fix(cli): disable --skip-dir and --skip-files flags for sbom command (#8886)

2026-01-31 13:53:14 +08:00 · 2025-05-19 18:58:19 +06:00
parent be8c7b796d
commit 69a5fa18ca
2 changed files with 2 additions and 2 deletions
--- a/docs/docs/references/configuration/cli/trivy_sbom.md
+++ b/docs/docs/references/configuration/cli/trivy_sbom.md
@@ -98,8 +98,6 @@ trivy sbom [flags] SBOM_PATH
                                        (default [UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL])
      --show-suppressed                [EXPERIMENTAL] show suppressed vulnerabilities
      --skip-db-update                 skip updating vulnerability database
-      --skip-dirs strings              specify the directories or glob patterns to skip
-      --skip-files strings             specify the files or glob patterns to skip
      --skip-java-db-update            skip updating Java index database
      --skip-vex-repo-update           [EXPERIMENTAL] Skip VEX Repository update
      --table-mode strings             [EXPERIMENTAL] tables that will be displayed in 'table' format (allowed values: summary,detailed) (default [summary,detailed])
--- a/pkg/commands/app.go
+++ b/pkg/commands/app.go
@@ -1169,6 +1169,8 @@ func NewSBOMCommand(globalFlags *flag.GlobalFlagGroup) *cobra.Command {
 	scanFlagGroup := flag.NewScanFlagGroup()
 	scanFlagGroup.Scanners = scanners // allow only 'vuln' and 'license' options for '--scanners'
 	scanFlagGroup.Parallel = nil      // disable '--parallel'
+	scanFlagGroup.SkipFiles = nil     // disable `--skip-files` since `sbom` command only supports scanning one file.
+	scanFlagGroup.SkipDirs = nil      // disable `--skip-dirs` since `sbom` command only supports scanning one file.

 	licenseFlagGroup := flag.NewLicenseFlagGroup()
 	// License full-scan and confidence-level are for file content only