -35,7 +35,7 @@ func DBDiff(app clio.Application) *cobra.Command {
 
 	cmd := &cobra.Command{
 		Use:   "diff [flags] base_db_url target_db_url",
-		Short: "diff two DBs and display the result",
+		Short: "Diff two DBs and display the result",
 		Args:  cobra.MaximumNArgs(2),
 		RunE: func(_ *cobra.Command, args []string) (err error) {
 			var base, target string

diff --git a/cmd/grype/cli/commands/db_import.go b/cmd/grype/cli/commands/db_import.go
@@ -19,7 +19,7 @@ func DBImport(app clio.Application) *cobra.Command {
 
 	cmd := &cobra.Command{
 		Use:   "import FILE",
-		Short: "import a vulnerability database archive",
+		Short: "Import a vulnerability database archive",
 		Long:  fmt.Sprintf("import a vulnerability database archive from a local FILE.\nDB archives can be obtained from %q.", internal.DBUpdateURL),
 		Args:  cobra.ExactArgs(1),
 		RunE: func(_ *cobra.Command, args []string) error {

diff --git a/cmd/grype/cli/commands/db_list.go b/cmd/grype/cli/commands/db_list.go
@@ -34,7 +34,7 @@ func DBList(app clio.Application) *cobra.Command {
 
 	cmd := &cobra.Command{
 		Use:     "list",
-		Short:   "list all DBs available according to the listing URL",
+		Short:   "List all DBs available according to the listing URL",
 		PreRunE: disableUI(app),
 		Args:    cobra.ExactArgs(0),
 		RunE: func(_ *cobra.Command, _ []string) error {

diff --git a/cmd/grype/cli/commands/db_providers.go b/cmd/grype/cli/commands/db_providers.go
@@ -39,7 +39,7 @@ func DBProviders(app clio.Application) *cobra.Command {
 
 	cmd := &cobra.Command{
 		Use:   "providers",
-		Short: "list vulnerability database providers",
+		Short: "List vulnerability providers that are in the database",
 		Args:  cobra.ExactArgs(0),
 		RunE: func(_ *cobra.Command, _ []string) error {
 			return runDBProviders(opts, app)